Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913F8B5/239D2A42FFF911EBA8F74360C4F9AE02/2E3EB37C4D7611EE8002FB12C4F9AE02.roa
File:                     2E3EB37C4D7611EE8002FB12C4F9AE02.roa (raw, json)
Hash identifier:          /iBWYo1rkLFU7iiEiNMNEkY1KTA0IngWGRKDPGxrXgw=
Subject key identifier:   80:3D:E7:78:34:68:45:54:DF:6B:89:F8:E8:48:BB:3B:E8:9E:F2:8B
Certificate issuer:       /CN=A913F8B5/serialNumber=138F9A8CF207DA008B401C6DE8D91310FE25EA4C
Certificate serial:       03E7
Authority key identifier: 13:8F:9A:8C:F2:07:DA:00:8B:40:1C:6D:E8:D9:13:10:FE:25:EA:4C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4-ajPIH2gCLQBxt6NkTEP4l6kw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913F8B5/239D2A42FFF911EBA8F74360C4F9AE02/2E3EB37C4D7611EE8002FB12C4F9AE02.roa
Signing time:             Thu 07 Sep 2023 12:00:47 +0000
ROA not before:           Thu 07 Sep 2023 12:00:47 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     35478
IP address blocks:        103.171.136.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 08 May 2024 07:23:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 999 (0x3e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913F8B5/serialNumber=138F9A8CF207DA008B401C6DE8D91310FE25EA4C
        Validity
            Not Before: Sep  7 12:00:47 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64f9bb6f-ed22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:19:29:44:66:6f:1c:60:28:ec:fb:83:72:35:
                    c1:da:7b:18:78:86:2a:da:c5:87:2c:ab:0f:d2:f5:
                    01:02:0c:70:02:d5:69:11:d2:20:76:af:e9:b4:6e:
                    03:26:bb:41:a1:e1:87:05:1e:aa:ad:c6:b6:2a:56:
                    b7:bc:ad:0a:ba:12:f9:ab:1d:fd:87:32:81:4d:a7:
                    b6:7b:95:52:5e:0e:bc:25:da:bf:cc:06:b6:f6:cd:
                    b7:cb:a3:98:69:44:ed:74:cd:af:61:83:a7:d8:00:
                    94:45:43:b1:8e:6e:24:81:88:50:31:71:af:f4:42:
                    ef:8d:66:bf:ca:c0:57:fc:e2:e7:82:38:fc:0d:07:
                    bf:a4:b3:cf:c3:b0:0d:d6:1b:f7:a8:46:2d:49:9f:
                    4b:eb:c1:05:cf:65:52:57:75:ec:43:52:56:e3:16:
                    f6:ff:5c:6e:9e:0c:c0:69:ed:58:f7:c5:e0:12:7f:
                    d2:8a:4b:54:16:65:9d:b5:a2:fa:b3:f8:2e:58:57:
                    e7:1b:e5:0e:c5:ff:d0:cb:a8:7e:0a:ff:77:7b:8d:
                    70:9a:e5:39:5e:f4:7d:de:58:15:7a:c9:56:f4:df:
                    d7:57:54:26:5a:03:96:80:3d:a5:0d:a8:e3:76:a9:
                    79:12:52:1c:e7:60:47:77:0b:fb:16:d4:f9:a7:08:
                    98:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:3D:E7:78:34:68:45:54:DF:6B:89:F8:E8:48:BB:3B:E8:9E:F2:8B
            X509v3 Authority Key Identifier:
                keyid:13:8F:9A:8C:F2:07:DA:00:8B:40:1C:6D:E8:D9:13:10:FE:25:EA:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913F8B5/239D2A42FFF911EBA8F74360C4F9AE02/E4-ajPIH2gCLQBxt6NkTEP4l6kw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4-ajPIH2gCLQBxt6NkTEP4l6kw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F8B5/239D2A42FFF911EBA8F74360C4F9AE02/2E3EB37C4D7611EE8002FB12C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.171.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:dd:c9:dc:06:a1:c1:3f:29:1f:05:81:d6:28:fc:ba:fe:71:
         9d:68:c2:c5:00:5a:e8:29:4f:d1:50:6b:0a:15:fe:53:b7:0e:
         b3:d5:a5:d7:ee:e2:46:08:3b:fe:01:0f:03:6d:7b:1f:67:a0:
         ef:a4:f9:4f:d6:db:c1:f2:70:37:20:08:e6:7c:03:ae:a2:b1:
         69:6b:2c:0e:36:22:6d:b7:13:c5:95:5b:4b:61:06:e8:35:a0:
         54:58:6f:60:93:9d:99:bb:38:72:8b:5a:d0:cf:90:8d:0e:04:
         50:e8:46:9e:87:e9:0c:4e:46:99:fa:f5:98:7d:a2:89:82:9b:
         ec:36:6b:c1:ed:bc:bd:0a:3f:8f:f8:82:bf:fb:bc:c7:9a:8a:
         1b:2f:63:3b:4b:94:04:91:1c:2e:24:1c:51:e7:0b:e7:43:17:
         98:d5:b7:d7:f7:a9:f3:9b:a5:c8:bf:60:6b:d9:b3:19:87:07:
         9e:b7:f9:ab:7d:21:18:be:79:c7:af:01:40:0d:e2:c6:3d:4a:
         09:dd:4d:2d:ba:dc:8b:34:68:d6:0b:31:23:97:a0:55:b7:9b:
         93:e6:90:0f:2a:1a:9b:fe:f5:70:7d:7c:d1:4a:0c:51:65:94:
         67:4e:d0:c8:59:c9:6d:d9:fe:20:3c:b0:08:36:d2:d5:45:09:
         d8:5b:05:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y4QjUxMTAvBgNVBAUTKDEzOEY5QThDRjIwN0RBMDA4QjQwMUM2REU4RDkxMzEw
RkUyNUVBNEMwHhcNMjMwOTA3MTIwMDQ3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5YmI2Zi1lZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5xkpRGZvHGAo7PuDcjXB2nsYeIYq2sWHLKsP0vUBAgxwAtVpEdIgdq/ptG4D
JrtBoeGHBR6qrca2Kla3vK0KuhL5qx39hzKBTae2e5VSXg68Jdq/zAa29s23y6OY
aUTtdM2vYYOn2ACURUOxjm4kgYhQMXGv9ELvjWa/ysBX/OLngjj8DQe/pLPPw7AN
1hv3qEYtSZ9L68EFz2VSV3XsQ1JW4xb2/1xungzAae1Y98XgEn/SiktUFmWdtaL6
s/guWFfnG+UOxf/Qy6h+Cv93e41wmuU5XvR93lgVeslW9N/XV1QmWgOWgD2lDajj
dql5ElIc52BHdwv7FtT5pwiYUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIA953g0
aEVU32uJ+OhIuzvonvKLMB8GA1UdIwQYMBaAFBOPmozyB9oAi0AcbejZExD+JepM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjhCNS8yMzlEMkE0MkZG
RjkxMUVCQThGNzQzNjBDNEY5QUUwMi9FNC1halBJSDJnQ0xRQnh0Nk5rVEVQNGw2
a3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U0LWFqUElIMmdDTFFCeHQ2TmtURVA0bDZrdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y4QjUvMjM5RDJBNDJGRkY5MTFFQkE4Rjc0MzYwQzRGOUFFMDIvMkUzRUIzN0M0
RDc2MTFFRTgwMDJGQjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnq4gwDQYJKoZIhvcNAQELBQADggEBAD7dydwGocE/KR8F
gdYo/Lr+cZ1owsUAWugpT9FQawoV/lO3DrPVpdfu4kYIO/4BDwNtex9noO+k+U/W
28HycDcgCOZ8A66isWlrLA42Im23E8WVW0thBug1oFRYb2CTnZm7OHKLWtDPkI0O
BFDoRp6H6QxORpn69Zh9oomCm+w2a8HtvL0KP4/4gr/7vMeaihsvYztLlASRHC4k
HFHnC+dDF5jVt9f3qfObpci/YGvZsxmHB563+at9IRi+ecevAUAN4sY9SgndTS26
3Is0aNYLMSOXoFW3m5PmkA8qGpv+9XB9fNFKDFFllGdO0MhZyW3Z/iA8sAg20tVF
CdhbBX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org