Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/B6EEF29EDA2111EE95A10284C4F9AE02.roa
File:                     B6EEF29EDA2111EE95A10284C4F9AE02.roa (raw, json)
Hash identifier:          /qwcHT9U61UWso2WEdV9gHi/DnaFUr1jhNnirvx83H8=
Subject key identifier:   D8:E0:EE:3E:64:26:61:DC:B3:92:8E:55:7E:91:05:01:85:22:4A:F6
Certificate issuer:       /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial:       03D6
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/B6EEF29EDA2111EE95A10284C4F9AE02.roa
Signing time:             Mon 04 Mar 2024 12:21:23 +0000
ROA not before:           Mon 04 Mar 2024 12:21:23 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        103.120.129.0/24 maxlen: 24
                          103.134.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 11:59:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 982 (0x3d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
        Validity
            Not Before: Mar  4 12:21:23 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=65e5bcc3-4be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9f:08:3a:68:ad:19:29:95:53:d7:9c:9f:b8:
                    58:6e:64:57:9d:93:de:69:f0:0f:2d:b1:b6:30:37:
                    7c:5f:bf:a6:38:69:62:82:a7:ab:e9:71:b7:d6:ed:
                    19:c3:06:87:9a:47:26:29:d2:3f:94:52:c5:cf:8e:
                    80:6c:eb:9d:99:51:26:e6:38:b1:e7:d7:31:fb:03:
                    fa:7e:7b:b7:46:b8:26:46:44:3a:35:c0:24:6b:7b:
                    5e:00:1b:c6:df:26:4f:b8:88:61:43:e1:da:50:78:
                    7b:1f:f3:fb:b3:5a:14:b1:97:f7:43:85:f9:2c:8e:
                    7c:d9:7b:e1:dd:b9:14:e6:53:4e:e7:3d:91:13:f5:
                    10:eb:5d:d8:fc:97:30:cb:44:b3:10:a3:92:40:2e:
                    e9:48:1f:3b:b2:d3:83:e4:8a:a2:c4:a5:f7:1f:97:
                    1a:cb:9e:f1:5c:01:49:27:a9:cf:2c:63:c9:e5:ea:
                    ad:f0:1f:a0:b7:d5:a7:01:38:a1:a6:bc:9c:b0:c9:
                    91:1d:a7:62:30:46:0f:20:89:53:c7:81:0c:08:05:
                    1e:1b:a9:21:b5:26:4c:ac:e7:a3:5f:ee:7d:23:aa:
                    a9:b9:68:15:88:b0:c7:1c:7c:3f:fc:39:ed:3c:3c:
                    5b:c0:21:1a:c3:81:fa:a8:26:6c:69:69:17:55:80:
                    31:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E0:EE:3E:64:26:61:DC:B3:92:8E:55:7E:91:05:01:85:22:4A:F6
            X509v3 Authority Key Identifier:
                keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/B6EEF29EDA2111EE95A10284C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.120.129.0/24
                  103.134.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:78:58:41:2a:7e:69:3a:f4:21:31:49:e4:d5:84:ed:9a:a4:
         33:03:ff:55:ba:04:26:03:f2:d5:70:9f:69:5d:b5:61:4f:a2:
         5f:d0:d1:8d:29:b8:70:af:cb:1b:ba:5e:fd:69:e8:ae:bb:8c:
         74:6a:de:5d:54:58:bd:ef:14:d8:05:8f:57:ff:ca:a6:87:fd:
         c7:17:39:13:43:2f:ff:bc:4f:ab:55:4a:01:96:1d:5d:8c:cf:
         f4:84:de:f9:31:8c:10:f3:47:93:9f:ac:0f:24:4c:c1:8e:56:
         95:f4:4f:55:42:b1:9a:7b:76:e0:14:9e:64:61:47:bb:6e:45:
         2f:74:24:f4:63:eb:da:96:88:42:20:d9:cc:6e:4d:18:31:77:
         58:1c:07:76:ea:7d:46:eb:28:51:02:7c:c8:7e:82:a6:f8:7b:
         6a:58:0c:f1:e1:16:c7:c8:06:04:8a:57:81:e8:53:a2:65:73:
         45:a9:f6:7a:25:b1:2b:af:4b:17:c4:60:b8:9d:d8:65:03:ed:
         ca:85:d8:34:b3:f0:34:bf:bd:ae:ee:f3:6e:23:48:b9:31:85:
         a4:25:d1:1a:89:b0:89:0d:c4:1f:98:8a:b8:b6:88:3d:75:15:
         1a:77:ab:a2:b5:82:cc:ae:01:00:e4:8a:b9:fa:fd:ce:30:0b:
         4a:b4:61:71
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDOUIxMTAvBgNVBAUTKDQ5NDIwMkIwMzFFOUY0Mjc2NDMxNTdBMDZFRkFBNEMw
NzBDN0YzRUQwHhcNMjQwMzA0MTIyMTIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU1YmNjMy00YmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA058IOmitGSmVU9ecn7hYbmRXnZPeafAPLbG2MDd8X7+mOGligqer6XG31u0Z
wwaHmkcmKdI/lFLFz46AbOudmVEm5jix59cx+wP6fnu3RrgmRkQ6NcAka3teABvG
3yZPuIhhQ+HaUHh7H/P7s1oUsZf3Q4X5LI582Xvh3bkU5lNO5z2RE/UQ613Y/Jcw
y0SzEKOSQC7pSB87stOD5IqixKX3H5cay57xXAFJJ6nPLGPJ5eqt8B+gt9WnATih
prycsMmRHadiMEYPIIlTx4EMCAUeG6khtSZMrOejX+59I6qpuWgViLDHHHw//Dnt
PDxbwCEaw4H6qCZsaWkXVYAxQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNjg7j5k
JmHcs5KOVX6RBQGFIkr2MB8GA1UdIwQYMBaAFElCArAx6fQnZDFXoG76pMBwx/Pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM5Qi9BNDZFOTg5QTMy
MkIxMUVDOTdGOENGN0NDNEY5QUUwMi9TVUlDc0RIcDlDZGtNVmVnYnZxa3dIREg4
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDOUIvQTQ2RTk4OUEzMjJCMTFFQzk3RjhDRjdDQzRGOUFFMDIvQjZFRUYyOUVE
QTIxMTFFRTk1QTEwMjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABneIEDBABnhkowDQYJKoZIhvcNAQELBQADggEBAH54WEEq
fmk69CExSeTVhO2apDMD/1W6BCYD8tVwn2ldtWFPol/Q0Y0puHCvyxu6Xv1p6K67
jHRq3l1UWL3vFNgFj1f/yqaH/ccXORNDL/+8T6tVSgGWHV2Mz/SE3vkxjBDzR5Of
rA8kTMGOVpX0T1VCsZp7duAUnmRhR7tuRS90JPRj69qWiEIg2cxuTRgxd1gcB3bq
fUbrKFECfMh+gqb4e2pYDPHhFsfIBgSKV4HoU6Jlc0Wp9nolsSuvSxfEYLid2GUD
7cqF2DSz8DS/va7u824jSLkxhaQl0RqJsIkNxB+Yiri2iD11FRp3q6K1gsyuAQDk
irn6/c4wC0q0YXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org