Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/D6412850FADF11EDAFF63D09C4F9AE02.roa
File:                     D6412850FADF11EDAFF63D09C4F9AE02.roa (raw, json)
Hash identifier:          7OtEofE3nTfr6udQgsj6oRmVKhWPKS/6rM17wBvwqVU=
Subject key identifier:   AC:F2:00:04:09:2A:00:09:64:21:5E:2C:56:71:74:70:BE:F8:F7:3E
Certificate issuer:       /CN=A913BA97/serialNumber=AFD943E4B142763659E08F8DBF6CE7E6D80CC517
Certificate serial:       C7
Authority key identifier: AF:D9:43:E4:B1:42:76:36:59:E0:8F:8D:BF:6C:E7:E6:D8:0C:C5:17
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/D6412850FADF11EDAFF63D09C4F9AE02.roa
Signing time:             Sun 25 Feb 2024 05:17:41 +0000
ROA not before:           Sun 25 Feb 2024 05:17:41 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     137531
IP address blocks:        103.85.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Aug 2024 18:16:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199 (0xc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913BA97/serialNumber=AFD943E4B142763659E08F8DBF6CE7E6D80CC517
        Validity
            Not Before: Feb 25 05:17:41 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65dacd74-d662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:af:9c:91:b2:08:2d:4f:ec:33:d5:86:c5:f1:
                    5b:5c:e7:a3:2a:b9:7e:7f:b1:82:26:71:58:63:4b:
                    28:c6:fa:da:93:77:26:39:d2:38:48:34:cc:ed:27:
                    ce:73:7d:c2:73:2f:57:6b:0f:fe:9e:b2:03:c4:78:
                    53:6d:ce:b3:28:0e:24:cd:ee:7a:ae:cd:f5:34:72:
                    f1:26:2c:22:c8:d8:c8:3a:0d:51:83:fd:79:ab:ee:
                    89:c3:74:ea:63:6f:7c:5a:47:ac:ea:19:89:f9:2f:
                    26:ef:fc:08:75:b5:f6:5b:ec:42:df:56:01:da:78:
                    b7:90:68:30:d1:46:97:93:12:15:af:0b:54:d5:54:
                    4c:0a:02:93:36:89:32:b4:6f:9c:e7:0a:09:1f:e5:
                    50:df:23:0e:ac:30:d1:ba:1d:32:7d:b3:fe:bb:af:
                    ec:be:ad:3d:b9:ea:00:4a:c0:bb:4c:fd:a0:79:6c:
                    72:f8:a7:1d:54:03:70:35:56:39:fc:8a:ff:6b:74:
                    e1:44:97:b8:51:98:21:72:c9:59:58:a0:06:1c:df:
                    e8:8c:dd:a9:05:a0:e2:21:5f:74:1f:68:16:81:89:
                    d3:79:6b:ca:e9:1c:ec:65:eb:22:78:41:cd:b8:1b:
                    41:e1:78:ef:c6:8b:2d:91:7a:0a:e1:dc:73:fb:e6:
                    64:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:F2:00:04:09:2A:00:09:64:21:5E:2C:56:71:74:70:BE:F8:F7:3E
            X509v3 Authority Key Identifier:
                keyid:AF:D9:43:E4:B1:42:76:36:59:E0:8F:8D:BF:6C:E7:E6:D8:0C:C5:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/D6412850FADF11EDAFF63D09C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:dd:ad:6b:0a:7e:78:07:0e:d8:5b:d8:e7:1f:b7:c7:c3:3e:
         52:24:3a:b3:6c:d1:a3:c1:13:7d:f5:b0:5a:d7:7d:0b:bd:0a:
         50:36:c6:f5:bc:b5:43:5b:4f:04:cc:0f:c3:23:0e:7e:2f:bf:
         95:fb:2b:a0:71:74:c9:3d:c8:c3:c0:70:58:53:d8:7d:42:4e:
         54:cc:85:79:7e:6e:6a:d0:19:22:cc:99:de:29:28:1d:a5:10:
         1f:d2:a2:bc:b3:c8:53:24:30:f0:4b:63:4a:22:3f:a4:f6:aa:
         f0:a5:0b:9a:31:e8:9f:41:ce:aa:d2:c8:37:25:e3:24:bb:7e:
         09:4f:85:f8:62:cd:da:0f:a1:35:d5:36:ff:33:c8:5e:8c:bd:
         66:6a:a5:f5:4a:f4:9c:2d:26:79:fd:2c:dd:e2:c2:25:1a:5d:
         e3:57:91:40:c0:d4:80:91:e2:12:28:36:a3:3f:63:69:76:9f:
         7e:1c:35:d5:02:f4:ae:72:d7:17:24:d7:f4:43:fe:c4:52:be:
         64:83:cd:50:76:67:41:e6:0a:50:6a:db:30:1e:8b:e6:ee:6c:
         51:bf:91:b7:f6:40:8c:49:f6:74:f8:a9:02:b1:0b:0f:1c:4d:
         f9:42:9e:77:cd:91:f7:db:d2:74:f8:8a:1e:af:bb:79:6e:3a:
         5e:0b:30:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0JBOTcxMTAvBgNVBAUTKEFGRDk0M0U0QjE0Mjc2MzY1OUUwOEY4REJGNkNFN0U2
RDgwQ0M1MTcwHhcNMjQwMjI1MDUxNzQxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRhY2Q3NC1kNjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1a+ckbIILU/sM9WGxfFbXOejKrl+f7GCJnFYY0soxvrak3cmOdI4SDTM7SfO
c33Ccy9Xaw/+nrIDxHhTbc6zKA4kze56rs31NHLxJiwiyNjIOg1Rg/15q+6Jw3Tq
Y298Wkes6hmJ+S8m7/wIdbX2W+xC31YB2ni3kGgw0UaXkxIVrwtU1VRMCgKTNoky
tG+c5woJH+VQ3yMOrDDRuh0yfbP+u6/svq09ueoASsC7TP2geWxy+KcdVANwNVY5
/Ir/a3ThRJe4UZghcslZWKAGHN/ojN2pBaDiIV90H2gWgYnTeWvK6RzsZesieEHN
uBtB4XjvxostkXoK4dxz++ZkvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKzyAAQJ
KgAJZCFeLFZxdHC++Pc+MB8GA1UdIwQYMBaAFK/ZQ+SxQnY2WeCPjb9s5+bYDMUX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQkE5Ny9GMUZFQjFGRUFD
NEExMUVEQTdGMUIwNDRDNEY5QUUwMi9yOWxENUxGQ2RqWlo0SS1OdjJ6bjV0Z014
UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I5bEQ1TEZDZGpaWjRJLU52MnpuNXRnTXhSYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0JBOTcvRjFGRUIxRkVBQzRBMTFFREE3RjFCMDQ0QzRGOUFFMDIvRDY0MTI4NTBG
QURGMTFFREFGRjYzRDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnVbcwDQYJKoZIhvcNAQELBQADggEBAFfdrWsKfngHDthb
2Ocft8fDPlIkOrNs0aPBE331sFrXfQu9ClA2xvW8tUNbTwTMD8MjDn4vv5X7K6Bx
dMk9yMPAcFhT2H1CTlTMhXl+bmrQGSLMmd4pKB2lEB/SoryzyFMkMPBLY0oiP6T2
qvClC5ox6J9BzqrSyDcl4yS7fglPhfhizdoPoTXVNv8zyF6MvWZqpfVK9JwtJnn9
LN3iwiUaXeNXkUDA1ICR4hIoNqM/Y2l2n34cNdUC9K5y1xck1/RD/sRSvmSDzVB2
Z0HmClBq2zAei+bubFG/kbf2QIxJ9nT4qQKxCw8cTflCnnfNkffb0nT4ih6vu3lu
Ol4LMH8=
-----END CERTIFICATE-----
Generated at Fri Aug 9 20:50:42 2024 by rpki-client on console-fra.rpki-client.org