Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/29BFE0BAE9F411EBAF255D3EC4F9AE02.roa
File:                     29BFE0BAE9F411EBAF255D3EC4F9AE02.roa (raw, json)
Hash identifier:          WbZukZwWFqasGHBvsOhkvRPKsnRTFvjh+HZcWiYwTPM=
Subject key identifier:   52:F6:D9:A6:9C:FE:93:C4:7B:08:87:80:47:F6:9C:E0:F7:61:38:9A
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       052A
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/29BFE0BAE9F411EBAF255D3EC4F9AE02.roa
Signing time:             Fri 13 Oct 2023 00:52:57 +0000
ROA not before:           Fri 13 Oct 2023 00:52:57 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     134428
IP address blocks:        103.234.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 08:57:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1322 (0x52a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Oct 13 00:52:57 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=652894e8-b01b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6b:c2:9f:d3:75:f9:17:c9:30:ee:dd:d4:8b:
                    ea:b1:75:b0:8e:1b:fa:b3:d0:a9:77:9e:a0:8d:76:
                    ed:0a:83:a0:2a:7c:48:7c:ae:d4:05:a4:55:0c:73:
                    ae:f8:48:ff:53:4d:3a:55:d4:e7:30:e0:f9:90:45:
                    5a:c5:d4:c2:30:9b:05:6d:c1:7f:e6:d6:19:60:89:
                    f3:3d:7b:b9:05:14:b0:19:0a:16:dc:07:0a:f4:8d:
                    11:69:43:37:52:7d:ff:6e:84:a9:fa:5e:c6:d7:72:
                    39:19:93:4f:63:fc:7e:19:c9:80:fb:8f:8a:0d:b1:
                    60:ac:d8:f0:16:d6:c2:4a:3f:8a:5e:2e:9c:d8:aa:
                    97:53:f1:3c:24:5d:82:a1:8a:d1:31:66:73:e8:d3:
                    dc:48:40:1d:19:8b:2b:99:b0:7f:d4:6f:2f:98:c6:
                    b9:df:e8:29:b0:df:0b:a4:ec:86:f3:f1:68:5d:5e:
                    b5:4f:7f:d9:2d:d9:cd:da:1a:ef:42:50:87:13:43:
                    a4:28:8e:6a:f5:78:83:1c:d6:94:64:b7:de:18:33:
                    cb:f6:5a:bf:9a:8a:a2:74:cf:58:f0:e0:1f:8e:0a:
                    8c:61:54:09:83:21:7e:d5:02:ad:df:44:8c:d3:a7:
                    c7:6e:45:42:36:b3:fb:d9:eb:1c:02:d7:89:4b:59:
                    f3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F6:D9:A6:9C:FE:93:C4:7B:08:87:80:47:F6:9C:E0:F7:61:38:9A
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/29BFE0BAE9F411EBAF255D3EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.234.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:c3:d8:8a:b0:2a:89:19:8f:05:7e:48:a4:ca:38:59:56:aa:
         de:22:28:57:92:3e:7c:f9:44:70:ce:bc:e6:16:3e:0d:6d:75:
         a4:6c:49:d6:ff:d7:e2:d2:18:c4:9c:bd:54:44:01:d9:b9:78:
         d8:59:2f:c0:ff:25:e8:ba:7a:53:3b:dc:c9:30:14:29:d0:ff:
         d4:13:a4:95:38:f2:24:c9:29:2a:32:11:96:51:96:51:b5:05:
         36:3a:85:5d:b1:c8:b0:9d:4c:d8:0c:71:d6:53:0c:59:26:62:
         90:68:ed:96:a5:c9:4b:d2:56:74:94:4d:82:af:dd:62:8e:0c:
         eb:f4:31:7d:6f:ee:8f:77:f1:40:a5:e1:98:36:59:8e:5f:5d:
         bc:d1:3b:73:1b:a8:6e:07:3b:70:85:c5:64:ff:77:d2:0a:89:
         ca:0a:ef:82:24:32:43:1e:50:8a:c4:02:fa:ae:c9:44:e3:00:
         7e:4f:11:d2:1e:f3:d8:1d:2c:4c:3c:c0:52:43:ff:97:98:bd:
         35:55:b8:e4:c8:d8:c0:4e:32:71:58:e1:07:66:81:c4:98:13:
         ba:ad:b3:a2:39:d7:ba:48:44:0e:5a:17:83:d3:6f:a2:e3:0d:
         72:ce:ec:bd:2b:74:7c:1a:9e:45:29:64:9a:37:7e:19:26:bf:
         e6:8d:58:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEzMDA1MjU3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4OTRlOC1iMDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxWvCn9N1+RfJMO7d1IvqsXWwjhv6s9Cpd56gjXbtCoOgKnxIfK7UBaRVDHOu
+Ej/U006VdTnMOD5kEVaxdTCMJsFbcF/5tYZYInzPXu5BRSwGQoW3AcK9I0RaUM3
Un3/boSp+l7G13I5GZNPY/x+GcmA+4+KDbFgrNjwFtbCSj+KXi6c2KqXU/E8JF2C
oYrRMWZz6NPcSEAdGYsrmbB/1G8vmMa53+gpsN8LpOyG8/FoXV61T3/ZLdnN2hrv
QlCHE0OkKI5q9XiDHNaUZLfeGDPL9lq/moqidM9Y8OAfjgqMYVQJgyF+1QKt30SM
06fHbkVCNrP72escAteJS1nztQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFL22aac
/pPEewiHgEf2nOD3YTiaMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMjlCRkUwQkFF
OUY0MTFFQkFGMjU1RDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn6jQwDQYJKoZIhvcNAQELBQADggEBABLD2IqwKokZjwV+
SKTKOFlWqt4iKFeSPnz5RHDOvOYWPg1tdaRsSdb/1+LSGMScvVREAdm5eNhZL8D/
Jei6elM73MkwFCnQ/9QTpJU48iTJKSoyEZZRllG1BTY6hV2xyLCdTNgMcdZTDFkm
YpBo7ZalyUvSVnSUTYKv3WKODOv0MX1v7o938UCl4Zg2WY5fXbzRO3MbqG4HO3CF
xWT/d9IKicoK74IkMkMeUIrEAvquyUTjAH5PEdIe89gdLEw8wFJD/5eYvTVVuOTI
2MBOMnFY4QdmgcSYE7qts6I517pIRA5aF4PTb6LjDXLO7L0rdHwankUpZJo3fhkm
v+aNWAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org