Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BEE459003EB11EF8E9E6545C4F9AE02.roa
File:                     5BEE459003EB11EF8E9E6545C4F9AE02.roa (raw, json)
Hash identifier:          XGM6tN+/ZaavezzgVSpxujAmIpWmnhztBzIi4IahxJg=
Subject key identifier:   21:6A:E6:D9:62:84:DA:A5:EA:BB:EE:72:B5:FB:A7:B3:E0:04:F9:CD
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       113B
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BEE459003EB11EF8E9E6545C4F9AE02.roa
Signing time:             Mon 29 Apr 2024 07:12:11 +0000
ROA not before:           Mon 29 Apr 2024 07:12:11 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     138241
IP address blocks:        103.151.27.0/24 maxlen: 24
                          113.203.208.0/24 maxlen: 24
                          113.203.216.0/24 maxlen: 24
                          113.203.217.0/24 maxlen: 24
                          113.203.231.0/24 maxlen: 24
                          113.203.241.0/24 maxlen: 24
                          113.203.250.0/24 maxlen: 24
                          115.167.49.0/24 maxlen: 24
                          115.167.64.0/24 maxlen: 24
                          115.167.67.0/24 maxlen: 24
                          115.167.78.0/24 maxlen: 24
                          115.167.125.0/24 maxlen: 24
                          175.110.68.0/22 maxlen: 24
                          175.110.80.0/22 maxlen: 24
                          175.110.97.0/24 maxlen: 24
                          175.110.109.0/24 maxlen: 24
                          180.178.142.0/24 maxlen: 24
                          180.178.152.0/21 maxlen: 21
                          202.92.18.0/24 maxlen: 24
                          202.92.20.0/24 maxlen: 24
                          223.29.225.0/24 maxlen: 24
                          223.29.227.0/24 maxlen: 24
                          223.29.234.0/24 maxlen: 24
                          223.29.235.0/24 maxlen: 24
                          223.29.236.0/24 maxlen: 24
                          223.29.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 16:07:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4411 (0x113b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Apr 29 07:12:11 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=662f484b-4d4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:76:12:f9:c0:72:31:47:c9:53:86:81:00:d0:
                    b3:c9:a7:a9:36:3c:2d:b7:72:fa:29:55:55:85:0a:
                    b9:bf:04:35:e4:1a:dc:a0:62:ac:a3:b9:2b:63:c3:
                    d5:0c:31:5f:e8:14:5d:21:8b:f2:fe:f3:ce:48:06:
                    22:a5:82:6b:dc:d2:ed:18:a6:37:57:7e:06:1e:8a:
                    d8:a5:e0:df:45:64:75:f3:a9:a4:c3:b5:ac:3a:8f:
                    77:de:a2:a6:0f:e2:b0:90:0a:ab:b9:3f:c1:2c:e3:
                    9a:7a:ab:12:8d:06:b9:72:0c:9e:4c:ce:9d:de:46:
                    18:02:96:8f:dd:22:28:0e:13:e6:01:c5:97:1a:cd:
                    d0:c2:0c:26:f2:ee:f1:a0:71:6c:51:5d:37:d5:8a:
                    3e:bf:7f:09:a7:12:4a:ef:df:45:ab:f0:98:5a:80:
                    69:07:ca:a2:4a:e6:d9:53:1a:ee:3b:7b:36:b9:95:
                    b7:a9:f2:57:37:c8:e5:cf:e7:ea:2e:6c:21:77:31:
                    e2:05:24:65:65:ec:cf:81:b2:b0:f7:1b:81:c5:8d:
                    b7:47:fc:5a:2a:c0:37:83:8c:75:b7:b5:42:b9:ca:
                    8a:81:a2:23:fc:c7:aa:a5:75:99:b0:b8:93:67:86:
                    27:32:84:7d:ef:56:2a:7d:fb:32:5f:91:97:77:52:
                    12:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:6A:E6:D9:62:84:DA:A5:EA:BB:EE:72:B5:FB:A7:B3:E0:04:F9:CD
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5BEE459003EB11EF8E9E6545C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.27.0/24
                  113.203.208.0/24
                  113.203.216.0/23
                  113.203.231.0/24
                  113.203.241.0/24
                  113.203.250.0/24
                  115.167.49.0/24
                  115.167.64.0/24
                  115.167.67.0/24
                  115.167.78.0/24
                  115.167.125.0/24
                  175.110.68.0/22
                  175.110.80.0/22
                  175.110.97.0/24
                  175.110.109.0/24
                  180.178.142.0/24
                  180.178.152.0/21
                  202.92.18.0/24
                  202.92.20.0/24
                  223.29.225.0/24
                  223.29.227.0/24
                  223.29.234.0-223.29.236.255
                  223.29.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:41:22:dd:12:77:5d:bc:2a:84:08:5c:0e:9b:e7:df:6b:0b:
         10:a2:b6:09:c3:32:d6:76:16:02:c1:94:e2:21:43:fa:1d:11:
         b3:f0:42:5d:e1:75:21:51:0d:ee:86:12:5b:3d:1d:bf:df:a8:
         87:b6:a3:f1:89:b7:75:ce:d0:d9:97:ae:eb:16:b3:52:78:3f:
         91:12:e4:51:95:5b:2a:b6:7d:29:65:93:e3:d3:3a:d6:dc:7f:
         11:9e:71:ee:f4:03:b9:58:d0:c0:e2:c1:74:65:93:f6:ba:99:
         7a:2c:84:0f:cb:d6:29:31:83:af:b5:ff:c8:5d:a3:6f:80:c1:
         b5:f5:be:a2:f0:4f:44:03:e9:85:fd:67:98:d1:bc:4b:d7:2f:
         56:12:77:2c:90:99:b0:ae:e9:83:51:d9:95:29:b9:ef:32:4d:
         0c:f5:4d:11:63:7b:d1:0f:92:f5:79:4f:2b:b1:21:71:53:93:
         cf:0f:59:03:b5:45:6e:9c:55:41:be:6b:be:28:5b:fb:3f:f8:
         80:77:71:91:88:d3:7d:ce:f1:4d:4a:f9:d7:2d:05:9d:74:b5:
         c8:46:25:34:67:02:48:2a:7a:ae:85:92:84:67:65:26:44:85:
         2e:23:a5:51:0d:33:0f:49:a0:e1:e6:b4:52:f0:a8:4b:81:42:
         8c:d3:c2:25
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICETswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNDI5MDcxMjExWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJmNDg0Yi00ZDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3HYS+cByMUfJU4aBANCzyaepNjwtt3L6KVVVhQq5vwQ15BrcoGKso7krY8PV
DDFf6BRdIYvy/vPOSAYipYJr3NLtGKY3V34GHorYpeDfRWR186mkw7WsOo933qKm
D+KwkAqruT/BLOOaeqsSjQa5cgyeTM6d3kYYApaP3SIoDhPmAcWXGs3Qwgwm8u7x
oHFsUV031Yo+v38JpxJK799Fq/CYWoBpB8qiSubZUxruO3s2uZW3qfJXN8jlz+fq
LmwhdzHiBSRlZezPgbKw9xuBxY23R/xaKsA3g4x1t7VCucqKgaIj/MeqpXWZsLiT
Z4YnMoR971YqffsyX5GXd1ISVQIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFCFq5tli
hNql6rvucrX7p7PgBPnNMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUJFRTQ1OTAw
M0VCMTFFRjhFOUU2NTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMIGZBAIAATCBkgMEAGeXGwMEAHHL0AMEAXHL2AMEAHHL5wMEAHHL8QME
AHHL+gMEAHOnMQMEAHOnQAMEAHOnQwMEAHOnTgMEAHOnfQMEAq9uRAMEAq9uUAME
AK9uYQMEAK9ubQMEALSyjgMEA7SymAMEAMpcEgMEAMpcFAMEAN8d4QMEAN8d4zAM
AwQB3x3qAwQA3x3sAwQA3x3uMA0GCSqGSIb3DQEBCwUAA4IBAQAGQSLdEnddvCqE
CFwOm+ffawsQorYJwzLWdhYCwZTiIUP6HRGz8EJd4XUhUQ3uhhJbPR2/36iHtqPx
ibd1ztDZl67rFrNSeD+REuRRlVsqtn0pZZPj0zrW3H8RnnHu9AO5WNDA4sF0ZZP2
upl6LIQPy9YpMYOvtf/IXaNvgMG19b6i8E9EA+mF/WeY0bxL1y9WEncskJmwrumD
UdmVKbnvMk0M9U0RY3vRD5L1eU8rsSFxU5PPD1kDtUVunFVBvmu+KFv7P/iAd3GR
iNN9zvFNSvnXLQWddLXIRiU0ZwJIKnquhZKEZ2UmRIUuI6VRDTMPSaDh5rRS8KhL
gUKM08Il
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:45 2024 by rpki-client on console-fra.rpki-client.org