Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/FA878E88BFE811EEB870B12DC4F9AE02.roa
File:                     FA878E88BFE811EEB870B12DC4F9AE02.roa (raw, json)
Hash identifier:          uS59hrBmF1GkvBBbz/aWY1Cy7bGZmtdRIcaNvIWOPP8=
Subject key identifier:   9B:81:5D:79:03:73:38:67:E7:FE:89:AB:35:E0:F6:FB:BD:E1:E8:A7
Certificate issuer:       /CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
Certificate serial:       96
Authority key identifier: F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/FA878E88BFE811EEB870B12DC4F9AE02.roa
Signing time:             Wed 31 Jan 2024 03:29:45 +0000
ROA not before:           Wed 31 Jan 2024 03:29:45 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     51559
IP address blocks:        103.197.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 07:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150 (0x96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9147CDA/serialNumber=F3DA51FE80BCDA97087525E204621EA9F5574199
        Validity
            Not Before: Jan 31 03:29:45 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=65b9bea9-da88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:bf:94:56:1b:3e:29:5e:b3:e8:40:e3:29:7a:
                    7b:b2:c8:85:5c:ba:b9:80:d3:a0:6e:39:07:27:db:
                    6f:32:c5:c8:ed:46:ef:55:ab:e6:dc:a7:e4:60:6d:
                    a4:00:90:e4:4c:ad:5c:44:ee:72:ef:4e:2f:d1:d4:
                    2e:ff:e5:b4:d3:81:c4:f5:4d:ff:8b:71:82:0a:59:
                    cf:3e:1f:c4:b1:bf:45:dd:8b:c7:d7:da:07:51:3d:
                    25:82:35:88:44:28:3c:b9:90:fd:c1:32:9d:a2:03:
                    bd:71:c2:dc:5f:f8:cd:fc:2a:50:b1:04:5f:a1:a0:
                    eb:88:3a:82:b6:12:b1:9d:73:52:61:37:b1:c8:0f:
                    d9:66:53:6e:e9:84:3c:71:54:f7:d9:4e:e2:8f:54:
                    5b:7d:93:06:7f:ec:55:5a:c2:2c:3d:55:80:62:7e:
                    15:c0:6f:a6:ad:ea:ee:5a:bd:e4:0c:c1:a2:bd:ed:
                    38:fa:94:e2:f9:4d:6f:92:00:57:60:d6:a1:d0:e7:
                    e4:2a:fc:a6:6e:a1:cd:76:48:d7:9c:35:34:e4:93:
                    9b:e3:a3:56:36:39:fc:dd:fe:13:71:fb:b8:80:40:
                    f8:36:9e:40:78:08:83:0e:ef:99:d2:70:3d:4a:10:
                    9d:73:26:5b:0d:00:4d:2a:b0:44:94:04:b8:1f:f6:
                    02:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:81:5D:79:03:73:38:67:E7:FE:89:AB:35:E0:F6:FB:BD:E1:E8:A7
            X509v3 Authority Key Identifier:
                keyid:F3:DA:51:FE:80:BC:DA:97:08:75:25:E2:04:62:1E:A9:F5:57:41:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/89pR_oC82pcIdSXiBGIeqfVXQZk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89pR_oC82pcIdSXiBGIeqfVXQZk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CDA/49B27D8A054D11EE9DFC1624C4F9AE02/FA878E88BFE811EEB870B12DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.197.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:03:b9:3d:b1:db:ed:69:73:86:3c:44:f4:48:d5:89:a0:ee:
         90:7c:6d:99:cd:4d:9b:a7:8e:d5:a5:23:11:99:ad:c8:80:f8:
         42:ef:8a:69:d5:3b:ce:42:f8:04:b5:74:5e:45:d7:d6:c8:9d:
         2b:b6:f6:8b:fc:e1:47:97:d2:26:9d:d0:d6:33:73:7d:0b:03:
         9b:43:0a:01:af:11:5f:51:1c:a9:d0:1e:14:a5:f7:6b:6f:eb:
         80:fa:a0:8b:f9:5b:b3:21:39:cf:3a:35:98:e3:1e:f5:13:3c:
         0f:03:1f:50:0f:ca:e7:19:4d:e4:10:e6:6d:5d:48:31:d4:d6:
         a8:3a:6f:48:92:7f:f3:d5:c6:45:18:14:ac:d4:df:2e:79:b5:
         02:b5:9b:cd:32:27:10:35:e5:91:93:91:7a:71:58:de:d2:99:
         b5:eb:bc:fd:95:44:62:97:4d:8f:d6:d2:d7:c0:b6:89:cc:32:
         09:bc:6c:52:a7:ca:fd:52:8b:3d:03:04:17:d4:a9:78:be:bb:
         fa:59:ca:26:f4:b5:0e:56:24:fb:58:ea:20:68:ba:b1:a4:ed:
         0d:78:92:4d:48:eb:53:ce:1b:c5:e5:c5:50:d9:c0:41:4e:0f:
         9c:12:4b:14:3c:08:2f:55:03:3e:67:65:fc:62:f4:37:24:e0:
         90:82:f9:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDdDREExMTAvBgNVBAUTKEYzREE1MUZFODBCQ0RBOTcwODc1MjVFMjA0NjIxRUE5
RjU1NzQxOTkwHhcNMjQwMTMxMDMyOTQ1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5YmVhOS1kYTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5L+UVhs+KV6z6EDjKXp7ssiFXLq5gNOgbjkHJ9tvMsXI7UbvVavm3KfkYG2k
AJDkTK1cRO5y704v0dQu/+W004HE9U3/i3GCClnPPh/Esb9F3YvH19oHUT0lgjWI
RCg8uZD9wTKdogO9ccLcX/jN/CpQsQRfoaDriDqCthKxnXNSYTexyA/ZZlNu6YQ8
cVT32U7ij1RbfZMGf+xVWsIsPVWAYn4VwG+mreruWr3kDMGive04+pTi+U1vkgBX
YNah0OfkKvymbqHNdkjXnDU05JOb46NWNjn83f4Tcfu4gED4Np5AeAiDDu+Z0nA9
ShCdcyZbDQBNKrBElAS4H/YCQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJuBXXkD
czhn5/6JqzXg9vu94einMB8GA1UdIwQYMBaAFPPaUf6AvNqXCHUl4gRiHqn1V0GZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0NEQS80OUIyN0Q4QTA1
NEQxMUVFOURGQzE2MjRDNEY5QUUwMi84OXBSX29DODJwY0lkU1hpQkdJZXFmVlhR
WmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5cFJfb0M4MnBjSWRTWGlCR0llcWZWWFFaay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDdDREEvNDlCMjdEOEEwNTREMTFFRTlERkMxNjI0QzRGOUFFMDIvRkE4NzhFODhC
RkU4MTFFRUI4NzBCMTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnxVYwDQYJKoZIhvcNAQELBQADggEBAFMDuT2x2+1pc4Y8
RPRI1Ymg7pB8bZnNTZunjtWlIxGZrciA+ELvimnVO85C+AS1dF5F19bInSu29ov8
4UeX0iad0NYzc30LA5tDCgGvEV9RHKnQHhSl92tv64D6oIv5W7MhOc86NZjjHvUT
PA8DH1APyucZTeQQ5m1dSDHU1qg6b0iSf/PVxkUYFKzU3y55tQK1m80yJxA15ZGT
kXpxWN7SmbXrvP2VRGKXTY/W0tfAtonMMgm8bFKnyv1Siz0DBBfUqXi+u/pZyib0
tQ5WJPtY6iBourGk7Q14kk1I61POG8XlxVDZwEFOD5wSSxQ8CC9VAz5nZfxi9Dck
4JCC+Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org