Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/13F125B2F24A11EEAA40F60BC4F9AE02.roa
File:                     13F125B2F24A11EEAA40F60BC4F9AE02.roa (raw, json)
Hash identifier:          hmndG/yCjQJJnyyxG4bPEG+lqaZVh5Ujz/NGoS+z9K8=
Subject key identifier:   18:3B:C9:CA:55:9B:EF:FD:83:18:B0:67:CD:06:51:3A:81:36:BD:06
Certificate issuer:       /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial:       0792
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/13F125B2F24A11EEAA40F60BC4F9AE02.roa
Signing time:             Fri 05 Apr 2024 01:58:17 +0000
ROA not before:           Fri 05 Apr 2024 01:58:17 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     9738
IP address blocks:        61.14.96.0/19 maxlen: 19
                          61.14.96.0/23 maxlen: 24
                          61.14.98.0/23 maxlen: 24
                          61.14.100.0/24 maxlen: 24
                          61.14.101.0/24 maxlen: 24
                          61.14.102.0/23 maxlen: 24
                          61.14.104.0/24 maxlen: 24
                          61.14.105.0/24 maxlen: 24
                          61.14.106.0/24 maxlen: 24
                          61.14.107.0/24 maxlen: 24
                          61.14.108.0/24 maxlen: 24
                          61.14.109.0/24 maxlen: 24
                          61.14.110.0/24 maxlen: 24
                          61.14.111.0/24 maxlen: 24
                          61.14.112.0/24 maxlen: 24
                          61.14.113.0/24 maxlen: 24
                          61.14.114.0/24 maxlen: 24
                          61.14.115.0/24 maxlen: 24
                          61.14.116.0/24 maxlen: 24
                          61.14.117.0/24 maxlen: 24
                          61.14.118.0/24 maxlen: 24
                          61.14.119.0/24 maxlen: 24
                          61.14.121.0/24 maxlen: 24
                          61.14.122.0/24 maxlen: 24
                          61.14.123.0/24 maxlen: 24
                          61.14.127.0/24 maxlen: 24
                          103.28.196.0/23 maxlen: 23
                          103.28.198.0/23 maxlen: 23
                          202.148.224.0/21 maxlen: 21
                          202.148.224.0/24 maxlen: 24
                          202.148.225.0/24 maxlen: 24
                          202.148.226.0/24 maxlen: 24
                          202.148.227.0/24 maxlen: 24
                          202.148.228.0/24 maxlen: 24
                          202.148.229.0/24 maxlen: 24
                          202.148.231.0/24 maxlen: 24
                          202.148.232.0/24 maxlen: 24
                          202.148.233.0/24 maxlen: 24
                          202.148.234.0/23 maxlen: 23
                          202.148.234.0/24 maxlen: 24
                          202.148.235.0/24 maxlen: 24
                          202.148.236.0/22 maxlen: 22
                          202.148.236.0/23 maxlen: 24
                          202.148.238.0/24 maxlen: 24
                          202.148.239.0/24 maxlen: 24
                          203.19.157.0/24 maxlen: 24
                          210.18.192.0/22 maxlen: 24
                          210.18.196.0/24 maxlen: 24
                          210.18.197.0/24 maxlen: 24
                          210.18.198.0/24 maxlen: 24
                          210.18.199.0/24 maxlen: 24
                          210.18.200.0/24 maxlen: 24
                          210.18.201.0/24 maxlen: 24
                          210.18.202.0/23 maxlen: 23
                          210.18.202.0/24 maxlen: 24
                          210.18.203.0/24 maxlen: 24
                          210.18.204.0/22 maxlen: 22
                          210.18.204.0/24 maxlen: 24
                          210.18.205.0/24 maxlen: 24
                          210.18.207.0/24 maxlen: 24
                          210.18.208.0/20 maxlen: 21
                          210.18.208.0/23 maxlen: 24
                          210.18.210.0/23 maxlen: 24
                          210.18.212.0/23 maxlen: 24
                          210.18.214.0/23 maxlen: 24
                          210.18.216.0/21 maxlen: 24
                          210.18.224.0/20 maxlen: 20
                          210.18.224.0/21 maxlen: 21
                          210.18.232.0/24 maxlen: 24
                          210.18.233.0/24 maxlen: 24
                          210.18.234.0/23 maxlen: 23
                          210.18.236.0/22 maxlen: 22
                          210.18.236.0/24 maxlen: 24
                          210.18.237.0/24 maxlen: 24
                          210.18.240.0/24 maxlen: 24
                          210.18.241.0/24 maxlen: 24
                          210.18.242.0/24 maxlen: 24
                          210.18.243.0/24 maxlen: 24
                          210.18.244.0/22 maxlen: 22
                          210.18.248.0/23 maxlen: 23
                          210.18.248.0/24 maxlen: 24
                          210.18.250.0/23 maxlen: 23
                          210.18.251.0/24 maxlen: 24
                          210.18.252.0/24 maxlen: 24
                          210.18.253.0/24 maxlen: 24
                          210.18.254.0/24 maxlen: 24
                          210.18.255.0/24 maxlen: 24
                          2403:c800::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 00:14:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1938 (0x792)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
        Validity
            Not Before: Apr  5 01:58:17 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=660f5ab9-41a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:31:08:31:7a:04:b8:f2:ef:80:61:a6:1f:d0:
                    da:0c:b1:21:03:f1:0c:4b:86:18:ae:63:8c:a6:24:
                    4a:fb:50:5f:d6:9e:c7:55:5e:85:dd:b6:bf:c0:c7:
                    94:02:7d:b6:ca:85:4e:a5:59:dc:d1:c8:a7:18:b0:
                    20:64:77:1d:42:03:f2:76:43:d5:24:c8:d5:03:4f:
                    6f:69:11:e6:c8:98:77:9e:7f:7b:4c:42:45:0f:b0:
                    13:0c:7f:21:fb:1d:bb:b5:79:51:3d:20:84:24:75:
                    d9:ba:65:1b:43:97:02:32:ab:80:8f:5d:ea:29:7a:
                    d5:64:6d:4e:19:7e:94:9f:4a:2a:25:29:f8:15:88:
                    32:ee:68:1a:68:6d:74:0d:41:e5:55:d0:ca:a4:de:
                    71:09:19:f2:48:15:81:a8:10:a8:43:df:31:f1:4d:
                    33:1b:23:d6:9e:fb:d4:5d:73:cb:90:34:b3:f7:c8:
                    52:74:35:b4:63:6a:6e:08:21:ba:bf:aa:47:26:5c:
                    2e:34:ac:33:79:9c:cb:a8:34:e7:f0:86:1e:3d:a4:
                    8c:74:a0:76:06:85:51:14:61:5d:d8:b4:b0:70:0f:
                    e7:09:12:b2:08:f0:93:90:9e:4b:2f:da:42:d0:2c:
                    ce:27:04:57:24:0f:19:e5:d3:9d:51:b0:5e:da:51:
                    7f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:3B:C9:CA:55:9B:EF:FD:83:18:B0:67:CD:06:51:3A:81:36:BD:06
            X509v3 Authority Key Identifier:
                keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/13F125B2F24A11EEAA40F60BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.14.96.0/19
                  103.28.196.0/22
                  202.148.224.0/20
                  203.19.157.0/24
                  210.18.192.0/18
                IPv6:
                  2403:c800::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:64:12:3f:7e:3b:ab:6f:de:7e:ae:2b:cc:5d:44:3d:bf:89:
         a7:cd:17:1c:60:81:68:c2:46:3f:17:24:4d:a1:db:6c:e2:c7:
         fc:ea:31:a4:26:a3:ba:d4:00:b8:37:b4:9d:fe:73:fe:c3:cf:
         e0:e8:2f:af:ef:d6:ec:d9:7c:0c:52:36:20:8f:f4:6e:8c:c9:
         93:92:e8:50:af:10:8d:4a:14:28:cb:01:d3:f6:4b:8e:29:a3:
         29:64:eb:d8:14:1c:62:7c:4d:09:d1:38:e5:3a:df:a3:f1:a7:
         99:84:64:b4:6f:f3:2e:78:39:ef:f4:69:d5:d6:c5:1c:9d:2d:
         50:3a:11:cf:bc:e1:9e:c5:3b:3c:78:f0:c6:f0:82:c2:9c:96:
         a6:e2:64:25:04:65:b7:2e:20:f8:c2:f6:21:8e:26:54:46:f4:
         e7:e8:72:62:f1:42:69:a4:6c:a3:11:57:c7:8d:a9:2c:a9:14:
         3d:bc:8f:90:99:7f:c5:e9:27:9b:fe:95:ac:de:c5:3c:16:6a:
         44:87:29:34:8e:c2:8c:01:0f:82:db:a3:18:c0:50:44:6e:fb:
         22:76:c5:07:2e:62:3f:5f:13:2e:8e:4d:09:09:98:4a:c8:f2:
         ff:d2:37:f5:82:ce:9e:6e:9a:3c:af:87:a5:00:a3:fb:a3:45:
         42:91:45:e4
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB5IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjQwNDA1MDE1ODE3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmNWFiOS00MWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3DEIMXoEuPLvgGGmH9DaDLEhA/EMS4YYrmOMpiRK+1Bf1p7HVV6F3ba/wMeU
An22yoVOpVnc0cinGLAgZHcdQgPydkPVJMjVA09vaRHmyJh3nn97TEJFD7ATDH8h
+x27tXlRPSCEJHXZumUbQ5cCMquAj13qKXrVZG1OGX6Un0oqJSn4FYgy7mgaaG10
DUHlVdDKpN5xCRnySBWBqBCoQ98x8U0zGyPWnvvUXXPLkDSz98hSdDW0Y2puCCG6
v6pHJlwuNKwzeZzLqDTn8IYePaSMdKB2BoVRFGFd2LSwcA/nCRKyCPCTkJ5LL9pC
0CzOJwRXJA8Z5dOdUbBe2lF/owIDAQABo4ICvDCCArgwHQYDVR0OBBYEFBg7ycpV
m+/9gxiwZ80GUTqBNr0GMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvMTNGMTI1QjJG
MjRBMTFFRUFBNDBGNjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAU9DmADBAJnHMQDBATKlOADBADLE50DBAbSEsAwDQQCAAIw
BwMFACQDyAAwDQYJKoZIhvcNAQELBQADggEBAEtkEj9+O6tv3n6uK8xdRD2/iafN
FxxggWjCRj8XJE2h22zix/zqMaQmo7rUALg3tJ3+c/7Dz+DoL6/v1uzZfAxSNiCP
9G6MyZOS6FCvEI1KFCjLAdP2S44poylk69gUHGJ8TQnROOU636Pxp5mEZLRv8y54
Oe/0adXWxRydLVA6Ec+84Z7FOzx48MbwgsKclqbiZCUEZbcuIPjC9iGOJlRG9Ofo
cmLxQmmkbKMRV8eNqSypFD28j5CZf8XpJ5v+lazexTwWakSHKTSOwowBD4LboxjA
UERu+yJ2xQcuYj9fEy6OTQkJmErI8v/SN/WCzp5umjyvh6UAo/ujRUKRReQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org