Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/A2AEFF821C7611EDB39EDA39C4F9AE02.roa
File:                     A2AEFF821C7611EDB39EDA39C4F9AE02.roa (raw, json)
Hash identifier:          6MJ8uUVRE2N2yND/odSCEhS/uzQVXd5eqk1j1PMQkOQ=
Subject key identifier:   19:33:0F:09:C9:36:62:82:DF:C5:E0:29:B7:4E:20:7A:41:4D:07:8A
Certificate issuer:       /CN=A912698E/serialNumber=C0B9C11B1B160F321B8AEC4CFCDDDAD895FC47DE
Certificate serial:       0DA8
Authority key identifier: C0:B9:C1:1B:1B:16:0F:32:1B:8A:EC:4C:FC:DD:DA:D8:95:FC:47:DE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLnBGxsWDzIbiuxM_N3a2JX8R94.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/A2AEFF821C7611EDB39EDA39C4F9AE02.roa
Signing time:             Fri 26 Apr 2024 18:37:26 +0000
ROA not before:           Fri 26 Apr 2024 18:37:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     18254
IP address blocks:        103.136.35.0/24 maxlen: 24
                          2404:8ac0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 13 Aug 2024 10:34:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3496 (0xda8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912698E/serialNumber=C0B9C11B1B160F321B8AEC4CFCDDDAD895FC47DE
        Validity
            Not Before: Apr 26 18:37:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=662bf465-5b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f7:b1:11:3f:54:88:10:33:0a:ff:aa:95:24:
                    95:12:a0:53:03:a9:be:64:fa:ed:27:5b:69:3a:b8:
                    8e:55:32:60:9e:a8:cd:1d:47:0e:81:5d:87:3c:1d:
                    ce:b6:b5:b9:66:78:3b:20:bb:0e:0a:b3:c1:16:38:
                    06:b9:05:17:89:b5:f9:12:cb:d4:97:c3:62:55:3e:
                    a9:7d:46:3e:8c:1d:b0:e4:86:cc:ab:52:7d:74:a4:
                    ef:34:63:5e:1f:78:86:42:ac:91:59:5e:94:96:62:
                    8c:78:57:fc:88:b4:af:61:d7:fa:2f:2f:32:47:80:
                    53:32:59:35:bd:cc:76:ab:e7:05:b5:01:81:71:d0:
                    4d:e7:ea:ec:38:91:d5:bc:4d:e7:90:46:c0:3b:35:
                    c0:bc:30:31:5e:0d:7a:3b:70:73:68:17:55:76:6b:
                    d3:78:77:f4:49:99:f6:12:3f:34:0f:9e:b4:03:3b:
                    92:51:5e:65:88:5c:17:9a:8f:d2:31:56:99:21:7a:
                    c2:68:0d:e1:8e:d6:8d:ba:c9:71:54:a8:8b:51:37:
                    e5:46:bb:0b:9a:17:87:e5:2f:ca:5b:2c:36:b9:51:
                    a9:6f:98:ee:30:1a:13:1c:1c:b0:72:84:c8:ae:43:
                    41:ad:de:41:0d:47:ec:fa:3b:97:b9:cf:2d:5a:78:
                    a5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:33:0F:09:C9:36:62:82:DF:C5:E0:29:B7:4E:20:7A:41:4D:07:8A
            X509v3 Authority Key Identifier:
                keyid:C0:B9:C1:1B:1B:16:0F:32:1B:8A:EC:4C:FC:DD:DA:D8:95:FC:47:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/wLnBGxsWDzIbiuxM_N3a2JX8R94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLnBGxsWDzIbiuxM_N3a2JX8R94.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/A2AEFF821C7611EDB39EDA39C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.35.0/24
                IPv6:
                  2404:8ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         90:73:29:71:80:c4:b5:9f:82:e4:2a:31:a3:30:93:1f:31:fd:
         bc:ec:da:b1:30:02:13:ee:52:e5:ec:b0:c2:a1:59:a1:3b:6a:
         c5:db:25:e8:e3:8a:3d:88:55:9a:21:e6:69:82:42:a5:bb:98:
         42:8f:d1:d6:f8:2f:4c:88:ab:4c:40:19:16:0c:58:78:6b:84:
         11:91:89:a7:0a:67:7c:3c:76:60:ff:2c:6c:b6:6d:f4:60:ec:
         b8:d2:38:85:f0:a2:86:ba:ac:14:3d:bb:2b:7d:c1:00:14:ae:
         88:fb:fe:66:7a:ca:49:03:05:ba:2b:2a:6a:ec:ca:21:7f:d8:
         2c:27:aa:20:a5:a4:cc:43:f5:8f:ce:be:20:1d:d4:03:72:28:
         29:56:1d:36:e2:04:64:84:f8:8b:7d:2e:db:3d:f0:33:3d:d0:
         d3:9b:93:80:8e:7e:00:bb:4a:21:87:42:0d:f9:dd:87:60:3e:
         13:aa:c7:99:f5:58:74:19:69:df:95:bf:52:8f:de:f5:8a:86:
         f1:be:fe:6c:f4:e8:87:45:08:e0:c0:59:e1:88:82:a1:1d:d3:
         7d:b8:aa:f5:be:d8:2f:8c:32:cd:68:ab:bd:59:ab:78:58:52:
         f6:d2:b8:1d:4c:77:7a:97:e4:70:af:0b:4d:dc:b1:ca:63:45:
         53:e8:8e:30
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjY5OEUxMTAvBgNVBAUTKEMwQjlDMTFCMUIxNjBGMzIxQjhBRUM0Q0ZDREREQUQ4
OTVGQzQ3REUwHhcNMjQwNDI2MTgzNzI2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiZjQ2NS01YjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq/exET9UiBAzCv+qlSSVEqBTA6m+ZPrtJ1tpOriOVTJgnqjNHUcOgV2HPB3O
trW5Zng7ILsOCrPBFjgGuQUXibX5EsvUl8NiVT6pfUY+jB2w5IbMq1J9dKTvNGNe
H3iGQqyRWV6UlmKMeFf8iLSvYdf6Ly8yR4BTMlk1vcx2q+cFtQGBcdBN5+rsOJHV
vE3nkEbAOzXAvDAxXg16O3BzaBdVdmvTeHf0SZn2Ej80D560AzuSUV5liFwXmo/S
MVaZIXrCaA3hjtaNuslxVKiLUTflRrsLmheH5S/KWyw2uVGpb5juMBoTHBywcoTI
rkNBrd5BDUfs+juXuc8tWnilWQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBkzDwnJ
NmKC38XgKbdOIHpBTQeKMB8GA1UdIwQYMBaAFMC5wRsbFg8yG4rsTPzd2tiV/Efe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjk4RS9GMTlBN0M5NDlD
MUMxMUU5OTJGQUZCMUJDNEY5QUUwMi93TG5CR3hzV0R6SWJpdXhNX04zYTJKWDhS
OTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dMbkJHeHNXRHpJYml1eE1fTjNhMkpYOFI5NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjY5OEUvRjE5QTdDOTQ5QzFDMTFFOTkyRkFGQjFCQzRGOUFFMDIvQTJBRUZGODIx
Qzc2MTFFREIzOUVEQTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABniCMwDQQCAAIwBwMFACQEisAwDQYJKoZIhvcNAQELBQAD
ggEBAJBzKXGAxLWfguQqMaMwkx8x/bzs2rEwAhPuUuXssMKhWaE7asXbJejjij2I
VZoh5mmCQqW7mEKP0db4L0yIq0xAGRYMWHhrhBGRiacKZ3w8dmD/LGy2bfRg7LjS
OIXwooa6rBQ9uyt9wQAUroj7/mZ6ykkDBborKmrsyiF/2CwnqiClpMxD9Y/OviAd
1ANyKClWHTbiBGSE+It9Lts98DM90NObk4COfgC7SiGHQg353YdgPhOqx5n1WHQZ
ad+Vv1KP3vWKhvG+/mz06IdFCODAWeGIgqEd0324qvW+2C+MMs1oq71Zq3hYUvbS
uB1Md3qX5HCvC03cscpjRVPojjA=
-----END CERTIFICATE-----
Generated at Tue Aug 13 14:24:58 2024 by rpki-client on console-ams.rpki-client.org