Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/9773ACE8DBB611EEA78AF92DC4F9AE02.roa
File:                     9773ACE8DBB611EEA78AF92DC4F9AE02.roa (raw, json)
Hash identifier:          ukariqPUeoopSrBY0K7rZ6pzJjLHF3pkJIVff1rbo6o=
Subject key identifier:   90:62:84:18:45:29:08:87:40:01:F4:75:CC:67:7B:72:27:64:4F:7B
Certificate issuer:       /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial:       4F
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/9773ACE8DBB611EEA78AF92DC4F9AE02.roa
Signing time:             Wed 06 Mar 2024 13:00:31 +0000
ROA not before:           Wed 06 Mar 2024 13:00:31 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     58688
IP address blocks:        203.99.144.0/23 maxlen: 23
                          203.99.144.0/24 maxlen: 24
                          203.99.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 17:22:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79 (0x4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
        Validity
            Not Before: Mar  6 13:00:31 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65e868ef-b8c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fd:b7:9e:56:20:6f:1c:a8:0f:91:26:19:fa:
                    08:d5:8b:e9:b7:62:60:e6:d2:32:78:7c:9f:c4:04:
                    58:1e:4b:bc:62:19:f5:cd:32:06:8e:12:ec:cf:15:
                    e9:df:ea:c9:d1:f2:3c:94:d5:f4:84:b0:51:9d:e6:
                    d6:6f:ee:e5:e4:99:da:71:a2:b2:17:50:22:06:c4:
                    1e:da:f5:0e:be:37:ee:64:58:7f:84:9e:bd:c0:ab:
                    69:d9:94:6c:f5:af:bd:d0:dc:2a:28:06:b4:ed:37:
                    c7:cc:a5:a5:ba:e1:1c:82:9c:ef:2f:de:eb:e2:13:
                    0b:dc:91:74:7f:9b:3c:6e:ed:47:79:14:8b:c1:58:
                    b3:4b:69:ac:2f:82:94:db:b6:05:12:30:29:69:92:
                    67:13:a7:de:29:85:37:a1:bf:55:3b:c2:08:68:79:
                    e4:e2:c5:5a:cd:31:fb:58:21:ce:60:2b:e0:94:be:
                    53:c8:9c:d5:d2:d5:f9:d3:96:49:ad:fc:34:34:19:
                    e6:58:b0:e9:69:9d:f6:fe:b8:26:c8:3b:2c:df:49:
                    5e:4b:78:0c:58:19:13:7d:60:d7:65:e5:91:09:70:
                    4e:02:89:d2:5d:2a:fd:85:b6:d7:96:06:eb:96:f7:
                    05:80:df:18:31:d1:cb:d6:11:aa:e2:09:7e:1b:44:
                    7c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:62:84:18:45:29:08:87:40:01:F4:75:CC:67:7B:72:27:64:4F:7B
            X509v3 Authority Key Identifier:
                keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/9773ACE8DBB611EEA78AF92DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.99.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:58:ff:2b:dd:97:2e:39:6c:85:d4:a1:ad:0e:80:93:cc:06:
         b4:82:84:1d:4a:5e:e9:7d:c5:67:26:73:1f:9a:8d:b9:cd:cf:
         7a:1b:5b:b1:94:4c:59:16:9c:37:a8:50:d8:b6:09:ae:70:6d:
         ee:4a:dc:28:32:7b:0a:f4:37:3f:cb:a1:e5:c5:0e:c6:34:1b:
         71:c8:e9:8d:6f:b5:be:66:85:b5:9a:d9:90:58:f2:a4:e8:38:
         39:f6:f7:c6:cc:39:f5:e3:29:12:77:de:96:b1:58:d1:37:29:
         c5:ab:0d:d0:19:72:e1:71:2b:90:ce:1f:3f:49:05:37:8c:ae:
         e6:c5:86:cb:95:82:d9:ef:67:68:51:11:e8:d2:ba:21:7b:bc:
         0f:59:eb:11:cf:9a:d3:1d:cc:5f:90:c0:ef:04:80:96:a7:59:
         6b:98:d8:29:6d:70:8c:dd:d2:42:e4:08:67:9e:18:86:43:0f:
         65:2f:cf:f4:1a:ef:f2:bf:80:e1:75:09:6d:07:aa:71:d5:ac:
         46:2c:8b:a4:9f:a9:93:57:6f:84:13:99:c7:6d:c1:0f:c8:e5:
         ce:13:72:f9:8e:96:8c:71:15:81:36:9b:1d:bf:51:46:97:8d:
         62:5e:e8:c5:3b:cf:29:12:67:dc:e7:af:4e:b5:45:0f:f7:6e:
         0e:bf:bd:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTA5QzExMC8GA1UEBRMoM0M2OUI5QjYwMUQyQzlGMkEzOTE1QTZGRkJDQTNEQUQ2
MkU5OTI0NTAeFw0yNDAzMDYxMzAwMzFaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTg2OGVmLWI4YzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2/beeViBvHKgPkSYZ+gjVi+m3YmDm0jJ4fJ/EBFgeS7xiGfXNMgaOEuzPFenf
6snR8jyU1fSEsFGd5tZv7uXkmdpxorIXUCIGxB7a9Q6+N+5kWH+Enr3Aq2nZlGz1
r73Q3CooBrTtN8fMpaW64RyCnO8v3uviEwvckXR/mzxu7Ud5FIvBWLNLaawvgpTb
tgUSMClpkmcTp94phTehv1U7wghoeeTixVrNMftYIc5gK+CUvlPInNXS1fnTlkmt
/DQ0GeZYsOlpnfb+uCbIOyzfSV5LeAxYGRN9YNdl5ZEJcE4CidJdKv2FtteWBuuW
9wWA3xgx0cvWEariCX4bRHzRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUkGKEGEUp
CIdAAfR1zGd7cidkT3swHwYDVR0jBBgwFoAUPGm5tgHSyfKjkVpv+8o9rWLpkkUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDlDL0VFRjc2MkMwOTA3
NTExRUU4N0QyNjY4MEM0RjlBRTAyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtr
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUEdtNXRnSFN5Zktqa1Zwdi04bzlyV0xwa2tVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTA5Qy9FRUY3NjJDMDkwNzUxMUVFODdEMjY2ODBDNEY5QUUwMi85NzczQUNFOERC
QjYxMUVFQTc4QUY5MkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEActjkDANBgkqhkiG9w0BAQsFAAOCAQEAAlj/K92XLjlshdSh
rQ6Ak8wGtIKEHUpe6X3FZyZzH5qNuc3PehtbsZRMWRacN6hQ2LYJrnBt7krcKDJ7
CvQ3P8uh5cUOxjQbccjpjW+1vmaFtZrZkFjypOg4Ofb3xsw59eMpEnfelrFY0Tcp
xasN0Bly4XErkM4fP0kFN4yu5sWGy5WC2e9naFER6NK6IXu8D1nrEc+a0x3MX5DA
7wSAlqdZa5jYKW1wjN3SQuQIZ54YhkMPZS/P9Brv8r+A4XUJbQeqcdWsRiyLpJ+p
k1dvhBOZx23BD8jlzhNy+Y6WjHEVgTabHb9RRpeNYl7oxTvPKRJn3OevTrVFD/du
Dr+9Fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org