Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/758221AAFDE911EEB42ED448C4F9AE02.roa
File:                     758221AAFDE911EEB42ED448C4F9AE02.roa (raw, json)
Hash identifier:          4ELjEf2vBJo0tvZhX+Grbe3CSQWFAytRCQmbhQUmvUU=
Subject key identifier:   20:DB:75:6C:3B:0F:4C:B3:F1:CB:7C:00:91:76:9D:F9:8A:C3:49:9C
Certificate issuer:       /CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Certificate serial:       0107
Authority key identifier: 0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/758221AAFDE911EEB42ED448C4F9AE02.roa
Signing time:             Fri 19 Apr 2024 01:09:24 +0000
ROA not before:           Fri 19 Apr 2024 01:09:24 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     34665
IP address blocks:        103.71.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 14:15:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 263 (0x107)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
        Validity
            Not Before: Apr 19 01:09:24 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=6621c443-32ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:60:40:25:67:fa:b0:ee:67:cc:14:f8:eb:8c:
                    7d:7b:c6:12:3d:03:b6:a3:bb:19:a8:d8:1b:c3:43:
                    de:31:9d:9c:2c:c9:d7:8c:82:c0:8d:66:b7:fd:9c:
                    60:ff:43:14:83:e0:57:9c:65:54:6d:ce:2e:a4:ce:
                    ca:ac:d9:ff:a2:48:ca:fe:9e:e3:04:29:2a:f1:bb:
                    39:89:3e:25:97:75:65:6e:52:ac:62:af:f3:10:cb:
                    3a:58:81:cc:e1:d9:29:ad:f2:ed:7c:c7:f9:9c:ec:
                    47:9d:81:cd:26:97:e0:29:9b:6f:57:29:1a:3e:06:
                    10:cb:a4:ff:ac:b2:22:91:3a:ba:54:90:49:c3:d8:
                    19:79:0c:02:db:a7:8d:68:59:2b:32:21:7e:90:26:
                    fc:04:a3:66:d7:db:02:5b:1e:9b:fe:96:e0:4b:26:
                    d9:76:68:e4:2a:ed:50:a6:ba:ab:19:db:e5:8d:5e:
                    fe:69:4a:a3:de:c7:90:42:9b:e9:4e:42:c3:b4:ca:
                    06:0a:ab:d3:5d:a4:b8:d3:34:dc:3e:81:17:67:44:
                    08:9f:1c:25:75:8b:a7:8d:a0:8e:cf:6d:69:c5:5d:
                    40:84:63:ec:39:ae:40:5b:1e:e9:80:59:4c:a0:84:
                    d5:a9:89:36:0f:f9:c2:93:87:46:b6:4a:e0:28:44:
                    2f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DB:75:6C:3B:0F:4C:B3:F1:CB:7C:00:91:76:9D:F9:8A:C3:49:9C
            X509v3 Authority Key Identifier:
                keyid:0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/DHadpEmC9hZQNilD5t_vlRuXd_o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/758221AAFDE911EEB42ED448C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.71.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:56:43:0a:fa:bb:62:04:47:f9:b1:de:12:33:fc:0a:97:4c:
         72:7c:8a:42:44:b0:78:83:ab:6f:8a:e5:5d:f6:64:a2:ae:db:
         4a:0d:52:e3:b7:e6:b1:04:fd:71:d9:29:e7:1c:f4:73:d4:e0:
         56:2b:17:41:65:65:61:48:91:a5:16:88:61:61:93:aa:03:a5:
         af:90:58:e5:9d:c9:7a:e2:31:63:58:57:3a:cd:b7:aa:b8:02:
         9f:fa:6f:bc:5f:f4:00:d4:35:65:e7:08:3b:39:98:8a:0a:dd:
         c8:08:10:ce:4d:5f:c8:dd:91:5e:db:ed:d5:f4:0f:ab:ae:d9:
         c1:4d:f4:12:15:26:99:33:63:c7:91:d6:44:50:f1:c1:c9:00:
         d9:72:8e:f5:13:dc:61:d4:a9:6a:03:0a:1e:06:1f:f1:5d:ea:
         cc:50:5e:f3:84:7d:62:b6:19:0b:a2:fd:d0:9e:c0:9b:33:cd:
         03:81:1d:c9:14:e8:03:f8:ae:a9:67:65:79:a2:14:22:92:1d:
         81:c2:e9:c8:db:38:9c:1f:30:b2:ee:bd:87:04:db:c3:03:40:
         bd:db:9e:bf:70:d5:d7:c2:97:ad:a1:1d:0b:94:1f:51:37:d5:
         b8:32:54:df:d1:cd:03:17:22:d1:e2:14:89:78:39:19:e9:db:
         88:c4:49:1f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTZEREIxMTAvBgNVBAUTKDBDNzY5REE0NDk4MkY2MTY1MDM2Mjk0M0U2REZFRjk1
MUI5Nzc3RkEwHhcNMjQwNDE5MDEwOTI0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxYzQ0My0zMmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2BAJWf6sO5nzBT464x9e8YSPQO2o7sZqNgbw0PeMZ2cLMnXjILAjWa3/Zxg
/0MUg+BXnGVUbc4upM7KrNn/okjK/p7jBCkq8bs5iT4ll3VlblKsYq/zEMs6WIHM
4dkprfLtfMf5nOxHnYHNJpfgKZtvVykaPgYQy6T/rLIikTq6VJBJw9gZeQwC26eN
aFkrMiF+kCb8BKNm19sCWx6b/pbgSybZdmjkKu1QprqrGdvljV7+aUqj3seQQpvp
TkLDtMoGCqvTXaS40zTcPoEXZ0QInxwldYunjaCOz21pxV1AhGPsOa5AWx7pgFlM
oITVqYk2D/nCk4dGtkrgKEQv3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCDbdWw7
D0yz8ct8AJF2nfmKw0mcMB8GA1UdIwQYMBaAFAx2naRJgvYWUDYpQ+bf75Ubl3f6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkREQi9FMUNEQ0REMkJF
MUIxMUVEQTYxQUNEODRDNEY5QUUwMi9ESGFkcEVtQzloWlFOaWxENXRfdmxSdVhk
X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RIYWRwRW1DOWhaUU5pbEQ1dF92bFJ1WGRfby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTZEREIvRTFDRENERDJCRTFCMTFFREE2MUFDRDg0QzRGOUFFMDIvNzU4MjIxQUFG
REU5MTFFRUI0MkVENDQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnR18wDQYJKoZIhvcNAQELBQADggEBAIpWQwr6u2IER/mx
3hIz/AqXTHJ8ikJEsHiDq2+K5V32ZKKu20oNUuO35rEE/XHZKecc9HPU4FYrF0Fl
ZWFIkaUWiGFhk6oDpa+QWOWdyXriMWNYVzrNt6q4Ap/6b7xf9ADUNWXnCDs5mIoK
3cgIEM5NX8jdkV7b7dX0D6uu2cFN9BIVJpkzY8eR1kRQ8cHJANlyjvUT3GHUqWoD
Ch4GH/Fd6sxQXvOEfWK2GQui/dCewJszzQOBHckU6AP4rqlnZXmiFCKSHYHC6cjb
OJwfMLLuvYcE28MDQL3bnr9w1dfCl62hHQuUH1E31bgyVN/RzQMXItHiFIl4ORnp
24jESR8=
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:34 2024 by rpki-client on console-fra.rpki-client.org