Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/BFAAF1040CA711EFA621777FC4F9AE02.roa
File:                     BFAAF1040CA711EFA621777FC4F9AE02.roa (raw, json)
Hash identifier:          mPob6hoAKgeHHv0AuDMeV4TSo9ycKUuN6o3X1/CTcTw=
Subject key identifier:   9D:1D:C1:7E:37:8F:88:2B:B3:E0:4B:E6:BD:A3:A1:22:76:8E:2F:1E
Certificate issuer:       /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial:       0879
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/BFAAF1040CA711EFA621777FC4F9AE02.roa
Signing time:             Tue 07 May 2024 19:26:49 +0000
ROA not before:           Tue 07 May 2024 19:26:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        103.112.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 May 2024 11:15:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2169 (0x879)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
        Validity
            Not Before: May  7 19:26:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=663a8078-1e06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:bf:c4:a4:d4:dc:f9:7a:65:2b:e7:25:9a:2a:
                    e7:38:8c:a3:bb:a1:7a:d2:a5:fa:95:37:68:1b:fa:
                    03:c3:92:e0:70:0f:46:f0:95:d3:0d:dc:a2:f9:39:
                    81:d5:a1:b0:92:ed:86:b3:7c:d5:53:c7:75:07:70:
                    ad:ca:57:89:3f:42:6b:87:ce:9b:05:5a:43:22:2b:
                    b6:7c:20:c7:ed:9c:b3:e3:f3:5a:bc:5e:64:50:76:
                    58:d5:40:cd:3b:13:89:18:e7:28:28:fe:d2:5e:52:
                    f5:ae:f4:d5:05:e1:2b:97:84:d6:65:87:1f:66:a0:
                    36:ac:03:be:62:9e:8e:20:e4:e6:4c:84:f2:4a:17:
                    a1:ab:49:d5:a9:d3:3d:c5:91:c3:c4:69:da:39:ff:
                    5b:e1:01:aa:31:0a:8c:75:b8:6c:08:21:62:83:31:
                    12:e9:25:08:b1:fb:41:6a:9a:2f:dc:5d:a9:44:e0:
                    ca:28:89:11:da:a3:29:10:c6:bd:80:b8:d0:e9:4c:
                    6b:fb:f3:ca:99:bb:f0:66:2f:b9:0b:fa:43:f2:06:
                    e8:0a:d6:32:ed:e0:21:31:12:3a:70:1b:e9:e9:76:
                    3f:92:d3:37:99:28:85:7c:67:01:8b:89:3b:b9:bb:
                    35:55:96:d1:71:28:a0:47:81:3e:46:d9:50:85:3b:
                    c6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:1D:C1:7E:37:8F:88:2B:B3:E0:4B:E6:BD:A3:A1:22:76:8E:2F:1E
            X509v3 Authority Key Identifier:
                keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/BFAAF1040CA711EFA621777FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:e8:22:35:94:98:e2:3e:83:ce:bd:19:0f:d9:f9:ff:cc:f1:
         95:82:32:01:53:c1:9e:20:ce:80:53:82:8a:07:84:9a:f7:71:
         79:fc:b7:4d:af:03:e1:26:ea:8c:93:b9:e3:4f:8e:cb:66:7d:
         67:ef:78:11:91:3e:cf:6e:24:2f:29:26:4e:7d:73:7c:20:6c:
         95:53:84:9b:8d:b4:23:53:bd:10:c2:9f:17:ad:48:dc:fa:29:
         86:42:9e:45:75:0c:77:52:88:68:f8:25:c8:f0:91:cc:c4:df:
         b8:2a:a6:05:38:e4:fa:e8:f5:bb:e7:93:47:59:b6:1e:60:bf:
         47:85:96:94:ea:68:84:2f:6c:13:4f:54:05:be:94:bd:bf:aa:
         31:31:65:71:05:1a:2b:a2:d1:3d:e8:05:11:45:0b:6f:d7:71:
         5f:d9:dd:db:06:08:ec:74:37:05:3d:3f:8a:53:e4:60:95:f7:
         96:b8:42:73:d0:a9:42:c9:bf:e6:15:7b:a8:90:89:3b:a9:81:
         12:40:39:bb:3c:48:d6:d0:f8:0e:4c:0a:45:47:70:0b:98:cc:
         4a:42:57:50:e1:91:8e:e6:ba:29:c7:f8:97:ed:c7:1e:d0:83:
         1b:cc:79:56:cf:0e:cd:0b:a0:79:8e:1c:3d:a1:f9:9d:9f:7d:
         1d:ba:a1:73
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjQwNTA3MTkyNjQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNhODA3OC0xZTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6L/EpNTc+XplK+clmirnOIyju6F60qX6lTdoG/oDw5LgcA9G8JXTDdyi+TmB
1aGwku2Gs3zVU8d1B3CtyleJP0Jrh86bBVpDIiu2fCDH7Zyz4/NavF5kUHZY1UDN
OxOJGOcoKP7SXlL1rvTVBeErl4TWZYcfZqA2rAO+Yp6OIOTmTITyShehq0nVqdM9
xZHDxGnaOf9b4QGqMQqMdbhsCCFigzES6SUIsftBapov3F2pRODKKIkR2qMpEMa9
gLjQ6Uxr+/PKmbvwZi+5C/pD8gboCtYy7eAhMRI6cBvp6XY/ktM3mSiFfGcBi4k7
ubs1VZbRcSigR4E+RtlQhTvGXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ0dwX43
j4grs+BL5r2joSJ2ji8eMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvQkZBQUYxMDQw
Q0E3MTFFRkE2MjE3NzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABncAMwDQYJKoZIhvcNAQELBQADggEBAFvoIjWUmOI+g869
GQ/Z+f/M8ZWCMgFTwZ4gzoBTgooHhJr3cXn8t02vA+Em6oyTueNPjstmfWfveBGR
Ps9uJC8pJk59c3wgbJVThJuNtCNTvRDCnxetSNz6KYZCnkV1DHdSiGj4JcjwkczE
37gqpgU45Pro9bvnk0dZth5gv0eFlpTqaIQvbBNPVAW+lL2/qjExZXEFGiui0T3o
BRFFC2/XcV/Z3dsGCOx0NwU9P4pT5GCV95a4QnPQqULJv+YVe6iQiTupgRJAObs8
SNbQ+A5MCkVHcAuYzEpCV1DhkY7muinH+Jftxx7QgxvMeVbPDs0LoHmOHD2h+Z2f
fR26oXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org