Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C9B7/8C264FD2EE5A11EAAD769033C4F9AE02/D031F80AEE5C11EA9088DA37C4F9AE02.roa
File:                     D031F80AEE5C11EA9088DA37C4F9AE02.roa (raw, json)
Hash identifier:          c23Q+wx55vpZ+pRKofNTYnbRC1PJd0CyEnk3awIeot4=
Subject key identifier:   50:07:C5:68:A7:35:1B:3F:AB:B6:6C:C3:14:5F:C5:E5:B0:89:25:E1
Certificate issuer:       /CN=A915C9B7/serialNumber=D9D0A3C6A4DD7BA7B454DEAE01AF67AF2C54C433
Certificate serial:       077D
Authority key identifier: D9:D0:A3:C6:A4:DD:7B:A7:B4:54:DE:AE:01:AF:67:AF:2C:54:C4:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dCjxqTde6e0VN6uAa9nryxUxDM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C9B7/8C264FD2EE5A11EAAD769033C4F9AE02/D031F80AEE5C11EA9088DA37C4F9AE02.roa
Signing time:             Thu 07 Nov 2024 07:35:45 +0000
ROA not before:           Thu 07 Nov 2024 07:35:45 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     132890
IP address blocks:        103.27.104.0/22 maxlen: 24
                          113.52.148.0/22 maxlen: 22
                          113.52.148.0/24 maxlen: 24
                          2407:5f00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 07 Nov 2024 07:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1917 (0x77d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C9B7/serialNumber=D9D0A3C6A4DD7BA7B454DEAE01AF67AF2C54C433
        Validity
            Not Before: Nov  7 07:35:45 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=672c6dd1-7c83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2d:c5:73:0f:0d:b8:45:29:47:4b:6a:84:b6:
                    5a:ea:f2:7e:9b:c2:4b:08:da:81:7f:68:05:5c:51:
                    77:2d:9d:82:0e:e5:20:fe:db:93:1e:cb:a2:bf:15:
                    16:44:e3:09:ce:7a:c0:3e:3b:48:f9:bc:9d:f6:04:
                    16:7d:5a:bc:32:36:34:a3:b1:ff:12:f7:cd:8e:a9:
                    4e:3a:53:d2:a0:7d:ff:4d:47:ce:af:83:0c:11:63:
                    a2:4f:d3:7e:9c:d0:e1:8e:fc:1a:1f:d9:81:cc:1c:
                    df:80:78:9b:00:ae:ba:b3:87:f5:74:bc:3f:6a:a3:
                    f0:82:ca:32:c5:82:f6:61:5e:64:4f:86:35:33:10:
                    73:b3:3d:58:c9:ca:f7:3e:7e:f4:f7:c9:15:ff:18:
                    13:1f:1a:84:2d:9d:4e:05:b9:01:37:fb:bc:86:b9:
                    da:fd:7c:bb:6a:f9:50:43:61:14:69:09:ff:d0:17:
                    11:12:12:37:36:22:b9:aa:b6:ef:9b:3f:37:df:ec:
                    48:62:c8:9c:30:23:9d:51:23:d5:c6:43:0a:7b:54:
                    3d:e9:80:22:5e:92:fd:bf:85:68:ec:19:ee:b4:10:
                    f5:8e:2f:b7:66:16:9f:45:0b:57:3f:7d:80:03:ff:
                    9e:45:da:5a:49:7a:4b:78:6c:f7:6a:b6:11:0a:06:
                    fe:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:07:C5:68:A7:35:1B:3F:AB:B6:6C:C3:14:5F:C5:E5:B0:89:25:E1
            X509v3 Authority Key Identifier:
                keyid:D9:D0:A3:C6:A4:DD:7B:A7:B4:54:DE:AE:01:AF:67:AF:2C:54:C4:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C9B7/8C264FD2EE5A11EAAD769033C4F9AE02/2dCjxqTde6e0VN6uAa9nryxUxDM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dCjxqTde6e0VN6uAa9nryxUxDM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C9B7/8C264FD2EE5A11EAAD769033C4F9AE02/D031F80AEE5C11EA9088DA37C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.27.104.0/22
                  113.52.148.0/22
                IPv6:
                  2407:5f00::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:f9:3d:7c:16:93:d8:07:5e:78:55:93:45:57:03:7e:80:d7:
         46:0c:ff:1a:80:bf:88:61:bc:73:25:03:91:b6:87:9e:68:6f:
         e4:02:d8:d5:25:e8:54:2e:cd:99:32:d9:9d:11:08:df:7d:2f:
         a0:72:31:e3:9e:6e:6f:c7:4b:a3:eb:1b:8c:ba:82:57:0f:b2:
         86:b8:7e:23:2a:03:ba:c3:67:f9:b2:f1:12:9b:51:86:76:c9:
         b8:c2:6a:fb:85:2c:f0:0b:4a:4c:53:70:14:0c:d2:33:b9:47:
         fe:d7:f3:d1:24:8c:86:e2:ec:e3:8e:1b:f6:76:02:bb:5d:ec:
         93:1e:65:9c:91:94:0f:70:58:d0:26:cc:f7:d1:d7:bc:f8:46:
         67:73:5e:9b:64:83:c9:1a:d8:3b:f0:bc:b0:00:af:45:f8:71:
         7a:8d:7a:47:fe:b3:c8:bc:4e:26:6e:fa:b3:4c:c2:31:e8:42:
         cb:4b:02:78:bd:04:da:a3:8c:35:0a:17:4a:5b:6e:f6:92:33:
         9a:61:04:62:50:1f:82:9f:20:01:7c:f0:02:2c:fd:2d:93:ce:
         ef:56:78:66:84:2e:11:5a:10:b7:c2:11:98:84:06:9d:5f:5d:
         da:64:f9:48:8d:e7:46:1f:66:7d:9b:cc:b1:eb:75:28:86:4b:
         f9:b2:b6:d7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICB30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUM5QjcxMTAvBgNVBAUTKEQ5RDBBM0M2QTRERDdCQTdCNDU0REVBRTAxQUY2N0FG
MkM1NEM0MzMwHhcNMjQxMTA3MDczNTQ1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJjNmRkMS03YzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvi3Fcw8NuEUpR0tqhLZa6vJ+m8JLCNqBf2gFXFF3LZ2CDuUg/tuTHsuivxUW
ROMJznrAPjtI+byd9gQWfVq8MjY0o7H/EvfNjqlOOlPSoH3/TUfOr4MMEWOiT9N+
nNDhjvwaH9mBzBzfgHibAK66s4f1dLw/aqPwgsoyxYL2YV5kT4Y1MxBzsz1Yycr3
Pn7098kV/xgTHxqELZ1OBbkBN/u8hrna/Xy7avlQQ2EUaQn/0BcREhI3NiK5qrbv
mz833+xIYsicMCOdUSPVxkMKe1Q96YAiXpL9v4Vo7BnutBD1ji+3ZhafRQtXP32A
A/+eRdpaSXpLeGz3arYRCgb+pwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFAHxWin
NRs/q7ZswxRfxeWwiSXhMB8GA1UdIwQYMBaAFNnQo8ak3XuntFTergGvZ68sVMQz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzlCNy84QzI2NEZEMkVF
NUExMUVBQUQ3NjkwMzNDNEY5QUUwMi8yZENqeHFUZGU2ZTBWTjZ1QWE5bnJ5eFV4
RE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJkQ2p4cVRkZTZlMFZONnVBYTlucnl4VXhETS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUM5QjcvOEMyNjRGRDJFRTVBMTFFQUFENzY5MDMzQzRGOUFFMDIvRDAzMUY4MEFF
RTVDMTFFQTkwODhEQTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnG2gDBAJxNJQwDQQCAAIwBwMFACQHXwAwDQYJKoZIhvcN
AQELBQADggEBAH35PXwWk9gHXnhVk0VXA36A10YM/xqAv4hhvHMlA5G2h55ob+QC
2NUl6FQuzZky2Z0RCN99L6ByMeOebm/HS6PrG4y6glcPsoa4fiMqA7rDZ/my8RKb
UYZ2ybjCavuFLPALSkxTcBQM0jO5R/7X89EkjIbi7OOOG/Z2Artd7JMeZZyRlA9w
WNAmzPfR17z4RmdzXptkg8ka2DvwvLAAr0X4cXqNekf+s8i8TiZu+rNMwjHoQstL
Ani9BNqjjDUKF0pbbvaSM5phBGJQH4KfIAF88AIs/S2Tzu9WeGaELhFaELfCEZiE
Bp1fXdpk+UiN50YfZn2bzLHrdSiGS/myttc=
-----END CERTIFICATE-----