Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED2BB/57D647FA417111EA91495B6BC4F9AE02/1F2031B0419811EAA268D964C4F9AE02.roa
File:                     1F2031B0419811EAA268D964C4F9AE02.roa (raw, json)
Hash identifier:          puJr3W8TvXOYy28lt6jx0qorOwJRqVKhMSjzHHFCMeM=
Subject key identifier:   DE:FF:83:AB:55:0B:A0:98:E5:A3:52:9E:A1:67:8F:56:02:1B:2A:89
Certificate issuer:       /CN=A91ED2BB/serialNumber=A6FF381A2AEBEA6DCCFE0DE65D4196040271FE94
Certificate serial:       09D7
Authority key identifier: A6:FF:38:1A:2A:EB:EA:6D:CC:FE:0D:E6:5D:41:96:04:02:71:FE:94
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pv84Girr6m3M_g3mXUGWBAJx_pQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ED2BB/57D647FA417111EA91495B6BC4F9AE02/1F2031B0419811EAA268D964C4F9AE02.roa
Signing time:             Sat 02 Sep 2023 19:47:26 +0000
ROA not before:           Sat 02 Sep 2023 19:47:26 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     2519
IP address blocks:        103.27.68.0/22 maxlen: 22
                          203.78.132.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 11 Jan 2024 06:57:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2519 (0x9d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ED2BB/serialNumber=A6FF381A2AEBEA6DCCFE0DE65D4196040271FE94
        Validity
            Not Before: Sep  2 19:47:26 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=64f3914e-5925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9d:85:23:b0:52:f6:ab:14:a7:53:f7:93:04:
                    af:a6:10:e6:4a:5a:16:4b:dd:61:01:f3:50:cc:1e:
                    7b:75:96:a8:f3:9a:02:83:bf:9b:66:24:fe:38:2f:
                    94:d7:83:8a:9f:ac:8c:ee:38:91:7b:04:17:1e:de:
                    e2:84:77:88:c0:91:89:f7:0e:f2:7d:28:ff:d6:8a:
                    60:5b:fb:ae:b3:53:c5:2a:db:f2:50:03:ac:c6:fb:
                    96:01:2d:ca:49:4e:94:cf:ad:59:ce:b7:aa:ab:5d:
                    c9:36:85:e0:ec:bf:bf:d7:4a:e5:ea:ef:4b:51:98:
                    c5:94:8c:31:8c:86:13:05:13:79:75:68:93:aa:17:
                    19:52:f7:af:d6:ee:72:41:85:63:db:bb:8f:5c:22:
                    63:ce:73:ba:72:b5:f2:cb:d8:fc:34:bf:d8:af:b6:
                    ee:80:20:0e:9e:70:d1:9a:3e:84:a2:b2:cc:2c:89:
                    96:59:b1:02:31:d4:fd:f5:02:24:78:7a:06:b1:e3:
                    07:b2:16:a3:31:96:90:c7:cb:9a:e1:b6:9e:67:fd:
                    84:a2:05:e6:aa:3a:95:0b:c2:1e:dc:c2:ce:2d:4f:
                    9a:7d:8d:f2:5d:de:cf:60:9e:ee:4c:31:c3:1d:92:
                    9c:2d:28:09:a3:9e:e8:3a:d0:0e:d4:09:4f:35:69:
                    e3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:FF:83:AB:55:0B:A0:98:E5:A3:52:9E:A1:67:8F:56:02:1B:2A:89
            X509v3 Authority Key Identifier:
                keyid:A6:FF:38:1A:2A:EB:EA:6D:CC:FE:0D:E6:5D:41:96:04:02:71:FE:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ED2BB/57D647FA417111EA91495B6BC4F9AE02/pv84Girr6m3M_g3mXUGWBAJx_pQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pv84Girr6m3M_g3mXUGWBAJx_pQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED2BB/57D647FA417111EA91495B6BC4F9AE02/1F2031B0419811EAA268D964C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.27.68.0/22
                  203.78.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:8c:fa:c7:a8:d2:3a:f1:66:5e:4a:a1:bd:0d:55:e4:3b:f4:
         c7:f4:9a:8b:d2:39:53:68:90:63:01:97:ef:7b:20:30:8d:f3:
         41:b5:a3:82:7b:19:d0:76:5e:c8:fa:96:61:ff:64:4e:f6:e0:
         13:5d:bd:69:9f:3c:20:2f:07:30:3a:eb:c3:27:42:7c:92:f0:
         35:6f:9e:56:4b:e8:56:a6:97:d6:90:ef:bb:c0:a8:5b:3e:ab:
         8a:76:44:6d:83:25:e3:01:de:78:c1:03:73:88:ea:8d:0e:0b:
         97:6b:30:e6:20:bd:28:f2:b3:36:1a:ef:8c:c2:2d:3f:b1:74:
         78:39:39:8f:b6:ec:c6:cc:73:8c:54:84:05:87:48:ab:47:b4:
         59:1d:44:59:32:5a:9f:1c:66:c8:23:f8:e2:96:8f:d2:9f:67:
         cb:b3:e3:86:c9:cf:05:6c:82:10:96:4b:c2:42:c4:1b:59:06:
         71:87:df:bf:fe:0c:47:a3:cf:63:bd:b3:52:2c:44:cf:d4:cf:
         d7:a9:f1:b1:c6:3a:fa:fe:2b:b1:d5:23:67:a3:66:70:c6:c5:
         0e:2f:45:56:ed:1b:3a:b9:24:86:bf:ed:2b:52:11:f8:f7:ed:
         3a:a5:32:61:90:39:a7:5d:7c:e1:60:ae:7e:11:b0:04:0e:dd:
         6e:91:18:83
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQyQkIxMTAvBgNVBAUTKEE2RkYzODFBMkFFQkVBNkRDQ0ZFMERFNjVENDE5NjA0
MDI3MUZFOTQwHhcNMjMwOTAyMTk0NzI2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYzOTE0ZS01OTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzp2FI7BS9qsUp1P3kwSvphDmSloWS91hAfNQzB57dZao85oCg7+bZiT+OC+U
14OKn6yM7jiRewQXHt7ihHeIwJGJ9w7yfSj/1opgW/uus1PFKtvyUAOsxvuWAS3K
SU6Uz61Zzreqq13JNoXg7L+/10rl6u9LUZjFlIwxjIYTBRN5dWiTqhcZUvev1u5y
QYVj27uPXCJjznO6crXyy9j8NL/Yr7bugCAOnnDRmj6EorLMLImWWbECMdT99QIk
eHoGseMHshajMZaQx8ua4baeZ/2EogXmqjqVC8Ie3MLOLU+afY3yXd7PYJ7uTDHD
HZKcLSgJo57oOtAO1AlPNWnjJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN7/g6tV
C6CY5aNSnqFnj1YCGyqJMB8GA1UdIwQYMBaAFKb/OBoq6+ptzP4N5l1BlgQCcf6U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDJCQi81N0Q2NDdGQTQx
NzExMUVBOTE0OTVCNkJDNEY5QUUwMi9wdjg0R2lycjZtM01fZzNtWFVHV0JBSnhf
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B2ODRHaXJyNm0zTV9nM21YVUdXQkFKeF9wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQyQkIvNTdENjQ3RkE0MTcxMTFFQTkxNDk1QjZCQzRGOUFFMDIvMUYyMDMxQjA0
MTk4MTFFQUEyNjhEOTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnG0QDBALLToQwDQYJKoZIhvcNAQELBQADggEBABeM+seo
0jrxZl5Kob0NVeQ79Mf0movSOVNokGMBl+97IDCN80G1o4J7GdB2Xsj6lmH/ZE72
4BNdvWmfPCAvBzA668MnQnyS8DVvnlZL6Faml9aQ77vAqFs+q4p2RG2DJeMB3njB
A3OI6o0OC5drMOYgvSjyszYa74zCLT+xdHg5OY+27MbMc4xUhAWHSKtHtFkdRFky
Wp8cZsgj+OKWj9KfZ8uz44bJzwVsghCWS8JCxBtZBnGH37/+DEejz2O9s1IsRM/U
z9ep8bHGOvr+K7HVI2ejZnDGxQ4vRVbtGzq5JIa/7StSEfj37TqlMmGQOaddfOFg
rn4RsAQO3W6RGIM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org