Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/95E80332D79D11EEB4360251C4F9AE02.roa
File:                     95E80332D79D11EEB4360251C4F9AE02.roa (raw, json)
Hash identifier:          aIwGKh3O1sNSXIIv9ybPj4tvTgVD5eq8NriU0pGd87c=
Subject key identifier:   7B:09:6A:EE:E1:44:04:9F:3D:93:8D:23:DA:EF:93:A5:09:E6:F4:CE
Certificate issuer:       /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial:       AD
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/95E80332D79D11EEB4360251C4F9AE02.roa
Signing time:             Fri 01 Mar 2024 07:30:32 +0000
ROA not before:           Fri 01 Mar 2024 07:30:32 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     198652
IP address blocks:        103.197.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 10 Mar 2024 07:06:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 173 (0xad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
        Validity
            Not Before: Mar  1 07:30:32 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=65e18418-a359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fc:72:8e:69:aa:52:69:95:53:85:73:af:e6:
                    be:ed:91:db:b0:bf:9d:d1:a2:bd:c1:1d:73:4c:07:
                    b0:76:cc:1b:35:3d:5b:a6:c6:eb:c8:fe:e9:e6:90:
                    54:61:45:dc:d3:6e:53:4b:a4:ae:b1:2e:25:dc:f0:
                    83:a3:b3:d5:3f:64:53:e5:84:8f:47:93:e9:56:61:
                    a5:08:d3:88:54:8a:ab:3b:35:21:1d:e0:67:2e:34:
                    df:8d:5e:2e:e8:19:09:8b:40:cf:8b:4c:28:bb:b3:
                    d0:cd:f9:ed:b2:40:f5:b4:00:91:95:39:7e:a3:ea:
                    9a:be:fc:fa:35:ea:c5:fd:fd:30:b0:5b:f3:70:7a:
                    36:c9:27:f9:ad:ae:9d:02:86:25:6e:10:12:ac:38:
                    a7:67:57:9b:c2:d2:cf:a9:9d:2f:33:ce:e3:1a:39:
                    da:90:b2:83:30:ad:4c:b3:02:de:d5:af:2a:f3:5e:
                    b4:6f:bb:1a:14:d5:01:67:1c:cf:6d:01:2b:23:d0:
                    e0:bc:10:b2:70:3f:b8:ad:11:7d:1f:e8:42:f2:cd:
                    7e:37:ef:0c:0e:e2:16:2a:46:ae:5d:12:88:1d:34:
                    e8:67:d6:95:54:28:4c:ff:79:35:5d:5c:dd:1d:22:
                    f8:8c:7a:db:44:f8:42:17:17:10:5d:20:20:c4:31:
                    3c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:09:6A:EE:E1:44:04:9F:3D:93:8D:23:DA:EF:93:A5:09:E6:F4:CE
            X509v3 Authority Key Identifier:
                keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/95E80332D79D11EEB4360251C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.197.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:3d:4a:cb:f1:fd:ff:b0:58:3d:2c:d5:42:75:9b:a4:40:bb:
         74:47:86:d9:c0:1c:89:de:a8:e1:ef:15:fe:26:23:77:b2:53:
         7d:29:bc:7c:9a:b1:da:27:0c:53:dc:f4:60:6b:57:9d:d4:1c:
         45:a2:77:1e:47:af:f8:0e:9b:23:7c:86:3e:9a:b8:bf:37:38:
         33:e5:33:87:7e:02:2a:df:e7:1e:be:e0:ef:b0:f9:05:14:d6:
         e5:58:e0:15:b3:8b:ff:8b:d5:cd:f8:9c:66:10:41:77:be:51:
         d2:23:c9:9d:a0:d3:ff:e5:b2:7f:12:d2:1f:df:9b:ac:a7:b2:
         ef:12:5e:d6:4b:94:d3:1a:3f:88:14:b8:19:ea:01:f3:c2:3e:
         4c:e8:74:c8:be:19:0c:64:16:13:7e:a6:d5:91:4a:e3:7b:46:
         e3:95:1a:aa:3d:80:ad:b2:40:a1:ad:1c:50:2b:9c:57:fd:1a:
         4b:84:96:0b:d0:87:03:63:62:1d:69:7a:a3:ed:d7:d7:65:d1:
         3d:ca:8c:e7:36:b7:75:9f:e2:0f:ca:7d:5c:45:01:18:7d:db:
         93:67:be:ef:85:81:f1:bd:31:e9:6a:f8:29:bf:08:93:ea:b7:
         8a:50:c4:fd:18:15:a8:5d:81:94:f5:f9:c9:25:d8:9a:60:06:
         dc:e7:70:46
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMzAxMDczMDMyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUxODQxOC1hMzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArfxyjmmqUmmVU4Vzr+a+7ZHbsL+d0aK9wR1zTAewdswbNT1bpsbryP7p5pBU
YUXc025TS6SusS4l3PCDo7PVP2RT5YSPR5PpVmGlCNOIVIqrOzUhHeBnLjTfjV4u
6BkJi0DPi0wou7PQzfntskD1tACRlTl+o+qavvz6NerF/f0wsFvzcHo2ySf5ra6d
AoYlbhASrDinZ1ebwtLPqZ0vM87jGjnakLKDMK1MswLe1a8q8160b7saFNUBZxzP
bQErI9DgvBCycD+4rRF9H+hC8s1+N+8MDuIWKkauXRKIHTToZ9aVVChM/3k1XVzd
HSL4jHrbRPhCFxcQXSAgxDE8PQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHsJau7h
RASfPZONI9rvk6UJ5vTOMB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvOTVFODAzMzJE
NzlEMTFFRUI0MzYwMjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxVcwDQYJKoZIhvcNAQELBQADggEBAEw9Ssvx/f+wWD0s
1UJ1m6RAu3RHhtnAHIneqOHvFf4mI3eyU30pvHyasdonDFPc9GBrV53UHEWidx5H
r/gOmyN8hj6auL83ODPlM4d+Airf5x6+4O+w+QUU1uVY4BWzi/+L1c34nGYQQXe+
UdIjyZ2g0//lsn8S0h/fm6ynsu8SXtZLlNMaP4gUuBnqAfPCPkzodMi+GQxkFhN+
ptWRSuN7RuOVGqo9gK2yQKGtHFArnFf9GkuElgvQhwNjYh1peqPt19dl0T3KjOc2
t3Wf4g/KfVxFARh925Nnvu+FgfG9Melq+Cm/CJPqt4pQxP0YFahdgZT1+ckl2Jpg
BtzncEY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org