Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
File:                     5AC80410239811ED9B68AC57C4F9AE02.roa (raw, json)
Hash identifier:          ykKspw2UHcd+L5SWvRs0SiuZizhlvc3j1sZwwTSCLYs=
Subject key identifier:   B7:DD:85:D1:8C:E5:E0:6F:F3:6B:B1:EC:3B:EB:D7:A1:DD:9B:4C:F9
Certificate issuer:       /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial:       25BD
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
Signing time:             Mon 19 Aug 2024 09:12:43 +0000
ROA not before:           Mon 19 Aug 2024 09:12:43 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     64005
IP address blocks:        103.228.200.0/24 maxlen: 24
                          2001:df4:3800::/48 maxlen: 48
                          2400:eb80::/48 maxlen: 48
                          2400:eb80:1000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 03 Nov 2024 11:34:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9661 (0x25bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
        Validity
            Not Before: Aug 19 09:12:43 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66c30c8a-02b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:66:26:7a:42:cb:46:8e:fb:96:31:26:5a:49:
                    77:31:08:e1:1d:51:bd:32:c3:bb:c4:af:89:93:a8:
                    06:ed:9c:1c:1d:44:68:5e:45:11:eb:96:b5:ab:77:
                    31:aa:db:db:a7:86:44:a9:7a:66:ce:99:fd:d4:95:
                    bb:b9:ed:ac:36:71:e2:16:91:bc:7b:d7:44:1f:19:
                    89:3e:46:af:3f:0d:27:0a:c7:8e:1f:37:63:14:02:
                    7e:03:5f:66:76:25:0d:0a:27:9f:d3:b6:2e:ef:7b:
                    ce:8b:c8:34:4f:b5:57:4a:ce:65:a2:ca:e0:24:01:
                    8b:f4:b0:d3:c4:8a:f4:8a:62:b9:64:db:06:38:32:
                    cd:dc:2e:ae:d7:4e:c9:39:34:94:b1:79:ed:81:aa:
                    74:d8:ea:85:13:b6:37:c2:b2:db:45:fe:90:a6:f3:
                    07:3d:a9:21:32:78:e0:55:5b:a3:7f:17:f0:06:f8:
                    81:df:f0:8a:a9:b1:69:c9:d3:60:b5:80:c5:4e:76:
                    69:80:15:30:99:d6:fb:56:4c:77:c3:00:c6:46:4f:
                    9c:da:3e:b4:bb:af:31:72:22:4f:77:9a:01:e5:bd:
                    ca:59:f7:44:cf:03:9e:7b:a5:73:4e:3f:fa:c2:b7:
                    97:37:ce:1c:87:65:f4:ae:1a:30:40:3c:62:ec:77:
                    eb:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:DD:85:D1:8C:E5:E0:6F:F3:6B:B1:EC:3B:EB:D7:A1:DD:9B:4C:F9
            X509v3 Authority Key Identifier:
                keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5AC80410239811ED9B68AC57C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.228.200.0/24
                IPv6:
                  2001:df4:3800::/48
                  2400:eb80::/48
                  2400:eb80:1000::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:5c:a5:92:04:31:5c:4d:49:68:c6:39:07:3b:f8:4a:3b:74:
         e6:dd:75:92:25:75:91:c6:c7:74:e9:52:7c:3b:87:4e:7f:d2:
         0f:1c:6e:07:15:8c:72:8c:3f:ad:13:a5:63:99:78:9f:6c:9e:
         19:4d:7c:3c:5d:09:01:cc:1e:1d:3a:23:81:a9:f1:1a:d2:fc:
         f4:c4:c9:47:33:21:54:ba:91:be:c1:cb:0f:fe:66:e7:75:e2:
         9d:dd:c8:85:c8:cb:a3:8b:67:55:0a:8c:b5:2d:6d:a2:58:4c:
         83:58:22:66:21:da:c8:9f:42:13:41:f0:16:0c:4d:21:c3:5a:
         ec:f9:0c:9f:4e:8a:f4:67:c8:a8:bb:7d:1c:65:b2:41:79:36:
         ca:82:22:18:cc:8f:54:22:54:c6:67:f8:15:48:2d:56:dd:64:
         9c:e6:9e:f2:66:88:a0:97:76:2e:27:d7:be:2d:3b:3f:fa:cd:
         f1:b9:22:3e:13:0b:dc:82:80:3a:14:e9:d7:53:fa:20:2c:26:
         c3:35:a8:20:7c:b8:d2:c8:91:76:9f:6b:9c:ab:35:c2:cb:3d:
         5b:8e:cd:78:19:5c:19:af:ae:a4:7e:d8:b5:a4:38:3d:6d:6d:
         8c:18:62:57:4f:18:66:83:9c:13:1e:85:6d:7b:64:85:b1:09:
         e1:94:17:17
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICJb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjQwODE5MDkxMjQzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMzMGM4YS0wMmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2YmekLLRo77ljEmWkl3MQjhHVG9MsO7xK+Jk6gG7ZwcHURoXkUR65a1q3cx
qtvbp4ZEqXpmzpn91JW7ue2sNnHiFpG8e9dEHxmJPkavPw0nCseOHzdjFAJ+A19m
diUNCief07Yu73vOi8g0T7VXSs5losrgJAGL9LDTxIr0imK5ZNsGODLN3C6u107J
OTSUsXntgap02OqFE7Y3wrLbRf6QpvMHPakhMnjgVVujfxfwBviB3/CKqbFpydNg
tYDFTnZpgBUwmdb7Vkx3wwDGRk+c2j60u68xciJPd5oB5b3KWfdEzwOee6VzTj/6
wreXN84ch2X0rhowQDxi7HfrYwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFLfdhdGM
5eBv82ux7Dvr16Hdm0z5MB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvNUFDODA0MTAy
Mzk4MTFFRDlCNjhBQzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMAwEAgABMAYDBABn5MgwIQQCAAIwGwMHACABDfQ4AAMHACQA64AAAAMHACQA
64AQADANBgkqhkiG9w0BAQsFAAOCAQEAkVylkgQxXE1JaMY5Bzv4Sjt05t11kiV1
kcbHdOlSfDuHTn/SDxxuBxWMcow/rROlY5l4n2yeGU18PF0JAcweHTojganxGtL8
9MTJRzMhVLqRvsHLD/5m53Xind3IhcjLo4tnVQqMtS1tolhMg1giZiHayJ9CE0Hw
FgxNIcNa7PkMn06K9GfIqLt9HGWyQXk2yoIiGMyPVCJUxmf4FUgtVt1knOae8maI
oJd2LifXvi07P/rN8bkiPhML3IKAOhTp11P6ICwmwzWoIHy40siRdp9rnKs1wss9
W47NeBlcGa+upH7YtaQ4PW1tjBhiV08YZoOcEx6FbXtkhbEJ4ZQXFw==
-----END CERTIFICATE-----
Generated at Sun Nov 3 14:28:07 2024 by rpki-client on console-ams.rpki-client.org