Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/07FBE25231D711EF926EB844C4F9AE02.roa
File:                     07FBE25231D711EF926EB844C4F9AE02.roa (raw, json)
Hash identifier:          55kis+ylujtt5KQRtVZyxOlLYqOUJWDuBqK+PxvP6iU=
Subject key identifier:   42:A6:5C:A9:1E:58:65:40:ED:12:2E:E2:CF:49:99:E1:BE:E1:09:1A
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       0617
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/07FBE25231D711EF926EB844C4F9AE02.roa
Signing time:             Mon 24 Jun 2024 03:08:29 +0000
ROA not before:           Mon 24 Jun 2024 03:08:29 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     137451
IP address blocks:        43.252.208.0/24 maxlen: 24
                          43.252.209.0/24 maxlen: 24
                          43.252.210.0/24 maxlen: 24
                          103.228.64.0/24 maxlen: 24
                          103.234.54.0/24 maxlen: 24
                          150.107.1.0/24 maxlen: 24
                          150.107.2.0/24 maxlen: 24
                          150.107.3.0/24 maxlen: 24
                          150.129.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Aug 2024 08:15:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1559 (0x617)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Jun 24 03:08:29 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6678e32d-000c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:15:3e:a7:bc:fd:06:28:0b:47:6c:41:2d:07:
                    ef:89:84:0f:ad:bd:05:54:0c:59:a6:ed:3d:4a:76:
                    d5:68:3e:d5:fd:6a:36:ac:40:a6:90:1e:41:84:f8:
                    92:2c:aa:27:9c:47:54:5c:f7:69:d3:a4:a9:b0:95:
                    12:0f:44:04:0c:cb:9a:aa:71:57:b2:8c:ea:a5:c6:
                    8c:a2:f0:00:9f:c2:16:79:f1:bd:94:f3:b2:0e:30:
                    da:8d:c0:00:74:a1:77:2b:f5:6b:a5:28:d1:10:37:
                    c8:2a:28:f5:48:00:5f:b7:00:a1:59:71:b8:96:1e:
                    f8:d1:92:68:24:3f:52:20:1f:bf:35:22:83:a1:21:
                    72:57:0f:bc:a4:f9:96:2a:77:44:e5:64:6f:5d:18:
                    7a:2e:68:e3:df:01:7f:e1:67:36:be:7d:96:aa:b3:
                    51:bb:a9:ec:78:b2:38:c3:93:8b:11:9a:e9:2c:5c:
                    09:e0:d9:95:ab:52:d7:5c:e4:7d:44:eb:36:01:20:
                    b7:b3:df:15:23:f1:7c:69:6d:89:15:6e:7c:f9:e9:
                    85:41:08:2e:47:d3:dd:a3:98:82:79:86:ff:6c:e8:
                    81:50:b3:a1:9a:61:36:d5:b6:f1:74:56:60:f7:67:
                    35:45:04:e3:ec:35:14:48:d3:ec:58:d8:1b:37:dc:
                    1b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A6:5C:A9:1E:58:65:40:ED:12:2E:E2:CF:49:99:E1:BE:E1:09:1A
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/07FBE25231D711EF926EB844C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.252.208.0-43.252.210.255
                  103.228.64.0/24
                  103.234.54.0/24
                  150.107.1.0-150.107.3.255
                  150.129.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:a4:a6:a0:cb:16:4d:0f:b6:76:66:7e:a8:25:0b:21:47:66:
         2f:19:e6:4f:13:a9:3a:50:9f:20:96:a9:48:30:b6:5e:52:76:
         63:23:34:60:74:2b:04:c4:10:19:fb:b6:d4:f2:c5:06:9c:6b:
         a9:28:07:ab:c6:86:99:2f:39:a8:0c:e3:56:48:15:a1:95:6d:
         c8:d1:5c:b5:95:dc:66:df:17:02:aa:69:8f:8e:f4:30:44:87:
         88:16:3f:60:ca:a1:95:a2:62:2e:b1:2b:cc:b0:d2:73:8e:75:
         cd:86:49:ae:1b:7b:94:16:db:15:c8:4f:05:71:3c:50:e7:62:
         f9:8d:45:8a:8a:58:8a:04:ea:9f:82:2e:d3:80:1b:0f:60:56:
         0e:7c:56:21:ac:66:59:92:eb:aa:bd:85:5f:b8:9f:21:22:43:
         59:46:98:18:3f:3e:03:9e:a6:3e:5a:71:f8:d4:34:9d:5a:f0:
         72:ca:49:e7:d7:84:8b:aa:49:c3:81:95:96:da:a8:bb:cc:ea:
         72:8a:d1:e5:d1:72:01:73:84:61:cc:ab:8b:84:35:58:ba:a5:
         07:43:7c:a4:c4:ee:48:8a:b5:9b:89:c4:8b:de:2b:6e:68:b3:
         c7:9e:20:f7:8d:1c:3c:68:82:f7:1b:93:b8:84:dd:d6:79:54:
         da:5a:35:39
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQwNjI0MDMwODI5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc4ZTMyZC0wMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRU+p7z9BigLR2xBLQfviYQPrb0FVAxZpu09SnbVaD7V/Wo2rECmkB5BhPiS
LKonnEdUXPdp06SpsJUSD0QEDMuaqnFXsozqpcaMovAAn8IWefG9lPOyDjDajcAA
dKF3K/VrpSjREDfIKij1SABftwChWXG4lh740ZJoJD9SIB+/NSKDoSFyVw+8pPmW
KndE5WRvXRh6Lmjj3wF/4Wc2vn2WqrNRu6nseLI4w5OLEZrpLFwJ4NmVq1LXXOR9
ROs2ASC3s98VI/F8aW2JFW58+emFQQguR9Pdo5iCeYb/bOiBULOhmmE21bbxdFZg
92c1RQTj7DUUSNPsWNgbN9wbZQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEKmXKke
WGVA7RIu4s9JmeG+4QkaMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMDdGQkUyNTIz
MUQ3MTFFRjkyNkVCODQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEBCv80AMEACv80gMEAGfkQAMEAGfqNjAMAwQAlmsBAwQC
lmsAAwQAloEqMA0GCSqGSIb3DQEBCwUAA4IBAQANpKagyxZND7Z2Zn6oJQshR2Yv
GeZPE6k6UJ8glqlIMLZeUnZjIzRgdCsExBAZ+7bU8sUGnGupKAerxoaZLzmoDONW
SBWhlW3I0Vy1ldxm3xcCqmmPjvQwRIeIFj9gyqGVomIusSvMsNJzjnXNhkmuG3uU
FtsVyE8FcTxQ52L5jUWKiliKBOqfgi7TgBsPYFYOfFYhrGZZkuuqvYVfuJ8hIkNZ
RpgYPz4DnqY+WnH41DSdWvByyknn14SLqknDgZWW2qi7zOpyitHl0XIBc4RhzKuL
hDVYuqUHQ3ykxO5IirWbicSL3ituaLPHniD3jRw8aIL3G5O4hN3WeVTaWjU5
-----END CERTIFICATE-----
Generated at Wed Aug 14 10:43:37 2024 by rpki-client on console-fra.rpki-client.org