Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EA52B222E2D911EEAC0AFA69C4F9AE02.roa
File:                     EA52B222E2D911EEAC0AFA69C4F9AE02.roa (raw, json)
Hash identifier:          kdshpTKyJd8DtzrZ0GgT2YafJhOYgOx1aX8Whcrl2TU=
Subject key identifier:   2F:E7:C1:2F:8D:26:1B:A3:67:AF:5F:1B:EC:CA:28:27:92:9C:11:BE
Certificate issuer:       /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial:       0438
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EA52B222E2D911EEAC0AFA69C4F9AE02.roa
Signing time:             Fri 15 Mar 2024 14:40:06 +0000
ROA not before:           Fri 15 Mar 2024 14:40:06 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        103.101.84.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 07:43:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1080 (0x438)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
        Validity
            Not Before: Mar 15 14:40:06 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65f45dc6-8073
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a7:7d:63:cf:2c:be:13:22:e4:2a:e6:3f:2b:
                    1f:98:67:8e:08:56:c1:b0:62:cb:a0:39:fb:36:7f:
                    cd:fe:26:dd:39:f8:e4:54:cf:b4:e5:24:ff:d7:6b:
                    50:ec:23:5a:f6:d7:7e:12:57:9c:c0:ab:77:45:b7:
                    74:1b:ac:89:90:f3:94:30:35:62:ae:b2:b1:67:21:
                    1e:a0:ce:24:9b:b7:a0:5c:5f:63:bc:91:5f:c8:75:
                    55:3e:35:13:df:e5:69:be:2e:7e:ac:f1:ec:6a:c0:
                    34:4a:74:60:f0:03:c3:35:e1:62:cd:cb:b7:1f:e5:
                    4f:cc:ca:c3:97:f6:ad:23:74:d8:ae:7f:53:ec:32:
                    89:58:76:71:2b:07:43:8f:78:0c:65:15:4e:09:7e:
                    bd:29:c5:b3:f0:3d:a5:32:6d:7d:56:17:45:30:18:
                    ed:ca:ad:ae:1f:98:1c:1b:aa:b1:dd:53:0e:21:77:
                    75:ae:9d:66:78:7a:91:38:3d:d5:22:89:94:41:07:
                    78:66:e9:29:90:0b:ab:86:0a:99:70:3c:83:39:e5:
                    8a:61:48:79:eb:4d:7e:02:6b:97:81:8f:45:3b:9f:
                    16:8e:43:0f:ac:4c:a4:92:2b:5f:a0:49:c9:4f:68:
                    6a:1e:bc:2c:90:2d:d1:07:4f:f7:6e:db:91:a8:6c:
                    c4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:E7:C1:2F:8D:26:1B:A3:67:AF:5F:1B:EC:CA:28:27:92:9C:11:BE
            X509v3 Authority Key Identifier:
                keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/EA52B222E2D911EEAC0AFA69C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:05:32:43:11:5e:2f:6e:b7:f3:a9:0c:18:35:57:81:6e:87:
         8b:ed:3d:c0:36:6f:60:9a:18:9b:33:aa:88:11:6e:f9:f3:da:
         a2:c1:19:06:29:9f:d4:3f:ce:6e:09:73:86:49:df:07:8a:e1:
         49:60:6d:4c:e3:49:fb:5c:b6:22:82:a8:43:58:e2:b2:0c:3a:
         fe:84:ad:51:61:4d:89:7e:75:5f:87:65:34:35:39:b2:20:61:
         9b:10:ec:d5:b3:a9:4a:1b:39:97:be:16:04:cf:20:fa:18:f6:
         2a:91:8e:2f:83:e3:92:9a:4f:2a:16:c5:25:a9:0a:ec:1b:33:
         7c:59:37:bb:3f:66:12:a9:a1:9f:89:ef:ff:f9:02:c9:ee:94:
         f0:9c:5b:b6:6f:9c:d1:d5:55:97:16:75:b4:2a:41:7b:2d:ee:
         e7:6a:8d:91:48:fc:c0:0e:84:c7:d1:f8:46:62:7a:ea:90:91:
         cb:77:d3:bf:d2:09:75:87:7c:01:71:7c:a9:e8:b5:f9:a3:2b:
         34:c6:8a:b7:bf:34:4e:4e:66:15:fa:d9:c1:0e:46:e2:e7:8d:
         43:d9:07:39:1c:9e:a9:66:a7:c6:3c:b7:f9:34:02:b9:8a:e9:
         26:c2:0d:15:0d:8d:0b:84:33:a6:df:8c:ba:76:19:6f:59:b9:
         94:cb:f2:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjQwMzE1MTQ0MDA2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY0NWRjNi04MDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6d9Y88svhMi5CrmPysfmGeOCFbBsGLLoDn7Nn/N/ibdOfjkVM+05ST/12tQ
7CNa9td+ElecwKt3Rbd0G6yJkPOUMDVirrKxZyEeoM4km7egXF9jvJFfyHVVPjUT
3+Vpvi5+rPHsasA0SnRg8APDNeFizcu3H+VPzMrDl/atI3TYrn9T7DKJWHZxKwdD
j3gMZRVOCX69KcWz8D2lMm19VhdFMBjtyq2uH5gcG6qx3VMOIXd1rp1meHqROD3V
IomUQQd4ZukpkAurhgqZcDyDOeWKYUh5601+AmuXgY9FO58WjkMPrEykkitfoEnJ
T2hqHrwskC3RB0/3btuRqGzEhQIDAQABo4IClTCCApEwHQYDVR0OBBYEFC/nwS+N
JhujZ69fG+zKKCeSnBG+MB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvRUE1MkIyMjJF
MkQ5MTFFRUFDMEFGQTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZVQwDQYJKoZIhvcNAQELBQADggEBAFMFMkMRXi9ut/Op
DBg1V4Fuh4vtPcA2b2CaGJszqogRbvnz2qLBGQYpn9Q/zm4Jc4ZJ3weK4UlgbUzj
SftctiKCqENY4rIMOv6ErVFhTYl+dV+HZTQ1ObIgYZsQ7NWzqUobOZe+FgTPIPoY
9iqRji+D45KaTyoWxSWpCuwbM3xZN7s/ZhKpoZ+J7//5AsnulPCcW7ZvnNHVVZcW
dbQqQXst7udqjZFI/MAOhMfR+EZieuqQkct307/SCXWHfAFxfKnotfmjKzTGire/
NE5OZhX62cEORuLnjUPZBzkcnqlmp8Y8t/k0ArmK6SbCDRUNjQuEM6bfjLp2GW9Z
uZTL8rk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org