Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/8D3168E67DF711EEB872AA31C4F9AE02.roa
File:                     8D3168E67DF711EEB872AA31C4F9AE02.roa (raw, json)
Hash identifier:          00grRlvT9+90R+0eFgrVMZPRf0pmmZsCoowcHqN/Fu0=
Subject key identifier:   51:2C:2F:FD:2B:A8:42:6B:AC:6B:71:C2:A5:62:35:76:6C:7E:D3:8F
Certificate issuer:       /CN=A91DF31D/serialNumber=4600C18D62C6F724D5C95506F41B8C95FC390DC0
Certificate serial:       04
Authority key identifier: 46:00:C1:8D:62:C6:F7:24:D5:C9:55:06:F4:1B:8C:95:FC:39:0D:C0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RgDBjWLG9yTVyVUG9BuMlfw5DcA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/8D3168E67DF711EEB872AA31C4F9AE02.roa
Signing time:             Wed 08 Nov 2023 05:29:01 +0000
ROA not before:           Wed 08 Nov 2023 05:29:01 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     151802
IP address blocks:        103.226.26.0/24 maxlen: 24
                          103.226.27.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 03:50:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DF31D/serialNumber=4600C18D62C6F724D5C95506F41B8C95FC390DC0
        Validity
            Not Before: Nov  8 05:29:01 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=654b1c9d-bdfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e9:c1:7a:22:5c:84:9d:31:e3:ed:a6:72:4b:
                    c3:c7:78:e5:8f:56:0a:b3:92:8c:11:59:6e:e3:e7:
                    41:49:2a:22:fc:15:42:e7:7f:d8:2b:b7:b4:83:87:
                    70:56:ff:ed:08:af:af:7f:ea:1b:a5:ec:9b:87:b7:
                    f2:10:3a:40:74:a8:bf:9b:9f:24:34:d7:ee:29:88:
                    66:d0:22:3f:a8:20:9e:5d:44:a8:fa:89:ad:93:92:
                    2d:7d:e7:db:af:e4:52:8d:d5:44:df:a4:6c:65:d4:
                    fb:99:64:f4:9b:6f:9b:f2:72:87:06:c7:11:b6:50:
                    06:0f:95:2c:e1:1c:dd:3f:69:33:96:3f:2a:43:d7:
                    0a:e2:8f:4d:e7:b6:b6:78:ef:b4:32:a2:ef:7a:f3:
                    dc:1b:19:cc:fd:54:ff:20:ed:d5:e7:86:be:16:5e:
                    13:26:7a:ea:46:1e:3c:09:9d:96:fb:ce:f0:fa:d9:
                    ed:6d:2f:c7:ea:6f:65:ed:04:5e:79:c9:00:86:51:
                    ea:17:60:13:9f:63:e3:91:ee:4f:96:ee:fa:53:52:
                    64:b2:93:eb:8d:e5:b6:41:a9:f5:c5:a6:df:79:5e:
                    45:3c:c9:ec:9f:f2:cc:c4:8e:91:45:5d:33:b7:fc:
                    21:a1:ec:aa:93:bc:74:78:71:d0:c0:e2:66:79:e5:
                    eb:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:2C:2F:FD:2B:A8:42:6B:AC:6B:71:C2:A5:62:35:76:6C:7E:D3:8F
            X509v3 Authority Key Identifier:
                keyid:46:00:C1:8D:62:C6:F7:24:D5:C9:55:06:F4:1B:8C:95:FC:39:0D:C0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/RgDBjWLG9yTVyVUG9BuMlfw5DcA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RgDBjWLG9yTVyVUG9BuMlfw5DcA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF31D/055AB5447DF711EE87B7D430C4F9AE02/8D3168E67DF711EEB872AA31C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.226.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:d2:f3:e9:c4:c2:ca:1a:93:3b:2d:f5:25:8a:96:2f:67:2d:
         95:ba:1f:55:6a:05:9e:1c:ef:1b:b6:fe:b8:6b:2c:18:a1:69:
         a1:95:54:6b:37:60:9f:91:3a:3a:56:b9:d2:64:05:21:42:9d:
         65:5f:98:41:7d:b4:59:1e:49:b1:b7:59:59:b0:40:cc:fe:f5:
         0f:57:fe:c2:fd:77:f9:2b:01:45:3f:ab:b2:c2:15:53:42:7c:
         1f:8a:45:55:95:30:8d:e2:1e:c3:7a:1f:e5:34:51:31:ca:67:
         de:06:82:21:0f:39:5a:e5:4b:1f:f6:d8:c0:c8:e5:2d:66:fe:
         0d:1b:3d:c4:ad:d2:75:7b:38:1a:19:5f:4a:89:07:c4:8e:60:
         3c:a4:8e:7a:ba:97:d5:8a:4e:69:06:34:29:6c:cd:ff:41:1f:
         be:d4:22:96:02:c3:e1:72:9f:83:9e:34:69:bd:36:a3:ff:53:
         92:00:e3:41:10:85:06:f2:1c:d7:92:9f:2a:0c:d7:98:fa:70:
         85:81:06:3d:bf:74:ad:01:ed:4d:ff:0b:e6:90:b7:6b:cf:0e:
         37:73:96:2e:de:43:37:06:e0:60:ac:a0:16:66:3e:9c:dc:63:
         67:46:1b:2a:ec:e9:34:22:a5:13:29:55:96:85:b5:fc:dd:bd:
         61:7a:1c:93
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RjMxRDExMC8GA1UEBRMoNDYwMEMxOEQ2MkM2RjcyNEQ1Qzk1NTA2RjQxQjhDOTVG
QzM5MERDMDAeFw0yMzExMDgwNTI5MDFaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NGIxYzlkLWJkZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCl6cF6IlyEnTHj7aZyS8PHeOWPVgqzkowRWW7j50FJKiL8FULnf9grt7SDh3BW
/+0Ir69/6hul7JuHt/IQOkB0qL+bnyQ01+4piGbQIj+oIJ5dRKj6ia2Tki1959uv
5FKN1UTfpGxl1PuZZPSbb5vycocGxxG2UAYPlSzhHN0/aTOWPypD1wrij03ntrZ4
77Qyou9689wbGcz9VP8g7dXnhr4WXhMmeupGHjwJnZb7zvD62e1tL8fqb2XtBF55
yQCGUeoXYBOfY+OR7k+W7vpTUmSyk+uN5bZBqfXFpt95XkU8yeyf8szEjpFFXTO3
/CGh7KqTvHR4cdDA4mZ55eubAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUSwv/Suo
Qmusa3HCpWI1dmx+048wHwYDVR0jBBgwFoAURgDBjWLG9yTVyVUG9BuMlfw5DcAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGMzFELzA1NUFCNTQ0N0RG
NzExRUU4N0I3RDQzMEM0RjlBRTAyL1JnREJqV0xHOXlUVnlWVUc5QnVNbGZ3NURj
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUmdEQmpXTEc5eVRWeVZVRzlCdU1sZnc1RGNBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RjMxRC8wNTVBQjU0NDdERjcxMUVFODdCN0Q0MzBDNEY5QUUwMi84RDMxNjhFNjdE
RjcxMUVFQjg3MkFBMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfiGjANBgkqhkiG9w0BAQsFAAOCAQEAgtLz6cTCyhqTOy31
JYqWL2ctlbofVWoFnhzvG7b+uGssGKFpoZVUazdgn5E6Ola50mQFIUKdZV+YQX20
WR5JsbdZWbBAzP71D1f+wv13+SsBRT+rssIVU0J8H4pFVZUwjeIew3of5TRRMcpn
3gaCIQ85WuVLH/bYwMjlLWb+DRs9xK3SdXs4GhlfSokHxI5gPKSOerqX1YpOaQY0
KWzN/0EfvtQilgLD4XKfg540ab02o/9TkgDjQRCFBvIc15KfKgzXmPpwhYEGPb90
rQHtTf8L5pC3a88ON3OWLt5DNwbgYKygFmY+nNxjZ0YbKuzpNCKlEylVloW1/N29
YXockw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org