Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/6DF2EF1A4A3411ED8523151BC4F9AE02.roa
File:                     6DF2EF1A4A3411ED8523151BC4F9AE02.roa (raw, json)
Hash identifier:          rKu5P/dZn5K2grrJn8pRrFKNalUkL4kGoQzjtM5Tawo=
Subject key identifier:   E7:F0:C7:EE:FD:18:83:E6:67:A4:37:23:42:31:0D:F6:7E:CE:9C:16
Certificate issuer:       /CN=A91BF905/serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C
Certificate serial:       09FE
Authority key identifier: 21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/6DF2EF1A4A3411ED8523151BC4F9AE02.roa
Signing time:             Sun 04 Feb 2024 20:38:21 +0000
ROA not before:           Sun 04 Feb 2024 20:38:21 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     138556
IP address blocks:        103.132.224.0/24 maxlen: 24
                          103.132.225.0/24 maxlen: 24
                          103.132.226.0/24 maxlen: 24
                          103.132.227.0/24 maxlen: 24
                          2404:4140::/32 maxlen: 32
                          2404:4140::/36 maxlen: 36
                          2404:4140:1000::/36 maxlen: 36
                          2404:4140:2000::/36 maxlen: 36
                          2404:4140:3000::/36 maxlen: 36
                          2404:4140:4000::/36 maxlen: 36
                          2404:4140:5000::/36 maxlen: 36
                          2404:4140:6000::/36 maxlen: 36
                          2404:4140:7000::/36 maxlen: 36
                          2404:4140:8000::/36 maxlen: 36
                          2404:4140:9000::/36 maxlen: 36
                          2404:4140:a000::/36 maxlen: 36
                          2404:4140:b000::/36 maxlen: 36
                          2404:4140:c000::/36 maxlen: 36
                          2404:4140:d000::/36 maxlen: 36
                          2404:4140:e000::/36 maxlen: 36
                          2404:4140:f000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Tue 01 Oct 2024 18:05:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2558 (0x9fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BF905/serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C
        Validity
            Not Before: Feb  4 20:38:21 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65bff5bd-9e3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:50:b3:59:78:41:25:32:a8:51:fc:2b:a2:b5:
                    39:f8:d5:6d:69:1f:a7:9a:21:13:97:33:d4:02:8f:
                    ae:43:19:b5:07:cd:2d:41:4d:98:c6:85:28:cd:b6:
                    12:52:3e:c2:30:ba:84:c4:1a:f4:92:d5:54:5b:ce:
                    3c:c5:55:96:cf:f8:c3:a7:62:72:d6:ad:79:cc:cf:
                    e7:34:fd:ed:3e:db:ea:17:29:82:c5:17:8d:00:8b:
                    15:07:1b:63:29:50:b2:d5:90:41:a9:ca:b5:f3:f2:
                    d0:3c:55:a1:0b:07:8e:f7:56:d5:ef:59:b2:60:02:
                    9b:2b:a9:df:85:69:d3:21:2d:fd:90:9a:23:3b:e3:
                    93:7c:06:13:6f:db:de:39:0e:55:0d:8c:90:40:ad:
                    67:cc:66:5e:35:4e:3f:58:d0:e8:e6:a6:3e:db:80:
                    36:74:b9:02:56:d3:1e:ed:26:bd:c7:39:5f:b0:4d:
                    7e:c8:c8:39:8f:79:f6:64:70:e7:ba:37:10:26:4e:
                    be:b9:6d:68:28:c7:0d:ff:79:de:3e:f4:74:ee:d0:
                    f2:54:94:51:81:9b:f1:df:1f:a1:1f:fe:9a:17:af:
                    6e:38:d5:26:54:b2:d6:88:9d:fb:6c:bd:b9:3a:b2:
                    46:e2:ee:55:c0:e2:34:52:e0:0c:5c:1c:11:de:a5:
                    bf:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F0:C7:EE:FD:18:83:E6:67:A4:37:23:42:31:0D:F6:7E:CE:9C:16
            X509v3 Authority Key Identifier:
                keyid:21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/6DF2EF1A4A3411ED8523151BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.132.224.0/22
                IPv6:
                  2404:4140::/32

    Signature Algorithm: sha256WithRSAEncryption
         a3:b9:97:d7:5f:ab:d5:9a:af:3a:60:34:08:58:58:61:bd:1a:
         18:18:47:e7:b2:e2:ab:24:fc:11:fe:3c:18:6b:e6:1e:f1:b5:
         6a:6f:99:c9:65:a6:a0:82:8e:b3:c3:cf:ef:a6:e9:7d:0c:ee:
         d8:fc:6a:1b:05:5e:3d:4b:71:e9:a5:5f:d7:0d:04:c3:3e:b3:
         39:5e:20:65:7b:bb:95:18:60:95:b6:90:eb:5a:a6:7f:fb:1f:
         d1:79:16:e5:8d:18:2c:a6:43:f4:09:89:9d:67:dc:ca:0f:bf:
         c0:3a:5d:8b:be:1c:65:8b:0f:21:c0:ba:0c:87:cf:af:89:ed:
         61:cd:32:26:e3:2f:63:90:1a:28:19:58:24:c5:58:80:c0:4e:
         0d:d0:9a:d8:68:53:6d:e6:bc:30:67:8b:ee:35:0f:12:f6:e8:
         96:28:fe:2c:8c:d9:00:dc:fd:19:d3:24:aa:a9:1c:ce:65:e7:
         e6:99:3b:a8:a6:80:3e:c0:c7:95:e1:be:64:68:7f:73:08:e8:
         b8:ed:0f:40:32:69:7f:61:56:39:1e:1c:13:dd:38:f7:06:b5:
         0d:b8:83:60:35:2b:a9:53:22:e0:bc:7d:43:74:78:e3:bf:98:
         76:f6:a6:45:02:f0:a1:f5:76:64:eb:a5:6c:a1:af:53:dd:a7:
         4c:68:5b:8c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY5MDUxMTAvBgNVBAUTKDIxQTQ3RkZGQzgxQTEzMzM1QzA3QjkyNjA1QTJEREZE
MTgwN0ExNEMwHhcNMjQwMjA0MjAzODIxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJmZjViZC05ZTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8FCzWXhBJTKoUfwrorU5+NVtaR+nmiETlzPUAo+uQxm1B80tQU2YxoUozbYS
Uj7CMLqExBr0ktVUW848xVWWz/jDp2Jy1q15zM/nNP3tPtvqFymCxReNAIsVBxtj
KVCy1ZBBqcq18/LQPFWhCweO91bV71myYAKbK6nfhWnTIS39kJojO+OTfAYTb9ve
OQ5VDYyQQK1nzGZeNU4/WNDo5qY+24A2dLkCVtMe7Sa9xzlfsE1+yMg5j3n2ZHDn
ujcQJk6+uW1oKMcN/3nePvR07tDyVJRRgZvx3x+hH/6aF69uONUmVLLWiJ37bL25
OrJG4u5VwOI0UuAMXBwR3qW/VwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOfwx+79
GIPmZ6Q3I0IxDfZ+zpwWMB8GA1UdIwQYMBaAFCGkf//IGhMzXAe5JgWi3f0YB6FM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjkwNS8xRkE3QzQ2QzQ4
RDMxMUVBOEFBRTQ2NjhDNEY5QUUwMi9JYVJfXzhnYUV6TmNCN2ttQmFMZF9SZ0hv
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lhUl9fOGdhRXpOY0I3a21CYUxkX1JnSG9Vdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY5MDUvMUZBN0M0NkM0OEQzMTFFQThBQUU0NjY4QzRGOUFFMDIvNkRGMkVGMUE0
QTM0MTFFRDg1MjMxNTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhOAwDQQCAAIwBwMFACQEQUAwDQYJKoZIhvcNAQELBQAD
ggEBAKO5l9dfq9WarzpgNAhYWGG9GhgYR+ey4qsk/BH+PBhr5h7xtWpvmcllpqCC
jrPDz++m6X0M7tj8ahsFXj1LcemlX9cNBMM+szleIGV7u5UYYJW2kOtapn/7H9F5
FuWNGCymQ/QJiZ1n3MoPv8A6XYu+HGWLDyHAugyHz6+J7WHNMibjL2OQGigZWCTF
WIDATg3QmthoU23mvDBni+41DxL26JYo/iyM2QDc/RnTJKqpHM5l5+aZO6imgD7A
x5XhvmRof3MI6LjtD0AyaX9hVjkeHBPdOPcGtQ24g2A1K6lTIuC8fUN0eOO/mHb2
pkUC8KH1dmTrpWyhr1Pdp0xoW4w=
-----END CERTIFICATE-----
Generated at Tue Oct 1 20:01:19 2024 by rpki-client on console-fra.rpki-client.org