Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B3F2FF46D2EE11EB9F6FCF80C4F9AE02.roa
File:                     B3F2FF46D2EE11EB9F6FCF80C4F9AE02.roa (raw, json)
Hash identifier:          /MgA15NrfOi6k3tvRAdUai9BagvAJz01Yn+Xi8G6fuw=
Subject key identifier:   2A:EA:DA:4D:38:E9:DE:C3:2D:C5:0D:A8:82:ED:E8:A9:8B:74:B2:40
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       0536
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B3F2FF46D2EE11EB9F6FCF80C4F9AE02.roa
Signing time:             Fri 13 Oct 2023 00:53:08 +0000
ROA not before:           Fri 13 Oct 2023 00:53:08 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     45250
IP address blocks:        103.209.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 08:57:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1334 (0x536)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Oct 13 00:53:08 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=652894f4-e6fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:28:68:e7:74:15:70:eb:56:04:dc:3d:f4:35:
                    fa:c1:bb:7e:85:0d:64:f3:ab:45:1d:d9:18:fc:0f:
                    2b:be:4a:6e:60:94:26:a3:b0:6a:9d:16:3b:c4:20:
                    f3:ba:5e:b1:bf:22:ad:5c:7a:6c:4c:ca:09:a4:e7:
                    68:b7:3e:14:6d:f7:ba:f1:b2:ab:8d:64:2b:d1:ad:
                    96:33:2f:2e:e9:33:1a:9f:a2:83:2a:b0:a5:04:ac:
                    5a:29:92:af:73:f6:ce:58:eb:0b:b9:7f:b0:50:03:
                    50:92:a5:82:35:d0:00:08:99:09:d7:4b:5f:4e:fd:
                    d0:7c:39:01:53:2b:4a:39:41:7f:80:f2:06:67:74:
                    d0:18:81:d6:19:c9:2a:f0:f8:20:32:1c:ec:ac:2b:
                    49:53:57:50:a7:ff:bf:e8:4f:d3:14:8f:3d:72:02:
                    e9:00:a1:d2:a4:6d:36:17:51:ca:58:12:47:b2:1f:
                    8a:b3:3e:b0:8e:33:1c:c7:05:fe:ef:e0:a5:83:eb:
                    1e:e7:fa:4a:8a:1d:8d:67:ba:ab:6a:dd:cb:2b:30:
                    1d:48:dd:4c:81:53:f5:4a:ce:d6:fa:1c:1e:53:8a:
                    ac:05:a6:cd:c7:67:5c:f4:09:b3:51:64:e5:4e:1b:
                    f5:58:a5:46:c5:d4:42:37:5b:1f:07:22:51:4d:38:
                    5e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EA:DA:4D:38:E9:DE:C3:2D:C5:0D:A8:82:ED:E8:A9:8B:74:B2:40
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B3F2FF46D2EE11EB9F6FCF80C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.209.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:64:40:f6:83:40:05:43:66:ea:89:84:39:26:77:d2:a9:04:
         87:5f:49:d0:61:7f:42:37:c3:0e:48:a4:2b:ac:cd:78:71:da:
         cb:92:75:09:1c:59:ff:be:77:6b:b1:6c:e0:b6:0a:8a:bd:f9:
         87:f8:85:a9:cb:37:f2:6e:95:b2:ed:ba:5b:80:df:e8:5b:12:
         90:c6:b7:d9:96:90:f3:ea:1e:b2:83:3d:b6:79:f9:99:c9:ee:
         ed:0e:07:e0:cb:4c:65:18:37:3b:44:fa:eb:54:b2:a1:95:8d:
         df:e9:5c:a9:97:5a:2f:53:ef:26:80:d5:5a:98:d4:25:c8:58:
         7a:57:da:e7:b7:95:37:36:00:8c:24:13:74:be:ed:90:47:06:
         46:86:39:40:e4:98:29:10:73:b4:78:48:ce:d8:3d:8e:06:ae:
         92:26:f4:c4:07:32:61:94:bb:21:35:0c:6e:82:6f:6b:3a:b4:
         73:e4:29:21:de:a2:2d:77:81:61:93:6b:72:41:2c:97:ae:74:
         3a:6f:b0:f9:55:71:de:5e:40:cc:c6:3c:7d:75:bb:c0:a9:6a:
         01:2c:f5:7c:70:01:54:71:3a:ac:95:f7:46:3f:cc:4d:9b:62:
         56:41:47:28:e2:9f:63:e7:62:49:14:ef:46:c3:32:7d:4d:49:
         66:bc:df:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEzMDA1MzA4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4OTRmNC1lNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiho53QVcOtWBNw99DX6wbt+hQ1k86tFHdkY/A8rvkpuYJQmo7BqnRY7xCDz
ul6xvyKtXHpsTMoJpOdotz4Ubfe68bKrjWQr0a2WMy8u6TMan6KDKrClBKxaKZKv
c/bOWOsLuX+wUANQkqWCNdAACJkJ10tfTv3QfDkBUytKOUF/gPIGZ3TQGIHWGckq
8PggMhzsrCtJU1dQp/+/6E/TFI89cgLpAKHSpG02F1HKWBJHsh+Ksz6wjjMcxwX+
7+Clg+se5/pKih2NZ7qrat3LKzAdSN1MgVP1Ss7W+hweU4qsBabNx2dc9AmzUWTl
Thv1WKVGxdRCN1sfByJRTThe3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCrq2k04
6d7DLcUNqILt6KmLdLJAMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQjNGMkZGNDZE
MkVFMTFFQjlGNkZDRjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn0eswDQYJKoZIhvcNAQELBQADggEBAHRkQPaDQAVDZuqJ
hDkmd9KpBIdfSdBhf0I3ww5IpCuszXhx2suSdQkcWf++d2uxbOC2Coq9+Yf4hanL
N/JulbLtuluA3+hbEpDGt9mWkPPqHrKDPbZ5+ZnJ7u0OB+DLTGUYNztE+utUsqGV
jd/pXKmXWi9T7yaA1VqY1CXIWHpX2ue3lTc2AIwkE3S+7ZBHBkaGOUDkmCkQc7R4
SM7YPY4GrpIm9MQHMmGUuyE1DG6Cb2s6tHPkKSHeoi13gWGTa3JBLJeudDpvsPlV
cd5eQMzGPH11u8CpagEs9XxwAVRxOqyV90Y/zE2bYlZBRyjin2PnYkkU70bDMn1N
SWa833k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org