Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9110724/8AD1DB58409911EE9BD7E442C4F9AE02/97C9DF66441511EE8B8A9C0FC4F9AE02.roa
File:                     97C9DF66441511EE8B8A9C0FC4F9AE02.roa (raw, json)
Hash identifier:          Tr8pId1o7aXo4zdWhbHbuMZ3futXso0SKqeaPhT9kvc=
Subject key identifier:   7C:26:7A:D7:6F:EC:BE:A3:D4:72:76:69:8F:AD:3F:6D:1C:BB:54:E0
Certificate issuer:       /CN=A9110724/serialNumber=81FF85ECAECC53DB74530860714559B7E5184541
Certificate serial:       0F
Authority key identifier: 81:FF:85:EC:AE:CC:53:DB:74:53:08:60:71:45:59:B7:E5:18:45:41
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gf-F7K7MU9t0UwhgcUVZt-UYRUE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9110724/8AD1DB58409911EE9BD7E442C4F9AE02/97C9DF66441511EE8B8A9C0FC4F9AE02.roa
Signing time:             Mon 28 Aug 2023 15:17:10 +0000
ROA not before:           Mon 28 Aug 2023 15:17:10 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     136479
IP address blocks:        103.255.204.0/24 maxlen: 24
                          103.255.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 08:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9110724/serialNumber=81FF85ECAECC53DB74530860714559B7E5184541
        Validity
            Not Before: Aug 28 15:17:10 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=64ecba76-c20f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:73:45:c0:b9:63:c0:76:8d:b3:32:12:a8:59:
                    f4:24:74:be:47:1d:13:12:0b:dc:ba:3e:5e:8a:03:
                    84:f5:da:fd:ed:8d:b1:6b:ff:18:0b:fa:4d:95:46:
                    45:3e:9a:40:81:e1:f2:16:d9:a9:09:d1:13:e4:7b:
                    24:eb:d0:71:c8:c4:31:f2:0c:65:82:ef:a6:d1:26:
                    4c:83:e3:a8:04:6f:33:37:e4:6d:66:b1:dd:fb:39:
                    fa:91:d3:4c:b7:8c:c3:82:fa:b2:71:1c:d1:75:22:
                    80:03:92:ef:45:82:54:01:08:9e:d1:d0:2e:a1:d6:
                    7d:85:37:b3:c5:0c:d6:0d:65:c9:84:4a:69:54:f0:
                    d1:96:e2:04:61:af:1e:b5:62:02:fc:81:0c:eb:a6:
                    78:ac:29:e3:e2:07:f4:52:18:a7:51:31:f3:ce:4a:
                    ad:42:a2:f8:60:cf:62:bd:02:f3:40:aa:6e:22:08:
                    57:9f:a6:9b:34:70:6f:90:a3:84:15:40:ed:bf:ac:
                    23:7a:6d:ba:2e:4a:52:1c:a8:ee:f7:19:4e:57:45:
                    58:0e:a4:23:13:55:43:0b:8c:26:51:d3:71:f8:78:
                    4d:75:69:89:90:85:49:88:47:77:5b:cf:88:ca:83:
                    9d:87:42:e3:95:d4:ef:69:8f:7d:ab:b0:68:4d:dc:
                    77:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:26:7A:D7:6F:EC:BE:A3:D4:72:76:69:8F:AD:3F:6D:1C:BB:54:E0
            X509v3 Authority Key Identifier:
                keyid:81:FF:85:EC:AE:CC:53:DB:74:53:08:60:71:45:59:B7:E5:18:45:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9110724/8AD1DB58409911EE9BD7E442C4F9AE02/gf-F7K7MU9t0UwhgcUVZt-UYRUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gf-F7K7MU9t0UwhgcUVZt-UYRUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110724/8AD1DB58409911EE9BD7E442C4F9AE02/97C9DF66441511EE8B8A9C0FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.255.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         60:13:86:af:0c:c1:32:c6:8c:4b:a8:d1:98:be:82:fc:1f:ba:
         64:8c:75:22:2c:d7:35:1c:33:c2:ff:d9:cc:20:a3:27:57:a7:
         a2:82:d4:66:e5:10:5c:4b:d2:22:a6:33:27:1a:92:8e:9a:43:
         e2:11:d6:ca:ce:eb:04:5b:5d:b6:8c:64:26:46:e4:3a:f3:0b:
         c5:2d:2f:a4:7f:11:38:83:a3:6a:48:88:ff:25:da:c1:eb:24:
         64:26:c0:37:a7:96:56:6c:85:e3:4c:a3:2c:e6:03:7b:a7:ed:
         df:06:5e:a4:dc:50:ce:5f:88:2b:34:af:4e:32:55:43:45:c2:
         8f:1c:88:d5:fc:c6:0e:c1:39:3d:4b:3d:4e:d5:2d:b3:bf:0e:
         65:99:3f:8e:59:c4:76:cd:e5:6c:c2:63:e1:17:66:75:41:25:
         c1:92:bc:f9:93:a8:01:aa:2a:1f:0b:99:a3:20:9b:82:45:e3:
         e3:b3:5f:e9:4c:8f:1b:5e:58:32:4c:c3:16:4c:d9:88:14:84:
         e4:a4:18:3e:88:5f:b6:33:70:c6:2a:23:a9:da:56:4c:47:c7:
         dd:5e:1b:2e:ba:a1:d6:56:45:b3:16:d4:a8:68:3a:16:21:1e:
         2f:77:a5:3d:31:14:ca:50:f2:7b:fc:6d:d5:61:ce:f7:d5:df:
         6e:e2:34:98
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MDcyNDExMC8GA1UEBRMoODFGRjg1RUNBRUNDNTNEQjc0NTMwODYwNzE0NTU5QjdF
NTE4NDU0MTAeFw0yMzA4MjgxNTE3MTBaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWNiYTc2LWMyMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNc0XAuWPAdo2zMhKoWfQkdL5HHRMSC9y6Pl6KA4T12v3tjbFr/xgL+k2VRkU+
mkCB4fIW2akJ0RPkeyTr0HHIxDHyDGWC76bRJkyD46gEbzM35G1msd37OfqR00y3
jMOC+rJxHNF1IoADku9FglQBCJ7R0C6h1n2FN7PFDNYNZcmESmlU8NGW4gRhrx61
YgL8gQzrpnisKePiB/RSGKdRMfPOSq1Covhgz2K9AvNAqm4iCFefpps0cG+Qo4QV
QO2/rCN6bbouSlIcqO73GU5XRVgOpCMTVUMLjCZR03H4eE11aYmQhUmIR3dbz4jK
g52HQuOV1O9pj32rsGhN3He/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfCZ612/s
vqPUcnZpj60/bRy7VOAwHwYDVR0jBBgwFoAUgf+F7K7MU9t0UwhgcUVZt+UYRUEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwNzI0LzhBRDFEQjU4NDA5
OTExRUU5QkQ3RTQ0MkM0RjlBRTAyL2dmLUY3SzdNVTl0MFV3aGdjVVZadC1VWVJV
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ2YtRjdLN01VOXQwVXdoZ2NVVlp0LVVZUlVFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDcyNC84QUQxREI1ODQwOTkxMUVFOUJEN0U0NDJDNEY5QUUwMi85N0M5REY2NjQ0
MTUxMUVFOEI4QTlDMEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf/zDANBgkqhkiG9w0BAQsFAAOCAQEAYBOGrwzBMsaMS6jR
mL6C/B+6ZIx1IizXNRwzwv/ZzCCjJ1enooLUZuUQXEvSIqYzJxqSjppD4hHWys7r
BFtdtoxkJkbkOvMLxS0vpH8ROIOjakiI/yXaweskZCbAN6eWVmyF40yjLOYDe6ft
3wZepNxQzl+IKzSvTjJVQ0XCjxyI1fzGDsE5PUs9TtUts78OZZk/jlnEds3lbMJj
4RdmdUElwZK8+ZOoAaoqHwuZoyCbgkXj47Nf6UyPG15YMkzDFkzZiBSE5KQYPohf
tjNwxiojqdpWTEfH3V4bLrqh1lZFsxbUqGg6FiEeL3elPTEUylDye/xt1WHO99Xf
buI0mA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org