Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/D4C12232E39211ED8D65E85EC4F9AE02.roa
File:                     D4C12232E39211ED8D65E85EC4F9AE02.roa (raw, json)
Hash identifier:          25sz2KtWyv36GhtI52Z692c5Rz59RpOrnqPquSC+dCo=
Subject key identifier:   D0:40:65:2A:49:A3:8B:4F:66:4D:98:64:6E:51:81:D0:9D:C2:70:22
Certificate issuer:       /CN=A9143C5C/serialNumber=72F2CB33D77C163899E5350D8E801E7170E484DE
Certificate serial:       0816
Authority key identifier: 72:F2:CB:33:D7:7C:16:38:99:E5:35:0D:8E:80:1E:71:70:E4:84:DE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cvLLM9d8FjiZ5TUNjoAecXDkhN4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/D4C12232E39211ED8D65E85EC4F9AE02.roa
Signing time:             Sun 16 Jul 2023 20:57:33 +0000
ROA not before:           Sun 16 Jul 2023 20:57:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138623
IP address blocks:        103.151.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 17:57:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2070 (0x816)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143C5C/serialNumber=72F2CB33D77C163899E5350D8E801E7170E484DE
        Validity
            Not Before: Jul 16 20:57:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64b459bd-950d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:55:24:2d:5b:4d:20:50:9a:4f:0c:b5:1b:0e:
                    c4:81:1d:32:cb:9e:4f:3b:35:3b:e4:03:41:2e:35:
                    8e:2d:8d:70:ce:39:cb:c6:b7:0b:84:fd:48:16:55:
                    8f:08:61:5a:c4:eb:28:cc:dd:af:3a:a5:86:fd:01:
                    68:1c:82:8c:ea:fd:36:1d:fc:ec:78:43:35:8f:f6:
                    3c:ae:73:0b:de:84:89:40:7b:9d:8b:87:e9:d1:c5:
                    f3:9b:87:ad:8d:3e:58:ef:7c:00:01:0a:da:18:30:
                    2d:eb:63:08:de:63:16:e2:f5:1d:3e:a1:fa:8b:da:
                    6b:df:ed:7a:eb:47:c3:aa:4a:24:06:03:72:7b:b7:
                    ac:d7:16:da:2f:f3:97:60:eb:48:9d:f0:9c:a6:cc:
                    40:0f:a2:6c:2f:e9:6c:44:6e:7d:52:fd:2b:25:74:
                    fe:62:3f:ae:f8:d6:ad:e0:9d:8c:1c:a2:9d:43:d9:
                    91:ad:e7:70:62:97:d3:a9:92:16:e5:eb:a7:43:a1:
                    9f:9f:d0:05:55:ac:36:39:1d:3c:f7:4f:bb:34:47:
                    a1:2c:8b:fc:4a:a4:4e:9a:d1:4c:c6:f3:09:66:fd:
                    5c:40:91:c5:ce:98:db:2e:9b:32:a5:fa:32:cc:81:
                    bb:9c:88:a0:fe:05:e1:b3:98:c6:6e:99:af:45:4f:
                    9e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:40:65:2A:49:A3:8B:4F:66:4D:98:64:6E:51:81:D0:9D:C2:70:22
            X509v3 Authority Key Identifier:
                keyid:72:F2:CB:33:D7:7C:16:38:99:E5:35:0D:8E:80:1E:71:70:E4:84:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/cvLLM9d8FjiZ5TUNjoAecXDkhN4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cvLLM9d8FjiZ5TUNjoAecXDkhN4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/D4C12232E39211ED8D65E85EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:e2:f6:0e:29:85:04:e0:6d:48:05:e2:ed:be:e5:b8:d1:6b:
         af:3a:f0:41:5c:3a:53:6d:5d:02:2e:3b:d2:26:f8:a2:08:75:
         62:46:e0:8f:23:29:69:7f:39:19:6f:f4:3a:0d:51:41:d5:0f:
         ee:9b:4a:cb:1c:2b:52:c9:3d:a3:6a:38:21:1e:4a:d2:ed:84:
         32:97:fb:b9:da:04:3a:38:0b:07:46:3e:7d:1f:72:87:32:88:
         a3:b3:6a:3f:ae:55:af:a2:82:1c:46:63:db:db:72:90:a0:73:
         d0:c5:f9:8f:21:cb:ac:9f:d7:a2:95:89:c6:72:1e:7d:93:03:
         77:cd:66:79:be:1b:53:76:ea:64:63:d6:d5:ad:d3:b4:75:a8:
         f8:2a:7e:d7:91:71:86:d2:a7:f6:37:4f:01:0a:19:77:92:34:
         4e:c4:ef:8e:1d:f4:a8:84:fb:e7:8d:85:bd:80:26:06:b4:35:
         aa:ec:8d:2f:d5:87:ff:75:db:51:63:5f:15:e9:58:a0:e6:b2:
         42:0c:e5:e4:40:c1:73:e8:44:f4:93:a6:c4:ce:4d:e9:1e:02:
         a2:1e:08:fe:71:c3:4b:19:6f:50:75:82:9e:85:ac:e5:32:6b:
         31:8c:a6:e4:c7:b5:f4:2f:77:f0:af:1f:5e:a1:fc:34:d7:a7:
         2f:5e:d8:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDNUMxMTAvBgNVBAUTKDcyRjJDQjMzRDc3QzE2Mzg5OUU1MzUwRDhFODAxRTcx
NzBFNDg0REUwHhcNMjMwNzE2MjA1NzMzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI0NTliZC05NTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAllUkLVtNIFCaTwy1Gw7EgR0yy55POzU75ANBLjWOLY1wzjnLxrcLhP1IFlWP
CGFaxOsozN2vOqWG/QFoHIKM6v02HfzseEM1j/Y8rnML3oSJQHudi4fp0cXzm4et
jT5Y73wAAQraGDAt62MI3mMW4vUdPqH6i9pr3+1660fDqkokBgNye7es1xbaL/OX
YOtInfCcpsxAD6JsL+lsRG59Uv0rJXT+Yj+u+Nat4J2MHKKdQ9mRredwYpfTqZIW
5eunQ6Gfn9AFVaw2OR0890+7NEehLIv8SqROmtFMxvMJZv1cQJHFzpjbLpsypfoy
zIG7nIig/gXhs5jGbpmvRU+eqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNBAZSpJ
o4tPZk2YZG5RgdCdwnAiMB8GA1UdIwQYMBaAFHLyyzPXfBY4meU1DY6AHnFw5ITe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0M1Qy9GNjUyRUZGODk0
RTgxMUVBQjBDMDE2NjhDNEY5QUUwMi9jdkxMTTlkOEZqaVo1VFVOam9BZWNYRGto
TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N2TExNOWQ4RmppWjVUVU5qb0FlY1hEa2hONC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDNUMvRjY1MkVGRjg5NEU4MTFFQUIwQzAxNjY4QzRGOUFFMDIvRDRDMTIyMzJF
MzkyMTFFRDhENjVFODVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlzowDQYJKoZIhvcNAQELBQADggEBADni9g4phQTgbUgF
4u2+5bjRa6868EFcOlNtXQIuO9Im+KIIdWJG4I8jKWl/ORlv9DoNUUHVD+6bSssc
K1LJPaNqOCEeStLthDKX+7naBDo4CwdGPn0fcocyiKOzaj+uVa+ighxGY9vbcpCg
c9DF+Y8hy6yf16KVicZyHn2TA3fNZnm+G1N26mRj1tWt07R1qPgqfteRcYbSp/Y3
TwEKGXeSNE7E744d9KiE++eNhb2AJga0NarsjS/Vh/9121FjXxXpWKDmskIM5eRA
wXPoRPSTpsTOTekeAqIeCP5xw0sZb1B1gp6FrOUyazGMpuTHtfQvd/CvH16h/DTX
py9e2Gk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org