Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1E150FEE72A811EE9490AA0BC4F9AE02.roa
File:                     1E150FEE72A811EE9490AA0BC4F9AE02.roa (raw, json)
Hash identifier:          ywfZVGw111H1szBpc3SxnPDxeAFiI5u/yAEmx7IahNg=
Subject key identifier:   C2:5E:59:99:23:1C:0F:4A:C2:36:19:E4:60:3C:24:07:D1:D6:9B:8B
Certificate issuer:       /CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
Certificate serial:       03
Authority key identifier: 42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1E150FEE72A811EE9490AA0BC4F9AE02.roa
Signing time:             Tue 24 Oct 2023 20:01:28 +0000
ROA not before:           Tue 24 Oct 2023 20:01:28 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     151805
IP address blocks:        103.218.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 20:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911AB17/serialNumber=42F2791EEAC1FC7D7EC10B69F25E9EE95DAB34E1
        Validity
            Not Before: Oct 24 20:01:28 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65382298-dbb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e0:4a:fc:5a:01:95:bd:66:f1:f5:67:04:e4:
                    10:9d:25:de:79:9b:6c:21:5e:ef:67:16:05:eb:50:
                    6f:0e:33:4e:99:39:69:4f:80:e6:4c:fe:83:43:a9:
                    53:a2:67:3e:0b:bd:31:62:b0:4b:99:46:94:a1:d3:
                    b4:80:a9:42:af:b7:26:a7:59:83:8e:1f:a0:05:25:
                    08:ae:95:e3:f4:ac:77:2a:0b:c0:27:f0:35:44:5e:
                    41:ec:9e:d5:5d:05:22:a4:61:2f:ce:5d:df:7b:fa:
                    d5:73:39:06:04:36:9c:90:bf:1f:bc:5d:f0:08:26:
                    14:5a:f8:52:33:1a:4e:eb:6b:e6:41:ee:ab:7e:cc:
                    44:d9:03:c3:aa:b1:5d:59:bc:fe:3e:13:ef:c6:09:
                    9f:8a:49:ef:95:5d:68:14:fe:23:44:fa:5d:14:38:
                    1e:c3:fa:d2:4a:f3:0d:68:02:dd:a4:79:c4:1f:42:
                    b0:09:fa:25:4b:d9:78:6c:c0:cf:90:5d:f8:b6:a4:
                    64:dc:bd:78:e9:c4:e9:0e:09:1b:2c:b1:69:e8:93:
                    65:5c:d3:65:fe:02:3c:13:ac:a1:e2:9a:1e:94:7d:
                    03:aa:b6:8a:fb:f8:65:77:7a:5d:1f:9b:e3:fb:f2:
                    2e:3d:f1:b3:86:e4:b5:24:b0:e0:7f:2a:85:12:1c:
                    18:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:5E:59:99:23:1C:0F:4A:C2:36:19:E4:60:3C:24:07:D1:D6:9B:8B
            X509v3 Authority Key Identifier:
                keyid:42:F2:79:1E:EA:C1:FC:7D:7E:C1:0B:69:F2:5E:9E:E9:5D:AB:34:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/QvJ5HurB_H1-wQtp8l6e6V2rNOE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QvJ5HurB_H1-wQtp8l6e6V2rNOE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AB17/5966DD2672A711EEB10BE852C4F9AE02/1E150FEE72A811EE9490AA0BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.218.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:2c:f1:ea:ea:a9:d3:fc:40:4d:17:2c:47:6a:2b:ec:08:20:
         78:89:00:35:9c:37:bb:28:6d:86:05:82:40:6f:19:ef:f9:fd:
         d8:dc:ed:85:a8:01:33:3e:95:e4:a8:d0:ad:8f:ea:d8:7f:a0:
         aa:36:53:e6:93:36:11:d4:8a:9b:9a:17:81:b1:70:2a:99:92:
         4a:9e:ed:18:00:a1:63:82:48:f4:1a:be:47:38:a9:e7:0f:44:
         89:e7:54:8b:60:f8:5b:31:60:08:47:5d:a7:b2:dc:45:69:06:
         7f:13:00:6b:aa:75:15:32:5c:58:ff:d9:79:79:49:f0:42:70:
         9f:1e:96:4f:81:e3:c1:33:3c:52:b2:68:0e:2a:ce:9c:ee:95:
         46:4e:cc:74:52:d8:18:f9:5c:0a:b2:74:5e:6f:6f:bf:ec:79:
         bb:11:64:fb:43:51:a0:1b:2c:1b:4a:f5:a0:22:5d:db:ae:34:
         62:7c:0f:d1:a0:78:53:f3:c8:13:66:47:90:60:39:c7:f0:2d:
         a9:5a:ee:7f:b3:3c:a6:98:fc:a5:0f:61:16:b1:54:06:56:84:
         b9:b9:15:fa:0a:00:5d:4a:ea:11:22:11:9d:0e:48:1b:af:b6:
         7a:34:c0:78:32:05:d9:af:a5:07:f2:06:c2:bd:27:65:93:24:
         76:ac:7a:65
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUIxNzExMC8GA1UEBRMoNDJGMjc5MUVFQUMxRkM3RDdFQzEwQjY5RjI1RTlFRTk1
REFCMzRFMTAeFw0yMzEwMjQyMDAxMjhaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MzgyMjk4LWRiYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDP4Er8WgGVvWbx9WcE5BCdJd55m2whXu9nFgXrUG8OM06ZOWlPgOZM/oNDqVOi
Zz4LvTFisEuZRpSh07SAqUKvtyanWYOOH6AFJQiuleP0rHcqC8An8DVEXkHsntVd
BSKkYS/OXd97+tVzOQYENpyQvx+8XfAIJhRa+FIzGk7ra+ZB7qt+zETZA8OqsV1Z
vP4+E+/GCZ+KSe+VXWgU/iNE+l0UOB7D+tJK8w1oAt2kecQfQrAJ+iVL2XhswM+Q
Xfi2pGTcvXjpxOkOCRsssWnok2Vc02X+AjwTrKHimh6UfQOqtor7+GV3el0fm+P7
8i498bOG5LUksOB/KoUSHBh/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwl5ZmSMc
D0rCNhnkYDwkB9HWm4swHwYDVR0jBBgwFoAUQvJ5HurB/H1+wQtp8l6e6V2rNOEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQjE3LzU5NjZERDI2NzJB
NzExRUVCMTBCRTg1MkM0RjlBRTAyL1F2SjVIdXJCX0gxLXdRdHA4bDZlNlYyck5P
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUXZKNUh1ckJfSDEtd1F0cDhsNmU2VjJyTk9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUIxNy81OTY2REQyNjcyQTcxMUVFQjEwQkU4NTJDNEY5QUUwMi8xRTE1MEZFRTcy
QTgxMUVFOTQ5MEFBMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfa4jANBgkqhkiG9w0BAQsFAAOCAQEAYSzx6uqp0/xATRcs
R2or7AggeIkANZw3uyhthgWCQG8Z7/n92NzthagBMz6V5KjQrY/q2H+gqjZT5pM2
EdSKm5oXgbFwKpmSSp7tGAChY4JI9Bq+Rzip5w9EiedUi2D4WzFgCEddp7LcRWkG
fxMAa6p1FTJcWP/ZeXlJ8EJwnx6WT4HjwTM8UrJoDirOnO6VRk7MdFLYGPlcCrJ0
Xm9vv+x5uxFk+0NRoBssG0r1oCJd2640YnwP0aB4U/PIE2ZHkGA5x/AtqVruf7M8
ppj8pQ9hFrFUBlaEubkV+goAXUrqESIRnQ5IG6+2ejTAeDIF2a+lB/IGwr0nZZMk
dqx6ZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org