Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143F26/703A02542D5511EE89AA2009C4F9AE02/431D51B4798A11EE80295A2FC4F9AE02.roa
File:                     431D51B4798A11EE80295A2FC4F9AE02.roa (raw, json)
Hash identifier:          T92hTt4uEXtn/dniuUwzWI0BQLLbFcWRrpvHrk3fOuM=
Subject key identifier:   AC:2B:30:79:D8:50:1E:B7:3F:0B:DB:33:DE:DD:1C:E4:92:81:EC:F3
Certificate issuer:       /CN=A9143F26/serialNumber=D790C2C46932BE9D25822D99128EBBCF033D45C4
Certificate serial:       79
Authority key identifier: D7:90:C2:C4:69:32:BE:9D:25:82:2D:99:12:8E:BB:CF:03:3D:45:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15DCxGkyvp0lgi2ZEo67zwM9RcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143F26/703A02542D5511EE89AA2009C4F9AE02/431D51B4798A11EE80295A2FC4F9AE02.roa
Signing time:             Wed 06 Mar 2024 11:50:51 +0000
ROA not before:           Wed 06 Mar 2024 11:50:51 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     151636
IP address blocks:        103.244.92.0/24 maxlen: 24
                          103.244.93.0/24 maxlen: 24
                          2401:8620::/32 maxlen: 34

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 15:49:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121 (0x79)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143F26/serialNumber=D790C2C46932BE9D25822D99128EBBCF033D45C4
        Validity
            Not Before: Mar  6 11:50:51 2024 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65e8589b-cbc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d1:4f:cf:ca:9d:88:0a:9b:cc:78:c5:db:92:
                    60:02:12:02:84:50:3d:88:6b:34:c7:ae:9e:da:68:
                    64:b3:33:0e:68:8c:7d:34:4b:12:83:35:9f:3f:94:
                    97:11:f8:76:c8:e1:b9:e5:9f:43:69:b0:4d:af:d6:
                    63:23:ff:89:d0:1e:45:87:7a:a3:24:db:6b:01:60:
                    ba:b6:eb:e4:ee:2c:e5:3c:47:ee:62:ea:63:ba:c3:
                    3d:5f:9b:5e:c6:f5:94:bc:f3:93:e5:ac:54:2c:30:
                    f4:fc:1a:61:02:0f:2b:40:6c:82:32:bc:a1:49:b6:
                    e2:62:5a:84:d0:c6:96:8b:fe:42:39:a1:66:86:8b:
                    22:f5:00:06:b0:fe:d0:2e:6a:d0:a9:30:69:d4:c5:
                    62:70:77:72:6f:21:cb:8a:a8:95:a6:6a:c2:ad:a7:
                    b1:ea:f8:dd:b3:bf:07:89:33:48:4d:3d:c2:7f:eb:
                    79:ef:56:dc:08:3e:f4:a8:f6:96:51:0b:2b:f9:20:
                    10:8a:69:f1:fe:7a:5b:e7:b4:e9:b4:ec:e6:e3:08:
                    b2:06:9f:2a:5a:b9:23:ed:c5:63:4e:4f:d4:2a:b2:
                    8a:14:7a:d9:03:85:2a:53:b7:84:30:b5:f8:9f:b0:
                    b9:70:b0:76:de:34:dc:77:a0:3e:f2:19:98:b2:88:
                    9c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:2B:30:79:D8:50:1E:B7:3F:0B:DB:33:DE:DD:1C:E4:92:81:EC:F3
            X509v3 Authority Key Identifier:
                keyid:D7:90:C2:C4:69:32:BE:9D:25:82:2D:99:12:8E:BB:CF:03:3D:45:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143F26/703A02542D5511EE89AA2009C4F9AE02/15DCxGkyvp0lgi2ZEo67zwM9RcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15DCxGkyvp0lgi2ZEo67zwM9RcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143F26/703A02542D5511EE89AA2009C4F9AE02/431D51B4798A11EE80295A2FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.244.92.0/23
                IPv6:
                  2401:8620::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:ea:f9:bd:aa:ad:1f:e1:ec:d8:1d:8b:c0:b4:c2:8c:44:32:
         c5:aa:8b:a4:33:ea:08:da:18:a8:27:9a:bf:95:f0:1f:f7:e9:
         1c:9e:a1:4e:d0:bd:d5:31:2a:43:0b:52:6c:c1:65:34:94:a4:
         f2:d4:a9:4e:8c:06:1a:6e:63:a0:d3:e6:45:2f:a2:46:bc:73:
         b4:56:fa:da:2b:1e:84:dd:58:e2:18:29:74:f0:5c:43:5c:f5:
         c1:dc:8f:77:de:8f:92:88:6c:8a:76:1c:10:5d:f3:04:4f:5d:
         a7:8c:53:79:6a:a8:b0:86:4a:72:91:c7:21:13:38:b0:99:e9:
         1b:28:76:37:30:4a:a0:1a:9f:07:70:92:c5:b2:f1:bb:74:86:
         a0:83:13:81:f9:b0:01:62:9c:6b:77:dd:7d:6a:a7:63:51:fd:
         67:99:5f:fa:2d:49:2d:16:77:90:19:6a:8f:23:ae:b6:1c:3e:
         8a:71:49:d3:c8:a2:9d:5d:b8:5e:e0:51:76:77:5b:ed:53:60:
         b3:fd:95:f4:70:fc:bb:1c:d6:32:35:ea:c0:34:9a:83:9b:fe:
         94:93:d6:20:8c:e3:7d:61:97:25:c3:9d:e1:6d:2e:b7:f1:f5:
         8b:35:1c:86:f5:f6:28:1f:a7:42:65:9d:86:ff:f0:2a:89:2b:
         af:d6:f5:e4
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
M0YyNjExMC8GA1UEBRMoRDc5MEMyQzQ2OTMyQkU5RDI1ODIyRDk5MTI4RUJCQ0Yw
MzNENDVDNDAeFw0yNDAzMDYxMTUwNTFaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTg1ODliLWNiYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCb0U/Pyp2ICpvMeMXbkmACEgKEUD2IazTHrp7aaGSzMw5ojH00SxKDNZ8/lJcR
+HbI4bnln0NpsE2v1mMj/4nQHkWHeqMk22sBYLq26+TuLOU8R+5i6mO6wz1fm17G
9ZS885PlrFQsMPT8GmECDytAbIIyvKFJtuJiWoTQxpaL/kI5oWaGiyL1AAaw/tAu
atCpMGnUxWJwd3JvIcuKqJWmasKtp7Hq+N2zvweJM0hNPcJ/63nvVtwIPvSo9pZR
Cyv5IBCKafH+elvntOm07ObjCLIGnypauSPtxWNOT9QqsooUetkDhSpTt4Qwtfif
sLlwsHbeNNx3oD7yGZiyiJxJAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUrCswedhQ
Hrc/C9sz3t0c5JKB7PMwHwYDVR0jBBgwFoAU15DCxGkyvp0lgi2ZEo67zwM9RcQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQzRjI2LzcwM0EwMjU0MkQ1
NTExRUU4OUFBMjAwOUM0RjlBRTAyLzE1REN4R2t5dnAwbGdpMlpFbzY3endNOVJj
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMTVEQ3hHa3l2cDBsZ2kyWkVvNjd6d005UmNRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
M0YyNi83MDNBMDI1NDJENTUxMUVFODlBQTIwMDlDNEY5QUUwMi80MzFENTFCNDc5
OEExMUVFODAyOTVBMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWf0XDANBAIAAjAHAwUAJAGGIDANBgkqhkiG9w0BAQsFAAOC
AQEACer5vaqtH+Hs2B2LwLTCjEQyxaqLpDPqCNoYqCeav5XwH/fpHJ6hTtC91TEq
QwtSbMFlNJSk8tSpTowGGm5joNPmRS+iRrxztFb62isehN1Y4hgpdPBcQ1z1wdyP
d96PkohsinYcEF3zBE9dp4xTeWqosIZKcpHHIRM4sJnpGyh2NzBKoBqfB3CSxbLx
u3SGoIMTgfmwAWKca3fdfWqnY1H9Z5lf+i1JLRZ3kBlqjyOuthw+inFJ08iinV24
XuBRdndb7VNgs/2V9HD8uxzWMjXqwDSag5v+lJPWIIzjfWGXJcOd4W0ut/H1izUc
hvX2KB+nQmWdhv/wKokrr9b15A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org