Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F84D60D2DCA411EFB2CC7D58C4F9AE02.roa
File:                     F84D60D2DCA411EFB2CC7D58C4F9AE02.roa (raw, json)
Hash identifier:          6r2HM3YM+PabLs9XazVMiFV8ZgYYNUxIitZxE9qxW9s=
Subject key identifier:   96:0D:AC:F4:34:E6:B6:F1:B4:B1:CC:AB:E1:C8:5D:0B:2A:63:C9:24
Certificate issuer:       /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial:       0C24
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F84D60D2DCA411EFB2CC7D58C4F9AE02.roa
Signing time:             Mon 27 Jan 2025 11:50:57 +0000
ROA not before:           Mon 27 Jan 2025 11:50:57 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     213990
IP address blocks:        14.192.132.0/24 maxlen: 24
                          14.192.144.0/24 maxlen: 24
                          14.192.151.0/24 maxlen: 24
                          103.20.134.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 28 Jan 2025 14:56:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3108 (0xc24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915A0CD
        Validity
            Not Before: Jan 27 11:50:57 2025 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=67977321-a193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:5b:47:29:ad:40:ce:da:22:37:5e:98:2e:de:
                    17:5a:45:69:bb:cd:80:3e:07:a7:32:2f:db:04:79:
                    a8:df:61:a8:3c:07:f1:1a:62:a1:f6:de:16:ad:12:
                    05:73:c1:67:51:10:d1:88:d0:66:69:bf:5a:de:35:
                    cd:8f:14:12:7c:9a:e4:1b:48:a0:31:06:98:a1:93:
                    17:e0:35:00:80:86:8d:9f:85:4e:56:2e:0d:f5:4f:
                    f0:45:95:a6:55:ff:e5:bd:d1:3c:fc:ef:be:ca:8b:
                    a5:7e:f1:20:1a:99:53:0a:c2:ae:4e:62:43:1d:84:
                    c9:02:80:53:e7:6b:63:5a:7b:8e:75:ce:c5:e5:f6:
                    42:50:88:b1:d1:59:a2:f3:5b:ab:d2:cf:e1:91:7c:
                    54:74:eb:bd:c1:03:99:99:1e:fe:6d:9d:09:86:1a:
                    84:4f:a1:24:2c:b9:35:95:d5:3d:67:81:1e:47:f0:
                    1a:1d:dd:71:da:ad:d6:04:16:6e:64:c3:a5:dc:91:
                    17:c2:d0:f8:b1:e9:f0:96:16:28:d6:61:8a:7d:b1:
                    73:65:09:72:81:25:a1:f8:33:3a:75:e6:1c:a0:87:
                    da:01:4e:5f:c1:12:ae:0a:74:f9:31:6f:69:2a:70:
                    10:e2:4e:6b:c8:a5:a4:3f:b4:51:49:fe:7c:c2:bd:
                    0d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:0D:AC:F4:34:E6:B6:F1:B4:B1:CC:AB:E1:C8:5D:0B:2A:63:C9:24
            X509v3 Authority Key Identifier:
                keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/F84D60D2DCA411EFB2CC7D58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.192.132.0/24
                  14.192.144.0/24
                  14.192.151.0/24
                  103.20.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:4f:33:a7:21:c3:85:bf:39:cb:ef:a5:ca:e1:59:d0:90:66:
         4f:9d:59:23:5a:a2:09:9b:57:de:7d:3a:1b:f7:f0:ff:40:4a:
         c8:32:aa:9a:41:52:eb:3a:0f:6f:0e:9d:19:76:ac:83:5e:d8:
         fc:7b:58:82:65:e0:fe:08:b5:3a:d1:91:5c:e7:08:ce:a4:70:
         87:83:42:08:70:94:57:a1:62:57:60:84:4d:37:0d:f0:9b:f9:
         ad:79:43:bc:4b:eb:77:75:27:ea:8c:fe:52:06:a2:30:40:fd:
         f0:c5:b3:47:bf:95:59:e4:2d:e6:7f:4a:80:c8:aa:bf:67:ed:
         3f:59:b6:95:9b:2a:1b:f0:48:b5:b4:81:e7:d7:36:87:fd:eb:
         75:f8:6b:99:c9:a9:3b:11:0e:da:69:c9:1a:fc:be:e6:5a:e8:
         69:a6:9a:04:be:ca:1b:bb:cb:ac:48:25:09:7f:92:6f:6b:82:
         ff:ec:35:93:57:a6:ac:39:a9:35:79:4d:db:21:a8:83:0d:16:
         62:7d:5e:5f:24:1d:9a:de:47:39:ea:8c:d7:fa:07:bb:d2:19:
         13:be:a1:7a:f1:b5:51:28:58:1a:43:3a:c8:12:4c:61:c1:0d:
         5d:d2:ed:41:ad:b5:e9:fe:dc:20:fb:c8:d6:19:86:82:c0:2d:
         68:0f:b6:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTI3MTE1MDU3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk3NzMyMS1hMTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ltHKa1AztoiN16YLt4XWkVpu82APgenMi/bBHmo32GoPAfxGmKh9t4WrRIF
c8FnURDRiNBmab9a3jXNjxQSfJrkG0igMQaYoZMX4DUAgIaNn4VOVi4N9U/wRZWm
Vf/lvdE8/O++youlfvEgGplTCsKuTmJDHYTJAoBT52tjWnuOdc7F5fZCUIix0Vmi
81ur0s/hkXxUdOu9wQOZmR7+bZ0JhhqET6EkLLk1ldU9Z4EeR/AaHd1x2q3WBBZu
ZMOl3JEXwtD4senwlhYo1mGKfbFzZQlygSWh+DM6deYcoIfaAU5fwRKuCnT5MW9p
KnAQ4k5ryKWkP7RRSf58wr0NswIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJYNrPQ0
5rbxtLHMq+HIXQsqY8kkMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRjg0RDYwRDJE
Q0E0MTFFRkIyQ0M3RDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAAOwIQDBAAOwJADBAAOwJcDBABnFIYwDQYJKoZIhvcNAQEL
BQADggEBAFVPM6chw4W/OcvvpcrhWdCQZk+dWSNaogmbV959Ohv38P9ASsgyqppB
Uus6D28OnRl2rINe2Px7WIJl4P4ItTrRkVznCM6kcIeDQghwlFehYldghE03DfCb
+a15Q7xL63d1J+qM/lIGojBA/fDFs0e/lVnkLeZ/SoDIqr9n7T9ZtpWbKhvwSLW0
gefXNof963X4a5nJqTsRDtppyRr8vuZa6GmmmgS+yhu7y6xIJQl/km9rgv/sNZNX
pqw5qTV5TdshqIMNFmJ9Xl8kHZreRznqjNf6B7vSGRO+oXrxtVEoWBpDOsgSTGHB
DV3S7UGtten+3CD7yNYZhoLALWgPtr4=
-----END CERTIFICATE-----