Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/2ED60096A91211ED8AC9104EC4F9AE02.roa
File:                     2ED60096A91211ED8AC9104EC4F9AE02.roa (raw, json)
Hash identifier:          Uc+rOEUpW18Fwe88i2RcZR2/2RCIPE1rXogHeTVj4MY=
Subject key identifier:   E7:58:87:BC:9F:4F:12:F3:9C:7C:01:A8:3C:D2:6A:B6:7A:16:E2:3A
Certificate issuer:       /CN=A91476F2/serialNumber=64B686B05DCBE8BEA92807532DE29A77905156F5
Certificate serial:       0463
Authority key identifier: 64:B6:86:B0:5D:CB:E8:BE:A9:28:07:53:2D:E2:9A:77:90:51:56:F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZLaGsF3L6L6pKAdTLeKad5BRVvU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/2ED60096A91211ED8AC9104EC4F9AE02.roa
Signing time:             Tue 01 Aug 2023 01:01:53 +0000
ROA not before:           Tue 01 Aug 2023 01:01:53 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     140224
IP address blocks:        103.66.56.0/22 maxlen: 24
                          103.228.168.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 25 May 2024 13:08:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1123 (0x463)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91476F2/serialNumber=64B686B05DCBE8BEA92807532DE29A77905156F5
        Validity
            Not Before: Aug  1 01:01:53 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64c85981-52c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e6:8c:06:a2:97:bf:cf:b6:bb:4d:15:cf:75:
                    17:48:6a:00:cc:bd:99:23:02:03:de:2d:bc:a3:2c:
                    e8:43:98:88:ba:a2:b4:91:38:a5:c9:e4:22:66:99:
                    1f:1c:51:47:e2:88:10:36:0b:21:82:d8:b0:48:b3:
                    ff:c9:44:91:c7:1a:3d:a0:72:b5:b6:26:94:ab:f9:
                    c8:4f:21:a7:8f:be:32:3c:c1:79:62:b8:70:59:e8:
                    9d:dc:04:c7:22:13:81:dd:1f:8b:e2:b4:c2:6b:c8:
                    ce:18:e7:1d:2c:e1:38:bf:b6:f7:08:a0:6c:c2:11:
                    6f:e0:fc:86:bf:84:ef:db:1f:d9:fe:09:71:e7:28:
                    5a:6f:28:cb:52:78:cc:58:ed:70:cf:1c:b9:6f:03:
                    01:6f:bc:70:2c:3a:b8:b7:0a:96:dd:f3:98:a3:55:
                    9f:c0:b6:e1:ba:a6:d4:62:26:6a:56:03:0d:11:21:
                    47:6d:2f:ed:20:67:11:37:42:e8:48:30:01:54:84:
                    dd:5c:a0:32:a1:b8:51:c3:9b:27:62:2b:8a:ea:66:
                    67:ad:00:75:20:6a:0e:fb:0c:71:06:ea:45:f3:e3:
                    2e:33:2e:48:c7:c3:88:27:5d:53:d8:59:48:0f:2e:
                    fb:bf:05:7f:44:16:5e:5c:b8:50:08:1a:3e:85:49:
                    c9:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:58:87:BC:9F:4F:12:F3:9C:7C:01:A8:3C:D2:6A:B6:7A:16:E2:3A
            X509v3 Authority Key Identifier:
                keyid:64:B6:86:B0:5D:CB:E8:BE:A9:28:07:53:2D:E2:9A:77:90:51:56:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/ZLaGsF3L6L6pKAdTLeKad5BRVvU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZLaGsF3L6L6pKAdTLeKad5BRVvU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/2ED60096A91211ED8AC9104EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.66.56.0/22
                  103.228.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:e1:0b:41:61:ac:1e:fd:53:6e:ab:a7:a5:b4:7b:75:e1:51:
         c3:10:ec:5a:65:fb:9d:e1:2c:0c:74:a5:34:df:0f:43:c6:1e:
         09:57:9c:47:8d:e3:4f:3e:78:4a:9d:ba:62:95:ff:98:40:04:
         3d:2e:1e:29:d4:cf:8b:23:f5:87:0c:bc:20:5b:c0:55:0d:63:
         a9:fe:06:b3:39:86:10:c2:fe:20:af:11:2f:4e:f4:20:36:40:
         ee:55:1a:88:7f:38:43:f3:60:03:70:01:44:00:13:8b:79:98:
         72:b1:82:61:5c:78:05:02:4a:3a:02:ac:99:94:b3:f5:3e:5b:
         1a:50:95:3f:ec:2a:77:4c:7a:c6:3a:93:0e:78:e5:7f:8c:35:
         1a:d5:93:4e:cc:3b:ae:e6:fa:43:a7:5c:4a:72:4d:f9:12:e8:
         10:06:2e:da:cf:78:6b:1a:60:27:8b:f9:7a:f7:ac:49:dd:7f:
         20:f4:76:62:97:ad:18:4b:66:2f:2e:79:0b:00:54:a6:7b:8b:
         66:b2:89:91:02:48:64:8a:cd:68:b1:81:86:ac:64:40:0f:82:
         95:61:1a:a1:fb:d1:70:4a:10:14:5d:31:cf:36:0d:96:c6:05:
         99:93:25:1b:43:c3:60:e6:79:1d:1f:24:fb:22:1d:7d:42:55:
         78:18:d0:59
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc2RjIxMTAvBgNVBAUTKDY0QjY4NkIwNURDQkU4QkVBOTI4MDc1MzJERTI5QTc3
OTA1MTU2RjUwHhcNMjMwODAxMDEwMTUzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4NTk4MS01MmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz+aMBqKXv8+2u00Vz3UXSGoAzL2ZIwID3i28oyzoQ5iIuqK0kTilyeQiZpkf
HFFH4ogQNgshgtiwSLP/yUSRxxo9oHK1tiaUq/nITyGnj74yPMF5YrhwWeid3ATH
IhOB3R+L4rTCa8jOGOcdLOE4v7b3CKBswhFv4PyGv4Tv2x/Z/glx5yhabyjLUnjM
WO1wzxy5bwMBb7xwLDq4twqW3fOYo1WfwLbhuqbUYiZqVgMNESFHbS/tIGcRN0Lo
SDABVITdXKAyobhRw5snYiuK6mZnrQB1IGoO+wxxBupF8+MuMy5Ix8OIJ11T2FlI
Dy77vwV/RBZeXLhQCBo+hUnJTwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOdYh7yf
TxLznHwBqDzSarZ6FuI6MB8GA1UdIwQYMBaAFGS2hrBdy+i+qSgHUy3imneQUVb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzZGMi8yQkU0M0RBMENC
MkMxMUVCQkMzNUM0NDBDNEY5QUUwMi9aTGFHc0YzTDZMNnBLQWRUTGVLYWQ1QlJW
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pMYUdzRjNMNkw2cEtBZFRMZUthZDVCUlZ2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc2RjIvMkJFNDNEQTBDQjJDMTFFQkJDMzVDNDQwQzRGOUFFMDIvMkVENjAwOTZB
OTEyMTFFRDhBQzkxMDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnQjgDBAJn5KgwDQYJKoZIhvcNAQELBQADggEBAGjhC0Fh
rB79U26rp6W0e3XhUcMQ7Fpl+53hLAx0pTTfD0PGHglXnEeN408+eEqdumKV/5hA
BD0uHinUz4sj9YcMvCBbwFUNY6n+BrM5hhDC/iCvES9O9CA2QO5VGoh/OEPzYANw
AUQAE4t5mHKxgmFceAUCSjoCrJmUs/U+WxpQlT/sKndMesY6kw545X+MNRrVk07M
O67m+kOnXEpyTfkS6BAGLtrPeGsaYCeL+Xr3rEndfyD0dmKXrRhLZi8ueQsAVKZ7
i2ayiZECSGSKzWixgYasZEAPgpVhGqH70XBKEBRdMc82DZbGBZmTJRtDw2DmeR0f
JPsiHX1CVXgY0Fk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org