Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
File:                     F69DF92242E011EEBBFC663FC4F9AE02.roa (raw, json)
Hash identifier:          +v8D5ZEKK1eQBG2mfuyrM5JbALfMS9/1G0XDeHG7WrE=
Subject key identifier:   32:5C:C7:CD:08:E0:44:2E:53:63:B5:15:DA:8C:EF:98:7F:B9:84:A6
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       04BE
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
Signing time:             Tue 05 Sep 2023 00:51:40 +0000
ROA not before:           Tue 05 Sep 2023 00:51:40 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     47813
IP address blocks:        43.254.165.0/24 maxlen: 24
                          43.255.158.0/23 maxlen: 24
                          103.240.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Sep 2023 12:54:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1214 (0x4be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Sep  5 00:51:40 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=64f67b9c-5aa3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c3:ac:a0:b5:67:30:72:5f:d8:2e:4e:7e:a6:
                    f9:c8:97:e7:74:b3:c3:fb:f0:10:71:73:33:71:c7:
                    6b:80:eb:21:c3:aa:19:90:34:5e:59:ed:a9:00:95:
                    62:73:de:9e:4b:6e:d6:fe:86:12:60:10:c8:4d:b8:
                    0b:7d:2f:ee:e7:d0:a6:c0:8a:b9:01:99:74:ba:e5:
                    c2:10:7a:bd:3b:74:95:38:5f:0c:88:0f:cc:2a:36:
                    e9:0a:7d:11:69:38:f6:3a:54:43:45:98:b2:76:c6:
                    68:c1:35:67:2f:f9:2b:8b:cb:1b:70:80:0e:d2:32:
                    fa:a0:09:67:50:4a:7d:56:b0:88:23:97:a0:b4:07:
                    e3:3f:b6:a4:6e:21:33:b5:f8:65:20:dc:89:19:87:
                    89:d8:9b:87:fe:cd:b2:2a:81:16:60:62:0d:60:83:
                    7e:07:12:fe:46:f5:42:08:b6:fb:bc:20:e1:18:a3:
                    80:ae:30:70:d5:ab:d0:0a:65:aa:b6:ae:72:4e:c3:
                    02:2f:47:76:87:0c:3f:ef:7c:bd:78:33:d7:f3:c3:
                    a1:46:b1:24:14:de:f8:aa:7a:73:2f:96:26:64:d4:
                    5c:14:32:b9:93:11:a7:6f:04:db:f2:4b:1e:ed:16:
                    2d:53:a5:ad:78:1e:c5:69:01:be:31:62:40:12:a1:
                    6a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:5C:C7:CD:08:E0:44:2E:53:63:B5:15:DA:8C:EF:98:7F:B9:84:A6
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.254.165.0/24
                  43.255.158.0/23
                  103.240.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:b4:86:18:1f:30:a6:52:88:a4:64:3f:a5:35:f2:1c:ad:9f:
         c9:f3:28:1b:e2:31:5c:79:79:7a:15:c0:79:f8:be:d5:9a:75:
         1b:81:22:20:16:1c:4e:e4:48:c6:82:08:78:95:00:4d:9e:0a:
         01:73:86:08:55:49:f4:f9:74:e7:19:b6:c6:d0:bc:e6:77:dd:
         bc:68:fe:31:d0:e8:8b:4d:fb:9b:79:a3:ea:d4:3f:de:df:af:
         d0:8b:0e:79:5b:1b:a5:ac:0f:45:47:8b:99:2f:7f:3f:5b:6a:
         64:a8:96:fb:4d:97:ea:b9:b5:c3:4f:a7:55:a4:95:92:27:98:
         7b:1e:c4:7a:33:50:fb:c9:02:9b:8b:9d:34:01:ac:68:34:8a:
         c5:d0:95:34:08:dc:63:65:ca:1c:a3:96:44:cb:e2:34:4b:42:
         fa:c0:ea:d6:10:b5:5d:a7:f4:df:03:92:9c:52:79:e7:21:e7:
         c9:bc:da:33:84:43:32:ac:48:e2:2b:c7:64:1b:22:9c:93:c4:
         32:e1:2c:7c:c0:ff:53:19:8a:bb:fe:57:2c:4c:6c:d2:c1:17:
         96:df:3c:fb:68:18:6c:b8:6a:f7:b0:9a:de:5f:52:98:89:82:
         27:5b:d8:1b:0f:e5:83:91:bd:fb:fd:61:6f:bf:67:24:06:59:
         8e:f6:14:81
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTQwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5Yy01YWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8OsoLVnMHJf2C5Ofqb5yJfndLPD+/AQcXMzccdrgOshw6oZkDReWe2pAJVi
c96eS27W/oYSYBDITbgLfS/u59CmwIq5AZl0uuXCEHq9O3SVOF8MiA/MKjbpCn0R
aTj2OlRDRZiydsZowTVnL/kri8sbcIAO0jL6oAlnUEp9VrCII5egtAfjP7akbiEz
tfhlINyJGYeJ2JuH/s2yKoEWYGINYIN+BxL+RvVCCLb7vCDhGKOArjBw1avQCmWq
tq5yTsMCL0d2hww/73y9eDPX88OhRrEkFN74qnpzL5YmZNRcFDK5kxGnbwTb8kse
7RYtU6WteB7FaQG+MWJAEqFqNwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDJcx80I
4EQuU2O1FdqM75h/uYSmMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjY5REY5MjI0
MkUwMTFFRUJCRkM2NjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/qUDBAEr/54DBABn8MYwDQYJKoZIhvcNAQELBQADggEB
AD+0hhgfMKZSiKRkP6U18hytn8nzKBviMVx5eXoVwHn4vtWadRuBIiAWHE7kSMaC
CHiVAE2eCgFzhghVSfT5dOcZtsbQvOZ33bxo/jHQ6ItN+5t5o+rUP97fr9CLDnlb
G6WsD0VHi5kvfz9bamSolvtNl+q5tcNPp1WklZInmHsexHozUPvJApuLnTQBrGg0
isXQlTQI3GNlyhyjlkTL4jRLQvrA6tYQtV2n9N8DkpxSeech58m82jOEQzKsSOIr
x2QbIpyTxDLhLHzA/1MZirv+VyxMbNLBF5bfPPtoGGy4avewmt5fUpiJgidb2BsP
5YORvfv9YW+/ZyQGWY72FIE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org