Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
File:                     A53244160B6811EFB0BE5162C4F9AE02.roa (raw, json)
Hash identifier:          elXPEfEoxHI2cIbDDhhdmt5hm744eVEcjoIx+FSj9tk=
Subject key identifier:   0D:9B:E4:63:04:D1:55:D0:6D:E9:79:4E:31:B8:63:29:35:5A:9A:9E
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       1184
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
Signing time:             Mon 06 May 2024 05:22:35 +0000
ROA not before:           Mon 06 May 2024 05:22:35 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     138241
IP address blocks:        103.151.27.0/24 maxlen: 24
                          113.203.208.0/24 maxlen: 24
                          113.203.216.0/24 maxlen: 24
                          113.203.217.0/24 maxlen: 24
                          113.203.231.0/24 maxlen: 24
                          113.203.250.0/24 maxlen: 24
                          115.167.49.0/24 maxlen: 24
                          115.167.78.0/24 maxlen: 24
                          180.178.142.0/24 maxlen: 24
                          180.178.152.0/21 maxlen: 21
                          202.92.18.0/24 maxlen: 24
                          202.92.20.0/24 maxlen: 24
                          223.29.227.0/24 maxlen: 24
                          223.29.235.0/24 maxlen: 24
                          223.29.236.0/24 maxlen: 24
                          223.29.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 May 2024 10:59:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4484 (0x1184)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: May  6 05:22:35 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6638691b-8078
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:89:0f:a1:5f:5e:cf:5b:26:dc:92:99:d6:0d:
                    64:78:61:3e:71:90:55:4c:ad:73:5e:f7:a5:c2:63:
                    94:58:9c:7e:e2:51:62:f1:13:da:66:93:e3:9d:61:
                    ec:1b:c8:15:1f:16:e2:03:93:72:6e:21:51:55:8b:
                    21:86:03:50:48:99:68:ef:f1:f7:89:a6:75:40:fe:
                    b5:5c:44:9a:39:0e:e9:90:e7:55:0b:78:81:f5:a7:
                    26:76:92:7a:8b:71:3a:15:c5:c5:8c:f3:6a:25:2c:
                    d1:03:a2:f8:e1:75:ab:ac:b8:c2:e4:ef:70:bd:f5:
                    7e:9d:74:ca:87:b3:ad:ac:8e:a9:3e:ee:88:1e:f1:
                    92:69:f4:44:8f:7b:90:f4:37:44:2e:af:c4:52:33:
                    0d:7d:74:c3:51:2d:da:f4:db:d0:fb:9f:2d:af:02:
                    01:b8:0f:a9:7e:6b:fd:0c:2e:f5:64:7d:16:02:00:
                    cf:ac:9d:d9:fb:fe:79:a0:6d:95:d5:82:4d:9c:bb:
                    b7:11:e0:29:38:06:db:ee:a9:91:78:0e:fa:52:7b:
                    ea:49:6b:49:31:02:1b:20:9e:a6:e9:a2:c0:f1:aa:
                    33:3a:fd:98:19:11:a3:2b:cf:1f:71:5e:cd:eb:b2:
                    0d:c4:52:c2:69:59:8e:7c:80:f3:bc:63:05:f3:f3:
                    60:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9B:E4:63:04:D1:55:D0:6D:E9:79:4E:31:B8:63:29:35:5A:9A:9E
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.27.0/24
                  113.203.208.0/24
                  113.203.216.0/23
                  113.203.231.0/24
                  113.203.250.0/24
                  115.167.49.0/24
                  115.167.78.0/24
                  180.178.142.0/24
                  180.178.152.0/21
                  202.92.18.0/24
                  202.92.20.0/24
                  223.29.227.0/24
                  223.29.235.0-223.29.236.255
                  223.29.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:0c:91:b1:cc:8b:be:35:64:17:ab:c0:f3:f9:69:b7:89:ae:
         ac:00:b2:9a:c0:ba:c7:db:15:e1:05:90:2d:67:25:bc:cf:00:
         95:af:07:c3:18:5a:10:43:77:bf:5c:1b:83:3e:4f:89:66:c5:
         59:11:12:c0:1d:cb:59:3b:80:4f:d7:d4:ef:5b:6f:5e:0d:b5:
         7a:8b:f6:c2:aa:d2:55:9a:a5:6a:27:09:13:de:53:b0:0c:df:
         81:c4:92:87:f7:b4:65:5d:d8:b9:20:f8:a4:ce:4c:16:88:a2:
         ab:8a:92:d3:e3:a0:92:26:2b:c4:2e:13:bc:34:ee:11:dc:dc:
         7c:9e:16:e6:22:8e:04:74:b2:6e:0e:2d:d5:5a:60:6c:6b:26:
         c4:12:62:d7:79:47:60:b0:6c:98:19:91:87:3a:d2:b3:51:30:
         0d:12:a4:46:0f:9e:ba:72:9d:8b:03:a8:2c:41:ef:ec:ca:cb:
         33:4e:06:ac:e8:27:f6:5f:f6:c5:09:f4:f0:d3:45:0f:42:69:
         9f:96:82:ed:73:ef:96:b4:da:3e:90:76:37:6e:80:ba:55:10:
         fd:92:09:ee:54:5a:13:6d:49:c7:ad:1a:81:1f:53:86:7f:aa:
         fa:ab:f1:94:4a:6a:eb:3a:80:49:74:e5:c8:63:fb:ea:46:5e:
         68:78:c0:59
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICEYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTA2MDUyMjM1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NjkxYi04MDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYkPoV9ez1sm3JKZ1g1keGE+cZBVTK1zXvelwmOUWJx+4lFi8RPaZpPjnWHs
G8gVHxbiA5NybiFRVYshhgNQSJlo7/H3iaZ1QP61XESaOQ7pkOdVC3iB9acmdpJ6
i3E6FcXFjPNqJSzRA6L44XWrrLjC5O9wvfV+nXTKh7OtrI6pPu6IHvGSafREj3uQ
9DdELq/EUjMNfXTDUS3a9NvQ+58trwIBuA+pfmv9DC71ZH0WAgDPrJ3Z+/55oG2V
1YJNnLu3EeApOAbb7qmReA76UnvqSWtJMQIbIJ6m6aLA8aozOv2YGRGjK88fcV7N
67INxFLCaVmOfIDzvGMF8/NgcwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFA2b5GME
0VXQbel5TjG4Yyk1WpqeMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQTUzMjQ0MTYw
QjY4MTFFRkIwQkU1MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMGIEAgABMFwDBABnlxsDBABxy9ADBAFxy9gDBABxy+cDBABxy/oDBABzpzED
BABzp04DBAC0so4DBAO0spgDBADKXBIDBADKXBQDBADfHeMwDAMEAN8d6wMEAN8d
7AMEAN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAfAyRscyLvjVkF6vA8/lpt4murACy
msC6x9sV4QWQLWclvM8Ala8HwxhaEEN3v1wbgz5PiWbFWRESwB3LWTuAT9fU71tv
Xg21eov2wqrSVZqlaicJE95TsAzfgcSSh/e0ZV3YuSD4pM5MFoiiq4qS0+OgkiYr
xC4TvDTuEdzcfJ4W5iKOBHSybg4t1VpgbGsmxBJi13lHYLBsmBmRhzrSs1EwDRKk
Rg+eunKdiwOoLEHv7MrLM04GrOgn9l/2xQn08NNFD0Jpn5aC7XPvlrTaPpB2N26A
ulUQ/ZIJ7lRaE21Jx60agR9Thn+q+qvxlEpq6zqASXTlyGP76kZeaHjAWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:45 2024 by rpki-client on console-fra.rpki-client.org