Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/C3532094037811EEB6D5D751C4F9AE02.roa
File:                     C3532094037811EEB6D5D751C4F9AE02.roa (raw, json)
Hash identifier:          PJetukKAvlK2l2jRbd+SZtgB44vdPwv2TiIIaaZCHm8=
Subject key identifier:   7D:BA:54:23:74:4D:CC:92:C2:B1:EE:7E:09:32:81:C4:AB:A1:FE:EB
Certificate issuer:       /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04
Certificate serial:       0A
Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/C3532094037811EEB6D5D751C4F9AE02.roa
Signing time:             Mon 05 Jun 2023 11:20:49 +0000
ROA not before:           Mon 05 Jun 2023 11:20:49 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     151391
IP address blocks:        103.213.36.0/23 maxlen: 23
                          103.213.36.0/24 maxlen: 24
                          103.213.37.0/24 maxlen: 24
                          2401:5e0::/32 maxlen: 32
                          2401:5e0::/36 maxlen: 36
                          2401:5e0:1000::/36 maxlen: 36
                          2401:5e0:1000::/48 maxlen: 48
                          2401:5e0:1001::/48 maxlen: 48
                          2401:5e0:1002::/48 maxlen: 48
                          2401:5e0:1003::/48 maxlen: 48
                          2401:5e0:1004::/48 maxlen: 48
                          2401:5e0:2000::/36 maxlen: 36
                          2401:5e0:3000::/36 maxlen: 36
                          2401:5e0:4000::/36 maxlen: 36
                          2401:5e0:5000::/36 maxlen: 36
                          2401:5e0:6000::/36 maxlen: 36
                          2401:5e0:7000::/36 maxlen: 36
                          2401:5e0:8000::/36 maxlen: 36
                          2401:5e0:9000::/36 maxlen: 36
                          2401:5e0:a000::/36 maxlen: 36
                          2401:5e0:b000::/36 maxlen: 36
                          2401:5e0:c000::/36 maxlen: 36
                          2401:5e0:d000::/36 maxlen: 36
                          2401:5e0:e000::/36 maxlen: 36
                          2401:5e0:f000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 11:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04
        Validity
            Not Before: Jun  5 11:20:49 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=647dc511-9001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c6:5e:8e:71:f1:4d:6f:fb:eb:a3:82:6e:fe:
                    1c:57:81:94:a1:83:27:b1:ea:0a:04:a0:7a:d6:2e:
                    bd:a2:77:4b:f5:1e:de:bf:a0:58:c7:65:69:8b:eb:
                    2b:4a:39:7f:c2:48:18:ad:e5:95:37:d2:99:67:87:
                    37:6d:a5:78:68:92:02:d3:ba:3b:0c:19:53:b9:18:
                    5e:2e:d8:de:4a:a3:24:80:27:7b:ac:ac:50:36:66:
                    e8:9f:4e:52:5f:21:9b:12:61:c5:1c:3c:e1:ac:bb:
                    39:70:31:ed:ce:d1:c4:a9:3f:68:72:2a:2a:88:c6:
                    7c:69:14:dc:0d:17:de:7b:3b:4f:9b:0f:5c:71:63:
                    f2:e5:fd:fd:fd:23:95:98:c6:73:0d:f6:8f:b3:50:
                    f8:3d:d7:ca:f3:f6:29:62:c0:19:b3:3d:67:99:cf:
                    aa:c9:03:0a:79:6f:cf:4d:99:6b:82:cf:d9:ab:2a:
                    e1:be:1e:5c:49:0d:bd:84:bf:a0:f6:1b:d9:8e:4d:
                    5c:93:6e:3a:18:d1:c5:41:89:d6:db:ff:f3:56:27:
                    6f:7f:67:61:75:87:df:db:bf:32:d4:de:e9:58:5f:
                    ad:62:0e:46:1c:2b:c1:db:f9:6d:3e:a5:f3:0d:ae:
                    09:95:82:15:a9:d7:b8:e7:7d:c5:ad:36:8d:ce:3e:
                    c5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:BA:54:23:74:4D:CC:92:C2:B1:EE:7E:09:32:81:C4:AB:A1:FE:EB
            X509v3 Authority Key Identifier:
                keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/C3532094037811EEB6D5D751C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.213.36.0/23
                IPv6:
                  2401:5e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:e4:1b:7d:0e:71:80:19:5f:ec:66:28:22:87:bb:38:50:f7:
         a3:d7:a1:c4:67:82:b9:ba:b2:41:12:5c:4e:1a:c5:2c:e7:45:
         e2:ef:d6:8c:6f:59:88:bb:0f:e8:3f:97:0e:52:50:6e:04:91:
         5a:7f:0a:98:f2:9e:a3:2c:06:d9:85:36:b2:7b:bc:eb:25:b7:
         b3:2c:09:40:00:65:6e:d3:b1:6a:be:dd:32:0d:aa:cb:ca:20:
         88:a1:bc:ca:35:df:9d:45:d0:61:a3:59:d3:ff:43:a7:39:79:
         35:08:f9:9c:8c:f0:25:1f:a4:dd:68:ff:08:15:3f:a1:9c:f4:
         79:42:d5:05:0d:61:f7:f7:cf:c8:27:0d:eb:69:d4:16:c3:d8:
         bb:ab:36:ba:6d:54:f3:ec:2d:fb:e3:c3:7e:1a:1b:16:5a:f8:
         46:ee:c6:ab:61:04:bc:87:5e:52:2f:f4:78:62:18:63:44:0c:
         6f:32:ec:4d:fb:2e:f2:71:10:28:25:95:88:ef:03:38:e8:d7:
         ce:5f:ea:c3:ee:a9:06:ea:92:77:ee:3f:62:94:54:69:67:f9:
         10:65:cf:10:9b:e8:92:6e:dc:da:a6:b6:a2:91:f0:e1:d4:9f:
         5c:c0:b0:40:1e:7e:d0:4c:72:be:a9:0a:81:e2:27:10:e4:51:
         1a:a1:b8:9f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QjRDMjExMC8GA1UEBRMoREMyM0E2OUVBMUVGQzFBMzc5NDkyQzEzRTlBQzE0N0M0
OUY1QUQwNDAeFw0yMzA2MDUxMTIwNDlaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0N2RjNTExLTkwMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlxl6OcfFNb/vro4Ju/hxXgZShgyex6goEoHrWLr2id0v1Ht6/oFjHZWmL6ytK
OX/CSBit5ZU30plnhzdtpXhokgLTujsMGVO5GF4u2N5KoySAJ3usrFA2ZuifTlJf
IZsSYcUcPOGsuzlwMe3O0cSpP2hyKiqIxnxpFNwNF957O0+bD1xxY/Ll/f39I5WY
xnMN9o+zUPg918rz9iliwBmzPWeZz6rJAwp5b89NmWuCz9mrKuG+HlxJDb2Ev6D2
G9mOTVyTbjoY0cVBidbb//NWJ29/Z2F1h9/bvzLU3ulYX61iDkYcK8Hb+W0+pfMN
rgmVghWp17jnfcWtNo3OPsXxAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUfbpUI3RN
zJLCse5+CTKBxKuh/uswHwYDVR0jBBgwFoAU3COmnqHvwaN5SSwT6awUfEn1rQQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCNEMyL0IxN0U5NUQ2MDM3
MDExRUU5QkI2MkMyRkM0RjlBRTAyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJR
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvM0NPbW5xSHZ3YU41U1N3VDZhd1VmRW4xclFRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi9DMzUzMjA5NDAz
NzgxMUVFQjZENUQ3NTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfVJDANBAIAAjAHAwUAJAEF4DANBgkqhkiG9w0BAQsFAAOC
AQEAn+QbfQ5xgBlf7GYoIoe7OFD3o9ehxGeCubqyQRJcThrFLOdF4u/WjG9ZiLsP
6D+XDlJQbgSRWn8KmPKeoywG2YU2snu86yW3sywJQABlbtOxar7dMg2qy8ogiKG8
yjXfnUXQYaNZ0/9Dpzl5NQj5nIzwJR+k3Wj/CBU/oZz0eULVBQ1h9/fPyCcN62nU
FsPYu6s2um1U8+wt++PDfhobFlr4Ru7Gq2EEvIdeUi/0eGIYY0QMbzLsTfsu8nEQ
KCWViO8DOOjXzl/qw+6pBuqSd+4/YpRUaWf5EGXPEJvokm7c2qa2opHw4dSfXMCw
QB5+0ExyvqkKgeInEORRGqG4nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org