Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFA16/C554208035C911EAB4AFCB15C4F9AE02/21CF0A561ECE11EDB5A79A3FC4F9AE02.roa
File:                     21CF0A561ECE11EDB5A79A3FC4F9AE02.roa (raw, json)
Hash identifier:          eKIwqqhSKVy6hliTwX2reOAx5RTpoon/7rKxro6tzZ8=
Subject key identifier:   04:35:62:8D:38:F1:11:B4:8A:33:7B:E2:3F:AA:D4:7E:13:1F:AB:39
Certificate issuer:       /CN=A91AFA16/serialNumber=52FD1DE24DAF8DD5FC3AA0078B07732FC2747894
Certificate serial:       0A58
Authority key identifier: 52:FD:1D:E2:4D:AF:8D:D5:FC:3A:A0:07:8B:07:73:2F:C2:74:78:94
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uv0d4k2vjdX8OqAHiwdzL8J0eJQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AFA16/C554208035C911EAB4AFCB15C4F9AE02/21CF0A561ECE11EDB5A79A3FC4F9AE02.roa
Signing time:             Tue 06 Feb 2024 20:18:31 +0000
ROA not before:           Tue 06 Feb 2024 20:18:31 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     137575
IP address blocks:        103.146.194.0/23 maxlen: 23
                          103.146.194.0/24 maxlen: 24
                          103.146.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 01:44:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2648 (0xa58)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AFA16/serialNumber=52FD1DE24DAF8DD5FC3AA0078B07732FC2747894
        Validity
            Not Before: Feb  6 20:18:31 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65c29417-a895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b1:49:fc:26:e8:2b:58:be:16:93:8d:25:c1:
                    27:76:c4:20:b7:11:89:28:8d:47:4c:91:70:b6:cb:
                    9d:ed:2f:cf:83:16:42:ee:fe:de:e1:a0:91:79:9d:
                    80:a0:af:9b:a9:ea:c0:74:8b:8c:fc:ff:1e:9a:5b:
                    d6:86:ef:6f:3f:dc:1e:8b:63:f7:c7:8f:7a:2b:87:
                    1d:a0:5b:8f:70:ed:ab:97:0e:48:82:05:67:ef:85:
                    ca:ca:a9:c6:c0:58:b6:da:1f:26:a0:bb:d2:f4:22:
                    0d:92:a5:0a:36:df:78:5b:82:f2:31:90:0e:a5:f8:
                    e9:9b:fe:44:14:c2:05:08:53:00:cc:85:53:02:9e:
                    d0:80:e1:44:0d:81:6a:a3:10:00:de:01:ab:b0:79:
                    e2:4d:a8:c7:46:25:f6:e9:1b:1f:e3:98:ad:24:a6:
                    a5:a3:5b:a2:7f:02:8b:53:ff:b3:2e:b0:c8:03:d2:
                    ee:45:6a:c0:d4:bd:15:8a:8c:ce:99:f4:19:a7:9d:
                    55:ea:3d:4f:67:f5:6a:95:26:dd:eb:f9:80:12:fe:
                    25:f2:48:66:59:10:bc:5f:04:0d:29:76:65:4f:a9:
                    8c:68:0a:e2:00:3e:29:6c:e0:7b:f4:41:3c:19:80:
                    b9:75:d5:a0:d9:00:f5:ef:a4:f3:fa:69:79:76:83:
                    81:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:35:62:8D:38:F1:11:B4:8A:33:7B:E2:3F:AA:D4:7E:13:1F:AB:39
            X509v3 Authority Key Identifier:
                keyid:52:FD:1D:E2:4D:AF:8D:D5:FC:3A:A0:07:8B:07:73:2F:C2:74:78:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AFA16/C554208035C911EAB4AFCB15C4F9AE02/Uv0d4k2vjdX8OqAHiwdzL8J0eJQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uv0d4k2vjdX8OqAHiwdzL8J0eJQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFA16/C554208035C911EAB4AFCB15C4F9AE02/21CF0A561ECE11EDB5A79A3FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.146.194.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:00:84:91:6c:4c:a6:06:b2:b5:9f:24:c3:c5:a6:15:72:95:
         7c:7e:eb:ed:45:90:d7:f4:ac:7d:d5:b4:a6:52:58:a1:3a:18:
         61:51:e2:d6:f6:34:4d:73:36:ea:92:64:3b:e8:57:81:ad:69:
         7f:2c:2f:ae:34:6e:17:77:2b:cf:ea:66:32:3b:03:2f:98:a4:
         80:cc:bf:4a:9f:ca:9c:a6:85:4f:cd:b9:10:d1:0b:58:1c:5a:
         56:67:d0:d1:d1:e7:6c:cf:cc:51:44:c3:b3:45:d2:a2:b8:ef:
         10:91:20:80:4e:4b:61:c2:f0:85:fc:b6:3f:1c:51:86:a5:9b:
         2e:1a:bd:66:1c:6a:2b:b0:26:ea:34:af:17:19:1f:f4:dc:f9:
         4e:df:10:63:7d:ff:93:50:fc:62:33:a4:a4:a6:5b:9b:e1:fc:
         b0:23:5f:52:0c:74:8e:84:1c:78:76:a0:cd:5b:09:99:a4:79:
         4f:59:14:28:e5:df:2a:26:b9:78:d8:f4:6c:82:58:12:b4:56:
         67:6a:ba:6a:99:77:38:04:e0:1a:09:6a:bf:98:30:de:60:04:
         e1:d9:3a:00:9e:41:48:d5:54:c1:03:b6:2a:94:db:90:1d:0f:
         29:4e:18:f3:31:e0:75:af:a3:e4:8d:8b:f8:e2:74:9f:81:f6:
         9b:ee:a1:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICClgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZBMTYxMTAvBgNVBAUTKDUyRkQxREUyNERBRjhERDVGQzNBQTAwNzhCMDc3MzJG
QzI3NDc4OTQwHhcNMjQwMjA2MjAxODMxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMyOTQxNy1hODk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq7FJ/CboK1i+FpONJcEndsQgtxGJKI1HTJFwtsud7S/PgxZC7v7e4aCReZ2A
oK+bqerAdIuM/P8emlvWhu9vP9wei2P3x496K4cdoFuPcO2rlw5IggVn74XKyqnG
wFi22h8moLvS9CINkqUKNt94W4LyMZAOpfjpm/5EFMIFCFMAzIVTAp7QgOFEDYFq
oxAA3gGrsHniTajHRiX26Rsf45itJKalo1uifwKLU/+zLrDIA9LuRWrA1L0ViozO
mfQZp51V6j1PZ/VqlSbd6/mAEv4l8khmWRC8XwQNKXZlT6mMaAriAD4pbOB79EE8
GYC5ddWg2QD176Tz+ml5doOBHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAQ1Yo04
8RG0ijN74j+q1H4TH6s5MB8GA1UdIwQYMBaAFFL9HeJNr43V/DqgB4sHcy/CdHiU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkExNi9DNTU0MjA4MDM1
QzkxMUVBQjRBRkNCMTVDNEY5QUUwMi9VdjBkNGsydmpkWDhPcUFIaXdkekw4SjBl
SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V2MGQ0azJ2amRYOE9xQUhpd2R6TDhKMGVKUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZBMTYvQzU1NDIwODAzNUM5MTFFQUI0QUZDQjE1QzRGOUFFMDIvMjFDRjBBNTYx
RUNFMTFFREI1QTc5QTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnksIwDQYJKoZIhvcNAQELBQADggEBAIMAhJFsTKYGsrWf
JMPFphVylXx+6+1FkNf0rH3VtKZSWKE6GGFR4tb2NE1zNuqSZDvoV4GtaX8sL640
bhd3K8/qZjI7Ay+YpIDMv0qfypymhU/NuRDRC1gcWlZn0NHR52zPzFFEw7NF0qK4
7xCRIIBOS2HC8IX8tj8cUYalmy4avWYcaiuwJuo0rxcZH/Tc+U7fEGN9/5NQ/GIz
pKSmW5vh/LAjX1IMdI6EHHh2oM1bCZmkeU9ZFCjl3yomuXjY9GyCWBK0VmdqumqZ
dzgE4BoJar+YMN5gBOHZOgCeQUjVVMEDtiqU25AdDylOGPMx4HWvo+SNi/jidJ+B
9pvuocQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org