Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/1E381D248AD411EE95AE1C29C4F9AE02.roa
File:                     1E381D248AD411EE95AE1C29C4F9AE02.roa (raw, json)
Hash identifier:          7WZKu4NFO64ZWSwpZVtfCFVR9rPhY8iZU83ii9+APMw=
Subject key identifier:   EE:0B:8E:35:33:C6:3C:F9:22:D9:2A:6C:DA:CA:28:E1:2A:02:89:84
Certificate issuer:       /CN=A915B978/serialNumber=A83B01C96E794DE8CF8F1C9FA86421296DA871C4
Certificate serial:       1B5C
Authority key identifier: A8:3B:01:C9:6E:79:4D:E8:CF:8F:1C:9F:A8:64:21:29:6D:A8:71:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDsByW55TejPjxyfqGQhKW2occQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/1E381D248AD411EE95AE1C29C4F9AE02.roa
Signing time:             Wed 28 Feb 2024 16:54:05 +0000
ROA not before:           Wed 28 Feb 2024 16:54:05 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        43.228.144.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 11:52:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7004 (0x1b5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B978/serialNumber=A83B01C96E794DE8CF8F1C9FA86421296DA871C4
        Validity
            Not Before: Feb 28 16:54:05 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65df652d-b4c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:22:50:3c:d1:c9:17:9d:b8:a4:c0:48:c4:84:
                    ba:e3:0d:63:ab:82:c8:d7:02:4c:85:ad:48:70:b7:
                    96:5e:64:82:82:db:3b:11:63:29:cd:02:c8:be:2f:
                    98:65:d7:c4:c4:4f:80:13:9e:7b:ef:96:51:50:ef:
                    60:eb:65:2e:f9:40:8c:49:51:0f:35:ad:c3:2b:04:
                    fb:53:08:6f:9d:14:81:76:8d:df:0a:86:d3:d4:3a:
                    28:f3:82:cb:2a:88:58:60:d7:bb:08:45:ab:25:04:
                    2f:08:59:c7:9d:af:14:4e:23:44:7d:8d:ca:d0:15:
                    12:0a:74:18:9d:c8:4a:79:8a:c7:0a:93:14:77:2a:
                    ce:68:19:4f:a8:13:0c:7a:27:4e:ac:a4:a1:af:6f:
                    4d:52:46:34:6e:b8:a5:9a:d7:2d:c2:98:83:f5:3b:
                    bd:ee:c1:26:72:bb:40:b6:70:09:7b:3a:7f:0b:c0:
                    84:bd:1f:80:73:4d:2d:0d:e8:de:1e:07:9f:f9:27:
                    df:de:25:eb:0e:d7:e3:19:3b:9a:86:35:f6:8f:f2:
                    1e:27:fe:8e:45:a0:18:d0:3d:1b:66:8e:bb:9a:a4:
                    7f:bb:34:4e:a0:95:d0:3a:6e:d7:89:33:e9:0f:9b:
                    53:c6:32:30:a8:85:4c:10:8e:0d:6d:1c:e1:92:70:
                    1e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:0B:8E:35:33:C6:3C:F9:22:D9:2A:6C:DA:CA:28:E1:2A:02:89:84
            X509v3 Authority Key Identifier:
                keyid:A8:3B:01:C9:6E:79:4D:E8:CF:8F:1C:9F:A8:64:21:29:6D:A8:71:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/qDsByW55TejPjxyfqGQhKW2occQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDsByW55TejPjxyfqGQhKW2occQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B978/FC4A2A20E90111E68C2CD311C4F9AE02/1E381D248AD411EE95AE1C29C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.228.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:85:36:c4:35:f8:28:ee:08:cc:cc:83:1c:02:d8:91:f4:62:
         23:b3:44:5d:60:fb:6f:e9:32:dd:99:2b:38:a2:b3:15:68:51:
         3d:15:42:82:83:05:e0:6c:60:8d:b0:b7:c9:49:94:be:ad:4e:
         b7:52:95:64:af:c7:06:58:04:36:56:7e:a4:54:f9:97:9d:b1:
         d2:8b:93:50:ba:e1:62:91:61:95:8d:89:f2:98:bb:85:e6:ff:
         f8:8b:e4:91:47:85:cf:9e:1b:c1:75:39:65:67:d1:17:a4:80:
         02:ea:ac:33:b5:62:b4:30:16:5c:ee:54:2e:d1:32:00:8e:7f:
         b8:4e:1c:80:08:8e:fd:78:28:4b:84:81:d7:41:94:fc:87:ff:
         92:9d:f9:7e:07:cb:72:36:b8:48:39:6b:30:1c:30:d7:bf:da:
         ef:b9:54:fa:df:7b:53:4c:03:24:3c:1a:29:c9:76:2a:ef:68:
         fc:cf:fc:19:b9:fa:35:45:ae:73:5f:f5:5e:44:71:61:ee:32:
         a6:a6:cc:1a:fd:8d:11:c2:cb:89:a7:e5:4a:e2:81:c7:78:b5:
         b6:e7:9c:f6:69:86:54:7e:d7:40:ad:85:58:62:0c:15:46:67:
         e0:1b:32:a9:59:ed:ec:90:04:ec:50:47:c8:15:65:c4:6b:7f:
         6f:a3:eb:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI5NzgxMTAvBgNVBAUTKEE4M0IwMUM5NkU3OTRERThDRjhGMUM5RkE4NjQyMTI5
NkRBODcxQzQwHhcNMjQwMjI4MTY1NDA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmNjUyZC1iNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2CJQPNHJF524pMBIxIS64w1jq4LI1wJMha1IcLeWXmSCgts7EWMpzQLIvi+Y
ZdfExE+AE55775ZRUO9g62Uu+UCMSVEPNa3DKwT7UwhvnRSBdo3fCobT1Doo84LL
KohYYNe7CEWrJQQvCFnHna8UTiNEfY3K0BUSCnQYnchKeYrHCpMUdyrOaBlPqBMM
eidOrKShr29NUkY0brilmtctwpiD9Tu97sEmcrtAtnAJezp/C8CEvR+Ac00tDeje
Hgef+Sff3iXrDtfjGTuahjX2j/IeJ/6ORaAY0D0bZo67mqR/uzROoJXQOm7XiTPp
D5tTxjIwqIVMEI4NbRzhknAeTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO4LjjUz
xjz5ItkqbNrKKOEqAomEMB8GA1UdIwQYMBaAFKg7AclueU3oz48cn6hkISltqHHE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Qjk3OC9GQzRBMkEyMEU5
MDExMUU2OEMyQ0QzMTFDNEY5QUUwMi9xRHNCeVc1NVRlalBqeHlmcUdRaEtXMm9j
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FEc0J5VzU1VGVqUGp4eWZxR1FoS1cyb2NjUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI5NzgvRkM0QTJBMjBFOTAxMTFFNjhDMkNEMzExQzRGOUFFMDIvMUUzODFEMjQ4
QUQ0MTFFRTk1QUUxQzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr5JAwDQYJKoZIhvcNAQELBQADggEBAGmFNsQ1+CjuCMzM
gxwC2JH0YiOzRF1g+2/pMt2ZKziisxVoUT0VQoKDBeBsYI2wt8lJlL6tTrdSlWSv
xwZYBDZWfqRU+ZedsdKLk1C64WKRYZWNifKYu4Xm//iL5JFHhc+eG8F1OWVn0Rek
gALqrDO1YrQwFlzuVC7RMgCOf7hOHIAIjv14KEuEgddBlPyH/5Kd+X4Hy3I2uEg5
azAcMNe/2u+5VPrfe1NMAyQ8GinJdirvaPzP/Bm5+jVFrnNf9V5EcWHuMqamzBr9
jRHCy4mn5Urigcd4tbbnnPZphlR+10CthVhiDBVGZ+AbMqlZ7eyQBOxQR8gVZcRr
f2+j62Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org