Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/E0F71C721A9711EFB8A15B1FC4F9AE02.roa
File:                     E0F71C721A9711EFB8A15B1FC4F9AE02.roa (raw, json)
Hash identifier:          lNWVtD5xo4u+dcD/OQJ1BC0NrEGlRhfCLmqC/TNtjF0=
Subject key identifier:   4F:4B:E2:C8:4A:AD:B4:51:43:A6:49:D6:37:83:B4:BA:56:03:80:91
Certificate issuer:       /CN=A91476F2/serialNumber=64B686B05DCBE8BEA92807532DE29A77905156F5
Certificate serial:       051F
Authority key identifier: 64:B6:86:B0:5D:CB:E8:BE:A9:28:07:53:2D:E2:9A:77:90:51:56:F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZLaGsF3L6L6pKAdTLeKad5BRVvU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/E0F71C721A9711EFB8A15B1FC4F9AE02.roa
Signing time:             Fri 05 Jul 2024 00:42:00 +0000
ROA not before:           Fri 05 Jul 2024 00:42:00 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     140224
IP address blocks:        103.66.56.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jul 2024 11:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1311 (0x51f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91476F2/serialNumber=64B686B05DCBE8BEA92807532DE29A77905156F5
        Validity
            Not Before: Jul  5 00:42:00 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=66874158-3277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:bf:45:cc:4c:1f:9c:6a:82:93:e0:a4:88:be:
                    f4:5f:ed:b8:7a:f5:80:6a:bd:0e:40:3b:f8:1c:14:
                    b7:06:37:1c:20:a3:69:be:57:bd:7f:45:56:2c:13:
                    24:4e:41:be:93:93:77:21:2f:36:2c:0f:36:97:f3:
                    8f:0c:22:22:69:e4:7f:a4:4c:08:e8:bf:9d:7c:db:
                    88:49:4e:2a:93:8a:3d:49:05:5e:ac:6a:dc:d6:81:
                    0a:6c:bc:10:c2:00:b0:7e:74:53:67:2c:3d:af:9d:
                    11:3a:81:5b:32:4f:97:49:5a:88:3f:8c:a2:cb:30:
                    85:d7:8f:54:de:6a:b4:b0:49:09:eb:8c:07:4b:1c:
                    69:02:ab:eb:f1:c8:44:cc:a9:37:bf:5d:e2:a1:af:
                    7d:35:d4:68:87:d2:47:11:91:8b:44:dc:82:b0:a0:
                    9e:28:7b:54:4b:5d:54:6c:6a:4e:29:11:a0:5b:a0:
                    a5:b3:62:3c:c3:0b:5b:47:7c:75:88:76:2c:bf:7c:
                    bc:74:92:fb:be:a0:7b:25:5c:5b:9d:5f:29:9f:81:
                    a3:72:ae:23:df:9d:9b:0e:64:93:e1:e1:12:e7:78:
                    18:49:fd:1d:8e:a0:7a:0b:ec:39:13:cd:a7:60:b7:
                    4e:43:9c:b4:77:48:a4:3d:e1:03:de:98:e5:e9:8c:
                    49:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:4B:E2:C8:4A:AD:B4:51:43:A6:49:D6:37:83:B4:BA:56:03:80:91
            X509v3 Authority Key Identifier:
                keyid:64:B6:86:B0:5D:CB:E8:BE:A9:28:07:53:2D:E2:9A:77:90:51:56:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/ZLaGsF3L6L6pKAdTLeKad5BRVvU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZLaGsF3L6L6pKAdTLeKad5BRVvU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476F2/2BE43DA0CB2C11EBBC35C440C4F9AE02/E0F71C721A9711EFB8A15B1FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.66.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:a5:fc:04:54:9f:32:0c:c6:d3:78:9f:bc:a3:48:52:4c:75:
         18:e5:2e:dc:07:cf:e6:8b:e2:5c:e1:fa:00:6a:fb:e1:9b:96:
         8f:03:06:7a:26:89:4b:45:b0:5a:e7:c2:6c:44:58:c8:2f:ba:
         3b:b2:b7:48:69:4c:b1:70:9b:9e:38:a2:6a:dd:17:60:fc:d5:
         06:6b:c8:5f:f6:54:f7:33:e9:50:7c:54:42:ad:d5:4a:75:64:
         15:55:42:42:45:82:e6:84:6d:d8:1e:3c:ac:ed:ce:23:16:69:
         e4:ff:58:f2:bc:39:99:99:ec:b5:55:2c:8f:d5:e7:d8:7d:e5:
         d3:0d:d0:56:a2:34:bf:b2:73:da:ab:15:f5:4c:23:8e:1f:61:
         de:8d:bb:30:83:91:81:3e:dd:32:67:52:a8:03:7b:77:d4:e9:
         3a:5a:99:a7:5c:9f:72:a2:14:96:69:4f:a4:a2:49:ca:59:4a:
         f6:22:72:f5:cc:98:40:80:87:fd:81:d0:a6:9c:dd:35:52:f7:
         79:a1:37:c6:2a:25:8f:6d:0d:17:ff:65:9b:b1:e1:d1:83:af:
         f9:9b:ce:27:7b:84:a1:33:ab:21:ce:90:d0:ea:83:3d:44:e4:
         70:b8:1b:e0:20:ab:39:a1:f4:17:da:33:00:cb:ff:27:4c:f7:
         60:b5:fd:e6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc2RjIxMTAvBgNVBAUTKDY0QjY4NkIwNURDQkU4QkVBOTI4MDc1MzJERTI5QTc3
OTA1MTU2RjUwHhcNMjQwNzA1MDA0MjAwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3NDE1OC0zMjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA879FzEwfnGqCk+CkiL70X+24evWAar0OQDv4HBS3BjccIKNpvle9f0VWLBMk
TkG+k5N3IS82LA82l/OPDCIiaeR/pEwI6L+dfNuISU4qk4o9SQVerGrc1oEKbLwQ
wgCwfnRTZyw9r50ROoFbMk+XSVqIP4yiyzCF149U3mq0sEkJ64wHSxxpAqvr8chE
zKk3v13ioa99NdRoh9JHEZGLRNyCsKCeKHtUS11UbGpOKRGgW6Cls2I8wwtbR3x1
iHYsv3y8dJL7vqB7JVxbnV8pn4Gjcq4j352bDmST4eES53gYSf0djqB6C+w5E82n
YLdOQ5y0d0ikPeED3pjl6YxJuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE9L4shK
rbRRQ6ZJ1jeDtLpWA4CRMB8GA1UdIwQYMBaAFGS2hrBdy+i+qSgHUy3imneQUVb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzZGMi8yQkU0M0RBMENC
MkMxMUVCQkMzNUM0NDBDNEY5QUUwMi9aTGFHc0YzTDZMNnBLQWRUTGVLYWQ1QlJW
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pMYUdzRjNMNkw2cEtBZFRMZUthZDVCUlZ2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc2RjIvMkJFNDNEQTBDQjJDMTFFQkJDMzVDNDQwQzRGOUFFMDIvRTBGNzFDNzIx
QTk3MTFFRkI4QTE1QjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnQjgwDQYJKoZIhvcNAQELBQADggEBAHal/ARUnzIMxtN4
n7yjSFJMdRjlLtwHz+aL4lzh+gBq++Gblo8DBnomiUtFsFrnwmxEWMgvujuyt0hp
TLFwm544omrdF2D81QZryF/2VPcz6VB8VEKt1Up1ZBVVQkJFguaEbdgePKztziMW
aeT/WPK8OZmZ7LVVLI/V59h95dMN0FaiNL+yc9qrFfVMI44fYd6NuzCDkYE+3TJn
UqgDe3fU6Tpamadcn3KiFJZpT6SiScpZSvYicvXMmECAh/2B0Kac3TVS93mhN8Yq
JY9tDRf/ZZux4dGDr/mbzid7hKEzqyHOkNDqgz1E5HC4G+Agqzmh9BfaMwDL/ydM
92C1/eY=
-----END CERTIFICATE-----
Generated at Mon Jul 8 14:04:15 2024 by rpki-client on console-ams.rpki-client.org