Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
File:                     E0B3A87CA69711ED9DFF0870C4F9AE02.roa (raw, json)
Hash identifier:          zimqvxOmy95RPu1rH5QZfKu+GFhtBsemJIGrU+LWIdI=
Subject key identifier:   F0:02:4B:CC:56:97:F5:E0:27:6A:08:EB:64:91:9B:82:04:B5:CE:2E
Certificate issuer:       /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial:       05BC
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
Signing time:             Wed 04 Oct 2023 23:41:35 +0000
ROA not before:           Wed 04 Oct 2023 23:41:35 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     58600
IP address blocks:        103.9.40.0/22 maxlen: 24
                          103.224.128.0/22 maxlen: 24
                          163.47.104.0/22 maxlen: 24
                          2403:c900::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 08:11:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1468 (0x5bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
        Validity
            Not Before: Oct  4 23:41:35 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=651df82f-be46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:45:3b:94:7e:8f:02:de:26:87:2b:81:a2:28:
                    c7:da:56:92:95:8d:df:b2:55:3f:0b:25:13:16:40:
                    e1:b9:a7:44:c4:1f:95:28:eb:6f:58:5e:c9:99:96:
                    66:5a:38:cc:64:ca:1b:b0:eb:71:94:cc:4e:02:f6:
                    ec:d2:4e:50:85:01:65:64:25:ad:e3:ca:2c:62:53:
                    ca:8f:75:a9:f1:09:41:58:28:b9:b4:db:c0:8c:99:
                    b1:1e:1f:80:70:14:a7:2d:ac:64:b2:4d:e0:60:99:
                    cf:ab:ea:00:7c:81:0d:19:e9:1f:8d:38:6d:13:3d:
                    92:08:62:c5:fb:6a:cb:5a:43:62:ec:9c:43:76:15:
                    30:24:e6:5d:64:f6:87:7e:d0:be:a9:d2:fb:d0:b1:
                    fd:f0:57:30:cd:38:6a:8e:19:97:08:ef:76:f3:18:
                    c0:b9:34:bb:2f:02:d7:60:b2:94:9b:81:c8:f3:09:
                    52:74:c0:83:cf:49:01:f3:77:45:f7:f8:7c:42:73:
                    74:b8:e7:f6:3b:f9:0f:f0:43:25:7f:ec:42:71:10:
                    38:2e:b6:10:b9:8e:63:1a:79:31:b3:6d:21:f4:c6:
                    8d:25:ae:48:66:36:8d:da:da:ce:07:4a:71:87:88:
                    d2:88:44:4e:3e:eb:38:04:d5:a3:38:57:07:16:2f:
                    a2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:02:4B:CC:56:97:F5:E0:27:6A:08:EB:64:91:9B:82:04:B5:CE:2E
            X509v3 Authority Key Identifier:
                keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0B3A87CA69711ED9DFF0870C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.9.40.0/22
                  103.224.128.0/22
                  163.47.104.0/22
                IPv6:
                  2403:c900::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:ad:ce:9f:ae:7c:5f:ca:57:8d:75:a2:33:f7:92:1c:ea:b9:
         1d:3f:67:0d:40:6c:14:eb:5a:f3:f1:b5:93:d9:75:54:3b:be:
         8f:f1:05:d7:b8:d5:20:fc:9e:2b:83:cd:46:32:72:19:c6:6c:
         50:d2:d3:b8:c5:94:19:2a:9e:df:e2:1e:90:84:76:11:19:d0:
         75:71:9b:01:82:27:1c:96:7c:e5:51:c3:3d:a1:65:e0:38:73:
         70:ed:b1:57:26:0f:47:5b:38:2f:c9:4a:66:af:e7:ef:3d:da:
         98:fc:f1:cf:40:42:db:c3:16:12:63:f9:25:64:bd:f1:86:fe:
         27:ee:9e:7b:f9:9f:29:da:3d:d2:10:0d:bf:58:bb:e3:80:38:
         bf:dd:08:39:7c:e1:1f:92:c7:17:1c:f6:89:f8:f9:44:6e:f3:
         f2:82:93:18:93:be:69:42:4e:86:d9:6b:37:45:d6:5a:77:ca:
         e3:9f:2d:15:a6:cc:8a:43:9e:5b:7e:77:68:eb:ce:52:5e:d1:
         f8:24:c0:51:ca:56:79:43:7b:cf:48:88:f1:bb:67:ad:65:64:
         e3:90:2e:f9:0c:75:51:a0:85:06:e4:68:c0:cf:38:95:50:eb:
         60:eb:60:e2:c3:21:b3:38:34:81:ed:98:67:ef:0f:10:90:1a:
         99:41:12:00
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjMxMDA0MjM0MTM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkZjgyZi1iZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnkU7lH6PAt4mhyuBoijH2laSlY3fslU/CyUTFkDhuadExB+VKOtvWF7JmZZm
WjjMZMobsOtxlMxOAvbs0k5QhQFlZCWt48osYlPKj3Wp8QlBWCi5tNvAjJmxHh+A
cBSnLaxksk3gYJnPq+oAfIENGekfjThtEz2SCGLF+2rLWkNi7JxDdhUwJOZdZPaH
ftC+qdL70LH98FcwzThqjhmXCO928xjAuTS7LwLXYLKUm4HI8wlSdMCDz0kB83dF
9/h8QnN0uOf2O/kP8EMlf+xCcRA4LrYQuY5jGnkxs20h9MaNJa5IZjaN2trOB0px
h4jSiEROPus4BNWjOFcHFi+i+wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPACS8xW
l/XgJ2oI62SRm4IEtc4uMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRTBCM0E4N0NB
Njk3MTFFRDlERkYwODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnCSgDBAJn4IADBAKjL2gwDQQCAAIwBwMFACQDyQAwDQYJ
KoZIhvcNAQELBQADggEBAHWtzp+ufF/KV411ojP3khzquR0/Zw1AbBTrWvPxtZPZ
dVQ7vo/xBde41SD8niuDzUYychnGbFDS07jFlBkqnt/iHpCEdhEZ0HVxmwGCJxyW
fOVRwz2hZeA4c3DtsVcmD0dbOC/JSmav5+892pj88c9AQtvDFhJj+SVkvfGG/ifu
nnv5nynaPdIQDb9Yu+OAOL/dCDl84R+Sxxcc9on4+URu8/KCkxiTvmlCTobZazdF
1lp3yuOfLRWmzIpDnlt+d2jrzlJe0fgkwFHKVnlDe89IiPG7Z61lZOOQLvkMdVGg
hQbkaMDPOJVQ62DrYOLDIbM4NIHtmGfvDxCQGplBEgA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org