Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/E3F5C1A4360311EEBE14F479C4F9AE02.roa
File:                     E3F5C1A4360311EEBE14F479C4F9AE02.roa (raw, json)
Hash identifier:          dvBfAIe2Q3nzJl3jp7hQBB8mbrhBTvbAYK1YpPxY2NQ=
Subject key identifier:   A3:25:C6:5D:62:7D:49:45:9F:BD:1E:A1:89:9A:FC:21:F8:32:63:5A
Certificate issuer:       /CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
Certificate serial:       5D
Authority key identifier: 51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/E3F5C1A4360311EEBE14F479C4F9AE02.roa
Signing time:             Thu 24 Aug 2023 17:55:24 +0000
ROA not before:           Thu 24 Aug 2023 17:55:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     150683
IP address blocks:        103.121.6.0/24 maxlen: 24
                          103.121.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Oct 2023 17:52:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93 (0x5d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EFAFF/serialNumber=51D531AEF7A087C18E301E0E6A2C6371B264C3E8
        Validity
            Not Before: Aug 24 17:55:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64e7998c-f157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9f:e8:31:a1:a3:7a:f6:d8:a4:5b:e7:e5:33:
                    8f:6b:a0:f1:35:1d:b9:71:ca:8f:69:c0:fa:93:40:
                    20:f3:26:e8:3c:a6:75:07:bd:93:17:06:fb:43:43:
                    02:49:03:24:bf:74:47:49:c7:b5:dd:af:89:13:48:
                    a0:57:80:eb:50:34:12:a8:b2:0a:6f:74:c0:0f:8c:
                    d4:66:c2:c3:38:9d:99:48:7c:fa:d7:64:20:e0:b3:
                    e6:05:bf:05:ff:67:f5:cb:34:d7:6c:c6:19:5e:10:
                    f8:90:4c:a2:20:ba:cb:61:78:ff:a8:f3:63:57:f5:
                    e3:99:7e:c2:65:9a:2f:08:f9:e6:4c:52:f5:ee:f8:
                    77:b7:86:50:8a:d6:fb:46:68:0d:e9:11:b4:f2:e7:
                    bc:08:20:dd:f0:ae:2d:76:c2:85:db:a9:59:22:66:
                    2d:8d:73:1e:2e:fb:cb:68:a4:ca:99:01:39:4a:fd:
                    7c:10:a5:b5:c1:3d:b2:07:77:16:ed:fe:4c:76:cf:
                    18:09:5e:0c:d8:eb:e7:c1:dd:29:c1:60:a3:c4:0c:
                    da:57:3d:77:2a:ab:71:b2:83:8f:40:d5:a0:e8:ae:
                    90:0c:af:b4:ff:26:b5:07:23:69:80:a4:69:4c:8d:
                    c5:d9:94:9a:be:6d:f5:45:5d:a3:a8:00:80:93:2d:
                    bc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:25:C6:5D:62:7D:49:45:9F:BD:1E:A1:89:9A:FC:21:F8:32:63:5A
            X509v3 Authority Key Identifier:
                keyid:51:D5:31:AE:F7:A0:87:C1:8E:30:1E:0E:6A:2C:63:71:B2:64:C3:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/UdUxrvegh8GOMB4OaixjcbJkw-g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdUxrvegh8GOMB4OaixjcbJkw-g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFAFF/D0611F04CC4411ED9A71E10CC4F9AE02/E3F5C1A4360311EEBE14F479C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:b4:d5:91:ae:9f:15:66:3c:e4:ad:aa:de:a8:b6:44:bc:a5:
         bd:91:6c:11:6b:8f:a9:60:35:f7:8d:8c:cf:8c:91:5e:9a:09:
         a8:29:1c:90:82:39:de:62:93:ef:ae:41:c5:0a:0b:47:6a:4a:
         c8:71:49:5d:08:00:cf:c6:fa:e2:d0:9c:43:d0:69:19:5c:72:
         2a:5d:78:6f:ec:1f:75:56:99:86:79:7e:4a:49:22:9d:a6:23:
         bc:7c:eb:ee:70:44:a1:50:8c:40:5e:26:73:fd:77:e4:94:e0:
         51:22:5d:e3:5c:59:9d:34:ae:37:a5:ae:68:dc:52:d7:21:20:
         5d:27:bc:9c:7d:1b:c0:0f:95:02:54:26:12:75:e5:18:86:71:
         85:c8:54:49:c7:c3:51:1e:ae:fb:1a:60:47:04:72:b6:ca:69:
         ca:0a:d6:5f:0a:17:42:69:7b:9a:4e:02:c9:43:e8:72:33:0b:
         3d:bd:fc:50:02:9a:a6:dc:64:99:c7:e3:4c:e7:4a:70:b3:18:
         b3:12:f3:dd:ec:cd:d0:9d:f1:a6:b3:42:78:9b:08:e7:65:3e:
         2e:5c:02:65:81:81:d4:1b:a1:36:02:f2:e3:27:58:63:61:bf:
         51:e4:1e:2c:7c:58:ad:8f:a1:3d:6c:30:54:3d:56:f8:6c:93:
         c9:21:d5:13
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RkFGRjExMC8GA1UEBRMoNTFENTMxQUVGN0EwODdDMThFMzAxRTBFNkEyQzYzNzFC
MjY0QzNFODAeFw0yMzA4MjQxNzU1MjRaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTc5OThjLWYxNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8n+gxoaN69tikW+flM49roPE1Hblxyo9pwPqTQCDzJug8pnUHvZMXBvtDQwJJ
AyS/dEdJx7Xdr4kTSKBXgOtQNBKosgpvdMAPjNRmwsM4nZlIfPrXZCDgs+YFvwX/
Z/XLNNdsxhleEPiQTKIgustheP+o82NX9eOZfsJlmi8I+eZMUvXu+He3hlCK1vtG
aA3pEbTy57wIIN3wri12woXbqVkiZi2Ncx4u+8topMqZATlK/XwQpbXBPbIHdxbt
/kx2zxgJXgzY6+fB3SnBYKPEDNpXPXcqq3Gyg49A1aDorpAMr7T/JrUHI2mApGlM
jcXZlJq+bfVFXaOoAICTLbwNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoyXGXWJ9
SUWfvR6hiZr8IfgyY1owHwYDVR0jBBgwFoAUUdUxrvegh8GOMB4OaixjcbJkw+gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGQUZGL0QwNjExRjA0Q0M0
NDExRUQ5QTcxRTEwQ0M0RjlBRTAyL1VkVXhydmVnaDhHT01CNE9haXhqY2JKa3ct
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWRVeHJ2ZWdoOEdPTUI0T2FpeGpjYkprdy1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RkFGRi9EMDYxMUYwNENDNDQxMUVEOUE3MUUxMENDNEY5QUUwMi9FM0Y1QzFBNDM2
MDMxMUVFQkUxNEY0NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd5BjANBgkqhkiG9w0BAQsFAAOCAQEAlbTVka6fFWY85K2q
3qi2RLylvZFsEWuPqWA1942Mz4yRXpoJqCkckII53mKT765BxQoLR2pKyHFJXQgA
z8b64tCcQ9BpGVxyKl14b+wfdVaZhnl+SkkinaYjvHzr7nBEoVCMQF4mc/135JTg
USJd41xZnTSuN6WuaNxS1yEgXSe8nH0bwA+VAlQmEnXlGIZxhchUScfDUR6u+xpg
RwRytsppygrWXwoXQml7mk4CyUPocjMLPb38UAKaptxkmcfjTOdKcLMYsxLz3ezN
0J3xprNCeJsI52U+LlwCZYGB1BuhNgLy4ydYY2G/UeQeLHxYrY+hPWwwVD1W+GyT
ySHVEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org