Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A55E5F567BA911EDB41A851EC4F9AE02.roa
File:                     A55E5F567BA911EDB41A851EC4F9AE02.roa (raw, json)
Hash identifier:          peH3/6Rs1iQ+KrfR1ucwTqKfgCegv2TUpU4DS9hii68=
Subject key identifier:   23:D9:41:CD:87:2E:4A:54:F0:82:17:EC:2F:65:FA:8F:31:FC:89:13
Certificate issuer:       /CN=A9143FE9/serialNumber=1520F2B34ABDDCAE94FA922EF4757CD36140F254
Certificate serial:       0611
Authority key identifier: 15:20:F2:B3:4A:BD:DC:AE:94:FA:92:2E:F4:75:7C:D3:61:40:F2:54
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSDys0q93K6U-pIu9HV802FA8lQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A55E5F567BA911EDB41A851EC4F9AE02.roa
Signing time:             Fri 26 Jan 2024 23:21:57 +0000
ROA not before:           Fri 26 Jan 2024 23:21:57 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     149013
IP address blocks:        103.160.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Aug 2024 16:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1553 (0x611)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143FE9/serialNumber=1520F2B34ABDDCAE94FA922EF4757CD36140F254
        Validity
            Not Before: Jan 26 23:21:57 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65b43e94-28ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:89:14:80:bc:eb:79:7a:08:9b:7d:e3:11:eb:
                    69:23:c2:f9:01:1a:bf:db:b1:8c:dc:5c:31:22:4e:
                    e7:1f:1d:04:ea:2d:cb:55:79:d1:0b:5d:6e:e9:a4:
                    e0:cc:94:ea:78:77:9f:74:01:4d:61:21:a7:81:e9:
                    91:a3:61:4d:45:e0:57:fe:c6:14:a7:eb:0f:37:b6:
                    99:01:62:29:e2:ed:62:fa:a5:c5:d8:f0:71:98:b6:
                    7f:9d:35:c6:40:01:4d:aa:7b:f6:95:40:21:a1:e6:
                    3f:e3:a9:02:55:b6:67:c8:63:fa:08:7a:49:58:23:
                    48:c6:0b:e9:ee:dd:51:11:63:c9:0b:5f:a3:c8:5e:
                    6b:d4:46:07:4c:b8:b5:b5:60:a0:99:b8:02:95:05:
                    b0:24:8e:99:23:f1:0d:04:75:d3:e1:b2:92:07:b9:
                    15:16:ae:8c:b7:e4:b0:42:59:d3:72:6f:3e:34:4d:
                    8d:80:79:f6:c8:87:e3:13:f5:14:d1:ae:0b:d3:41:
                    6e:b7:d6:b5:cb:26:2f:5f:f4:2f:e8:c0:b9:24:b4:
                    f0:93:6b:70:2a:6c:43:c7:d9:3f:48:5e:50:54:e6:
                    58:70:2a:a4:4c:bd:55:7f:1f:87:58:bf:e7:01:08:
                    d7:62:39:b0:22:07:04:47:d2:5b:84:f4:f4:e8:37:
                    40:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:D9:41:CD:87:2E:4A:54:F0:82:17:EC:2F:65:FA:8F:31:FC:89:13
            X509v3 Authority Key Identifier:
                keyid:15:20:F2:B3:4A:BD:DC:AE:94:FA:92:2E:F4:75:7C:D3:61:40:F2:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/FSDys0q93K6U-pIu9HV802FA8lQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSDys0q93K6U-pIu9HV802FA8lQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A55E5F567BA911EDB41A851EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:c0:fa:bc:38:a8:85:f8:dd:23:12:2c:0b:a6:c1:4b:c1:c3:
         1e:7b:dd:f8:11:b2:05:c2:e2:5f:d8:19:62:4c:0c:81:7e:3a:
         c2:01:58:a4:48:b0:4f:2c:9b:ac:1f:10:c3:f2:12:26:2b:e1:
         31:7d:d6:2a:71:53:e9:bf:c9:17:3f:41:34:9a:10:99:cd:12:
         ff:f0:e7:0e:04:8f:84:88:ea:2a:8f:51:d4:af:02:45:2d:28:
         ae:af:d0:e4:87:d6:dc:a2:7e:b2:b1:89:47:4e:06:31:ae:28:
         39:fb:78:27:af:50:a1:1f:c0:78:a4:dc:e3:fe:33:db:8f:ed:
         c6:42:22:2c:e5:e0:6e:82:47:94:c5:09:7d:b2:ea:f5:a6:d8:
         cd:80:22:40:cd:2b:5a:ca:17:54:d1:a4:88:32:09:60:02:99:
         89:c5:1e:2d:e6:76:15:72:44:85:1e:64:24:7a:d1:f7:ad:5f:
         64:0a:74:2b:b1:1a:e3:0c:e8:21:09:db:b9:56:f9:c0:9d:55:
         31:9a:a6:c2:7c:b0:05:f9:57:b5:9e:cb:5a:f1:93:4a:5b:38:
         8d:e4:3f:e3:13:44:82:0d:e1:1d:1d:04:b8:d7:da:26:c1:2c:
         54:45:c0:1a:ea:6e:95:b4:0a:4f:a5:dc:0b:cb:fc:62:10:3e:
         ad:57:fc:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNGRTkxMTAvBgNVBAUTKDE1MjBGMkIzNEFCRERDQUU5NEZBOTIyRUY0NzU3Q0Qz
NjE0MEYyNTQwHhcNMjQwMTI2MjMyMTU3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI0M2U5NC0yOGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqokUgLzreXoIm33jEetpI8L5ARq/27GM3FwxIk7nHx0E6i3LVXnRC11u6aTg
zJTqeHefdAFNYSGngemRo2FNReBX/sYUp+sPN7aZAWIp4u1i+qXF2PBxmLZ/nTXG
QAFNqnv2lUAhoeY/46kCVbZnyGP6CHpJWCNIxgvp7t1REWPJC1+jyF5r1EYHTLi1
tWCgmbgClQWwJI6ZI/ENBHXT4bKSB7kVFq6Mt+SwQlnTcm8+NE2NgHn2yIfjE/UU
0a4L00Fut9a1yyYvX/Qv6MC5JLTwk2twKmxDx9k/SF5QVOZYcCqkTL1Vfx+HWL/n
AQjXYjmwIgcER9JbhPT06DdAHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCPZQc2H
LkpU8IIX7C9l+o8x/IkTMB8GA1UdIwQYMBaAFBUg8rNKvdyulPqSLvR1fNNhQPJU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0ZFOS9GOUU2NUUyMDQ0
MzgxMUVCQUQ0NDNGNzRDNEY5QUUwMi9GU0R5czBxOTNLNlUtcEl1OUhWODAyRkE4
bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZTRHlzMHE5M0s2VS1wSXU5SFY4MDJGQThsUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNGRTkvRjlFNjVFMjA0NDM4MTFFQkFENDQzRjc0QzRGOUFFMDIvQTU1RTVGNTY3
QkE5MTFFREI0MUE4NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoJEwDQYJKoZIhvcNAQELBQADggEBAALA+rw4qIX43SMS
LAumwUvBwx573fgRsgXC4l/YGWJMDIF+OsIBWKRIsE8sm6wfEMPyEiYr4TF91ipx
U+m/yRc/QTSaEJnNEv/w5w4Ej4SI6iqPUdSvAkUtKK6v0OSH1tyifrKxiUdOBjGu
KDn7eCevUKEfwHik3OP+M9uP7cZCIizl4G6CR5TFCX2y6vWm2M2AIkDNK1rKF1TR
pIgyCWACmYnFHi3mdhVyRIUeZCR60fetX2QKdCuxGuMM6CEJ27lW+cCdVTGapsJ8
sAX5V7Wey1rxk0pbOI3kP+MTRIIN4R0dBLjX2ibBLFRFwBrqbpW0Ck+l3AvL/GIQ
Pq1X/Nw=
-----END CERTIFICATE-----
Generated at Sat Aug 3 19:56:42 2024 by rpki-client on console-ams.rpki-client.org