Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
File:                     E40405B22F3211ED958A415DC4F9AE02.roa (raw, json)
Hash identifier:          52VfZWlqpsKXmlv9Aic41Vvw0vfFk83ZkFLbQnxZ59c=
Subject key identifier:   8C:61:07:85:79:1A:A6:35:9D:D3:07:30:88:67:36:D4:95:9A:00:37
Certificate issuer:       /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial:       0A44
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
Signing time:             Sat 20 May 2023 21:11:51 +0000
ROA not before:           Sat 20 May 2023 21:11:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58895
IP address blocks:        36.255.100.0/22 maxlen: 22
                          36.255.100.0/24 maxlen: 24
                          36.255.101.0/24 maxlen: 24
                          36.255.102.0/24 maxlen: 24
                          36.255.103.0/24 maxlen: 24
                          43.229.164.0/22 maxlen: 22
                          43.229.164.0/24 maxlen: 24
                          43.229.165.0/24 maxlen: 24
                          43.229.166.0/24 maxlen: 24
                          43.229.167.0/24 maxlen: 24
                          43.230.92.0/22 maxlen: 22
                          43.230.92.0/24 maxlen: 24
                          43.230.93.0/24 maxlen: 24
                          43.230.94.0/24 maxlen: 24
                          43.230.95.0/24 maxlen: 24
                          43.231.60.0/22 maxlen: 22
                          43.231.60.0/24 maxlen: 24
                          43.231.61.0/24 maxlen: 24
                          43.231.62.0/24 maxlen: 24
                          43.231.63.0/24 maxlen: 24
                          43.248.12.0/22 maxlen: 22
                          43.248.12.0/24 maxlen: 24
                          43.248.13.0/24 maxlen: 24
                          43.248.14.0/24 maxlen: 24
                          43.248.15.0/24 maxlen: 24
                          45.113.124.0/22 maxlen: 22
                          45.113.124.0/24 maxlen: 24
                          45.113.125.0/24 maxlen: 24
                          45.113.126.0/24 maxlen: 24
                          45.113.127.0/24 maxlen: 24
                          45.117.104.0/22 maxlen: 22
                          45.117.104.0/24 maxlen: 24
                          45.117.105.0/24 maxlen: 24
                          45.117.106.0/24 maxlen: 24
                          45.117.107.0/24 maxlen: 24
                          103.24.96.0/22 maxlen: 24
                          103.35.212.0/22 maxlen: 22
                          103.35.212.0/24 maxlen: 24
                          103.35.213.0/24 maxlen: 24
                          103.35.214.0/24 maxlen: 24
                          103.35.215.0/24 maxlen: 24
                          103.39.80.0/22 maxlen: 22
                          103.39.80.0/24 maxlen: 24
                          103.39.81.0/24 maxlen: 24
                          103.39.82.0/24 maxlen: 24
                          103.39.83.0/24 maxlen: 24
                          103.49.136.0/22 maxlen: 22
                          103.49.136.0/24 maxlen: 24
                          103.49.137.0/24 maxlen: 24
                          103.49.138.0/24 maxlen: 24
                          103.49.139.0/24 maxlen: 24
                          103.50.156.0/22 maxlen: 22
                          103.50.156.0/24 maxlen: 24
                          103.50.157.0/24 maxlen: 24
                          103.50.158.0/24 maxlen: 24
                          103.50.159.0/24 maxlen: 24
                          103.53.44.0/22 maxlen: 22
                          103.53.44.0/24 maxlen: 24
                          103.53.45.0/24 maxlen: 24
                          103.53.46.0/24 maxlen: 24
                          103.53.47.0/24 maxlen: 24
                          103.57.168.0/22 maxlen: 22
                          103.57.168.0/24 maxlen: 24
                          103.57.169.0/24 maxlen: 24
                          103.57.170.0/24 maxlen: 24
                          103.57.171.0/24 maxlen: 24
                          103.70.84.0/22 maxlen: 22
                          103.70.84.0/24 maxlen: 24
                          103.70.85.0/24 maxlen: 24
                          103.70.86.0/24 maxlen: 24
                          103.70.87.0/24 maxlen: 24
                          103.200.196.0/22 maxlen: 22
                          103.200.196.0/24 maxlen: 24
                          103.200.197.0/24 maxlen: 24
                          103.200.198.0/24 maxlen: 24
                          103.200.199.0/24 maxlen: 24
                          103.209.84.0/22 maxlen: 22
                          103.209.84.0/24 maxlen: 24
                          103.209.85.0/24 maxlen: 24
                          103.209.86.0/24 maxlen: 24
                          103.209.87.0/24 maxlen: 24
                          117.53.40.0/22 maxlen: 22
                          117.53.40.0/24 maxlen: 24
                          117.53.41.0/24 maxlen: 24
                          117.53.42.0/24 maxlen: 24
                          117.53.43.0/24 maxlen: 24
                          150.129.4.0/22 maxlen: 22
                          150.129.4.0/24 maxlen: 24
                          150.129.5.0/24 maxlen: 24
                          150.129.6.0/24 maxlen: 24
                          150.129.7.0/24 maxlen: 24
                          2400:1680::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 08:27:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2628 (0xa44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
        Validity
            Not Before: May 20 21:11:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64693797-8243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:27:60:43:8b:d9:46:3a:9a:f8:30:20:36:b0:
                    32:85:fa:c7:b2:e7:54:b8:ca:1b:69:89:1b:f7:1c:
                    ad:32:56:26:e7:22:7c:9f:44:68:3b:5a:33:fc:7f:
                    71:d9:fe:d0:90:65:d3:f4:00:4d:78:b4:86:d3:15:
                    bb:c0:03:e3:b2:0b:68:ff:16:dd:49:3c:96:5e:43:
                    6c:12:7d:7d:41:9e:16:5b:1b:e5:98:00:5b:d6:bb:
                    e8:5b:e8:0a:0c:13:3e:4c:d3:27:1c:56:cb:40:eb:
                    72:61:ed:a6:84:e6:f9:00:df:3a:19:5e:2c:30:61:
                    a1:ad:28:38:db:46:6c:d6:1e:60:bc:e4:92:e7:29:
                    e0:2a:87:b8:1f:79:bd:1c:5f:2e:b0:2c:54:ad:c1:
                    5f:3a:0e:20:3c:88:70:30:44:1f:d9:a3:2c:d7:7a:
                    97:e3:cd:71:d2:a0:1e:e2:5b:79:f9:40:7b:bd:9b:
                    34:97:69:dc:d6:e6:86:e6:fd:2d:81:0e:e8:a8:54:
                    4d:75:36:8f:01:06:c4:d5:63:68:b7:28:62:45:d9:
                    b1:fa:40:b2:19:d1:04:61:b2:5c:f3:14:d1:a2:42:
                    a7:c9:a1:29:84:7c:1b:8d:f7:87:05:24:a1:61:5c:
                    19:57:70:2f:89:4e:42:6c:c5:50:cc:e8:92:32:9e:
                    d4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:61:07:85:79:1A:A6:35:9D:D3:07:30:88:67:36:D4:95:9A:00:37
            X509v3 Authority Key Identifier:
                keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/E40405B22F3211ED958A415DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.255.100.0/22
                  43.229.164.0/22
                  43.230.92.0/22
                  43.231.60.0/22
                  43.248.12.0/22
                  45.113.124.0/22
                  45.117.104.0/22
                  103.24.96.0/22
                  103.35.212.0/22
                  103.39.80.0/22
                  103.49.136.0/22
                  103.50.156.0/22
                  103.53.44.0/22
                  103.57.168.0/22
                  103.70.84.0/22
                  103.200.196.0/22
                  103.209.84.0/22
                  117.53.40.0/22
                  150.129.4.0/22
                IPv6:
                  2400:1680::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:b4:81:7b:6c:a3:d8:f3:24:a2:75:43:6e:d4:2b:f8:48:ee:
         e7:fd:14:c9:d1:29:22:9d:a4:1c:78:22:26:16:bd:da:e7:72:
         97:b7:0f:f3:7b:43:14:42:a1:36:a5:cf:fd:0b:f6:8c:a2:e4:
         9f:08:77:ae:05:e8:d1:94:3c:b5:57:19:b5:5c:85:69:d8:a0:
         e2:fd:a0:81:0e:d7:0c:9d:41:92:4f:a0:c4:51:b8:a3:49:c3:
         49:3d:e2:48:64:c7:00:84:5b:8a:b6:3a:21:22:0e:95:48:a9:
         87:e1:3a:89:ea:6d:75:de:9e:a1:c9:6a:23:c4:bf:fc:72:a8:
         8b:4b:57:4a:90:d4:cb:cd:15:39:1e:1e:d1:d0:9c:61:ae:60:
         95:27:2b:ef:f4:cd:d4:20:a5:c9:46:eb:65:c9:6d:3c:3e:74:
         79:83:8f:38:b2:6b:4c:e1:96:57:c2:8b:e8:0e:b7:3b:e5:33:
         f9:9f:aa:b8:a0:90:34:44:e3:6f:6d:a7:0b:96:7d:6c:88:df:
         2d:45:be:c2:61:35:1b:bd:1d:9b:76:9a:ce:d6:cf:c3:e7:ef:
         de:ad:e0:6c:f9:c3:77:7a:79:5e:eb:c4:ad:6d:16:1c:53:0f:
         45:c7:03:d1:85:17:4d:89:b3:2f:99:38:2c:bc:e1:90:36:ae:
         4e:cd:8c:1f
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICCkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjMwNTIwMjExMTUxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY5Mzc5Ny04MjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnydgQ4vZRjqa+DAgNrAyhfrHsudUuMobaYkb9xytMlYm5yJ8n0RoO1oz/H9x
2f7QkGXT9ABNeLSG0xW7wAPjsgto/xbdSTyWXkNsEn19QZ4WWxvlmABb1rvoW+gK
DBM+TNMnHFbLQOtyYe2mhOb5AN86GV4sMGGhrSg420Zs1h5gvOSS5yngKoe4H3m9
HF8usCxUrcFfOg4gPIhwMEQf2aMs13qX481x0qAe4lt5+UB7vZs0l2nc1uaG5v0t
gQ7oqFRNdTaPAQbE1WNotyhiRdmx+kCyGdEEYbJc8xTRokKnyaEphHwbjfeHBSSh
YVwZV3AviU5CbMVQzOiSMp7UGQIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFIxhB4V5
GqY1ndMHMIhnNtSVmgA3MB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvRTQwNDA1QjIy
RjMyMTFFRDk1OEE0MTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMHgEAgABMHIDBAIk/2QDBAIr5aQDBAIr5lwDBAIr5zwDBAIr+AwDBAIt
cXwDBAItdWgDBAJnGGADBAJnI9QDBAJnJ1ADBAJnMYgDBAJnMpwDBAJnNSwDBAJn
OagDBAJnRlQDBAJnyMQDBAJn0VQDBAJ1NSgDBAKWgQQwDQQCAAIwBwMFACQAFoAw
DQYJKoZIhvcNAQELBQADggEBAIy0gXtso9jzJKJ1Q27UK/hI7uf9FMnRKSKdpBx4
IiYWvdrncpe3D/N7QxRCoTalz/0L9oyi5J8Id64F6NGUPLVXGbVchWnYoOL9oIEO
1wydQZJPoMRRuKNJw0k94khkxwCEW4q2OiEiDpVIqYfhOonqbXXenqHJaiPEv/xy
qItLV0qQ1MvNFTkeHtHQnGGuYJUnK+/0zdQgpclG62XJbTw+dHmDjziya0zhllfC
i+gOtzvlM/mfqrigkDRE429tpwuWfWyI3y1FvsJhNRu9HZt2ms7Wz8Pn796t4Gz5
w3d6eV7rxK1tFhxTD0XHA9GFF02Jsy+ZOCy84ZA2rk7NjB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org