Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/B757C530D65711EEA86B5920C4F9AE02.roa
File:                     B757C530D65711EEA86B5920C4F9AE02.roa (raw, json)
Hash identifier:          vp1+8TeW+0u6EW+18wA0v0kFlwWY+7jmjv7n+E+klmQ=
Subject key identifier:   85:67:3F:0E:60:8A:7A:0E:C3:80:06:DB:8E:D4:8A:F2:62:FF:B4:0E
Certificate issuer:       /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial:       0429
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/B757C530D65711EEA86B5920C4F9AE02.roa
Signing time:             Wed 28 Feb 2024 16:37:52 +0000
ROA not before:           Wed 28 Feb 2024 16:37:52 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     30938
IP address blocks:        103.101.84.0/24 maxlen: 24
                          103.101.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 14:38:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1065 (0x429)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
        Validity
            Not Before: Feb 28 16:37:52 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65df6160-9f90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:29:47:84:4a:71:8f:b5:97:b9:5c:6f:2b:1c:
                    0f:ad:9c:04:26:fe:68:ba:87:dd:55:ab:57:1d:44:
                    ae:5e:fa:1b:2d:d1:0f:88:7e:5b:8b:94:18:58:db:
                    21:65:77:87:ee:83:df:75:97:35:04:16:da:14:df:
                    4f:0a:57:a7:3b:4f:5b:c9:5e:11:8b:a4:17:2c:80:
                    f4:da:70:41:c7:32:9f:1c:fa:a5:25:09:98:ef:a8:
                    37:a3:10:16:00:ec:64:ed:fb:ec:8a:6e:5e:a7:a8:
                    f7:67:50:dd:73:0a:8c:99:46:51:5e:36:80:5e:f9:
                    ab:2e:f2:58:01:95:75:17:2d:85:ec:da:2f:86:a9:
                    72:6d:2b:0f:99:5a:9c:e2:09:0b:0b:f1:46:d6:1c:
                    d5:a3:c7:fe:99:d2:9d:47:7f:8b:88:3a:87:ea:59:
                    b7:f1:a9:6a:37:af:b8:85:4a:23:41:f0:ea:55:85:
                    72:2d:fd:84:2c:82:a5:82:91:70:22:18:a7:af:9d:
                    8c:30:2d:43:34:33:7f:55:79:a0:24:0d:31:35:d0:
                    a4:80:ba:c8:6b:45:90:d2:ae:3c:cf:da:3c:bd:85:
                    27:cb:34:d5:d1:d7:14:f8:9f:8a:4e:dd:c3:14:bc:
                    95:2a:27:16:5f:56:aa:9f:30:72:eb:3d:fe:bb:77:
                    62:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:67:3F:0E:60:8A:7A:0E:C3:80:06:DB:8E:D4:8A:F2:62:FF:B4:0E
            X509v3 Authority Key Identifier:
                keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/B757C530D65711EEA86B5920C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:9f:e1:cc:6f:f5:ad:31:59:4b:64:67:4c:a9:72:d2:8a:49:
         05:cb:72:ac:e0:31:80:dd:f0:9c:77:56:36:50:2d:f1:74:ed:
         4b:87:cc:18:0e:f4:5f:17:20:98:85:31:74:a7:99:8c:d0:9e:
         f7:da:12:1c:87:32:7d:c2:9f:40:f1:a4:4d:41:33:f3:fc:8a:
         87:18:c4:74:f2:e7:db:5c:79:8a:32:b9:07:95:36:b0:5b:5b:
         9d:ee:3e:a0:f8:76:ec:b2:53:18:22:c5:3d:06:57:2a:eb:29:
         2d:50:b5:2f:5a:cc:6e:fb:0e:04:49:da:eb:a0:dc:7c:91:74:
         46:49:ba:78:c3:27:51:25:d4:9d:81:c7:ea:69:18:46:a5:d9:
         a2:98:b4:36:60:b4:af:9e:c4:a2:3f:be:1d:cd:13:e8:29:9a:
         46:44:3b:2f:ac:24:be:42:4b:69:46:63:59:a2:8a:75:7b:19:
         4a:a5:c7:11:3b:21:ca:b2:73:fe:3d:53:0e:77:4a:aa:37:73:
         f2:e9:2f:32:78:c9:87:d6:a3:9f:cb:d6:0f:8a:6b:3d:1c:01:
         a7:ab:8f:c6:a6:1b:d0:51:85:45:7f:9d:78:db:a2:9d:d0:56:
         75:63:12:a6:97:39:09:73:a0:f5:32:0b:1b:29:a3:2f:51:2a:
         e5:0f:a0:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwMjI4MTYzNzUyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmNjE2MC05ZjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtSlHhEpxj7WXuVxvKxwPrZwEJv5ouofdVatXHUSuXvobLdEPiH5bi5QYWNsh
ZXeH7oPfdZc1BBbaFN9PClenO09byV4Ri6QXLID02nBBxzKfHPqlJQmY76g3oxAW
AOxk7fvsim5ep6j3Z1DdcwqMmUZRXjaAXvmrLvJYAZV1Fy2F7NovhqlybSsPmVqc
4gkLC/FG1hzVo8f+mdKdR3+LiDqH6lm38alqN6+4hUojQfDqVYVyLf2ELIKlgpFw
Ihinr52MMC1DNDN/VXmgJA0xNdCkgLrIa0WQ0q48z9o8vYUnyzTV0dcU+J+KTt3D
FLyVKicWX1aqnzBy6z3+u3dinQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIVnPw5g
inoOw4AG247UivJi/7QOMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvQjc1N0M1MzBE
NjU3MTFFRUE4NkI1OTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZVQwDQYJKoZIhvcNAQELBQADggEBAHef4cxv9a0xWUtk
Z0ypctKKSQXLcqzgMYDd8Jx3VjZQLfF07UuHzBgO9F8XIJiFMXSnmYzQnvfaEhyH
Mn3Cn0DxpE1BM/P8iocYxHTy59tceYoyuQeVNrBbW53uPqD4duyyUxgixT0GVyrr
KS1QtS9azG77DgRJ2uug3HyRdEZJunjDJ1El1J2Bx+ppGEal2aKYtDZgtK+exKI/
vh3NE+gpmkZEOy+sJL5CS2lGY1miinV7GUqlxxE7Icqyc/49Uw53Sqo3c/LpLzJ4
yYfWo5/L1g+Kaz0cAaerj8amG9BRhUV/nXjbop3QVnVjEqaXOQlzoPUyCxspoy9R
KuUPoPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org