Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/CA8D16C2CD9911EDAE004217C4F9AE02.roa
File:                     CA8D16C2CD9911EDAE004217C4F9AE02.roa (raw, json)
Hash identifier:          mFKfzzX+JAl6PSqyYSSfiCnOC94RijC3yTDDZ9QVBIc=
Subject key identifier:   DC:97:50:A7:03:AD:0B:75:8D:55:47:45:92:06:EA:46:E7:E0:28:52
Certificate issuer:       /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial:       03A6
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/CA8D16C2CD9911EDAE004217C4F9AE02.roa
Signing time:             Tue 21 Nov 2023 01:53:28 +0000
ROA not before:           Tue 21 Nov 2023 01:53:27 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     206505
IP address blocks:        103.174.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 13:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 934 (0x3a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
        Validity
            Not Before: Nov 21 01:53:27 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=655c0d97-b05b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:75:aa:bc:71:e2:14:fa:f7:ca:6c:fd:fc:48:
                    3b:97:e5:fe:7f:7e:4a:da:78:51:2f:ea:a7:ca:81:
                    a0:4a:f4:1d:bb:ea:39:3b:06:7e:ac:84:b1:50:76:
                    8c:a9:fc:af:56:44:f4:27:24:9a:e9:9f:1f:fd:c5:
                    10:06:d5:04:a6:0c:68:d7:d1:17:55:01:5e:00:f0:
                    2e:1e:df:71:ca:d5:db:35:b6:2b:b1:75:6d:c3:eb:
                    15:80:b9:fd:62:db:31:85:80:ad:0d:f0:b1:3e:24:
                    fa:9c:f6:ec:eb:3c:06:74:d4:f2:d1:83:96:58:c5:
                    95:33:82:a6:e0:8c:29:1d:89:43:38:94:63:84:ac:
                    eb:f5:0d:d5:b6:5c:8e:a6:0a:c9:62:31:2f:0a:e9:
                    28:9d:ee:db:a0:11:cc:66:3d:14:4c:94:d9:03:22:
                    6b:34:f1:0c:34:0e:36:76:fc:e0:e6:86:3c:0e:06:
                    3e:b9:6c:9a:d1:dc:1e:fb:41:3c:ba:b2:be:1c:53:
                    b0:98:11:91:8a:6e:27:41:71:48:2b:d1:fe:ff:7e:
                    6b:59:43:0a:01:97:91:44:5b:a1:b4:3a:b2:5e:e2:
                    d2:1b:2a:84:63:57:8d:08:8a:70:0c:5c:02:f2:67:
                    aa:53:70:e7:fd:cf:30:1f:c4:af:c3:f6:d5:18:3b:
                    04:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:97:50:A7:03:AD:0B:75:8D:55:47:45:92:06:EA:46:E7:E0:28:52
            X509v3 Authority Key Identifier:
                keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/CA8D16C2CD9911EDAE004217C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.174.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:21:49:14:8b:10:79:1e:d4:8d:ff:89:f4:9c:fd:a6:bb:7c:
         77:fd:d8:8a:d4:53:68:78:34:a1:0d:55:0b:83:c4:95:4e:2a:
         db:a8:81:f8:2b:4f:6e:40:f9:22:f7:15:dd:47:f9:fc:16:86:
         9d:bc:5f:4c:ba:be:fc:f8:49:46:d8:f3:90:05:b4:99:8e:00:
         27:36:8a:8e:a2:84:67:1d:d6:10:e4:f3:2b:3e:37:60:75:6e:
         07:97:70:13:28:eb:e1:60:7e:0f:11:ba:cf:9c:24:9c:eb:e3:
         fc:74:34:33:86:95:6a:aa:4f:2c:b8:ce:b6:2f:11:e9:fe:1b:
         de:0e:00:f9:f1:3f:cf:e0:6f:a3:fe:20:87:1a:42:d2:a1:6c:
         93:be:c3:0a:07:7a:3b:04:ea:71:ae:89:27:ec:81:12:08:b9:
         7c:88:22:27:8d:81:6e:c6:d5:c4:84:91:f0:54:b2:de:75:51:
         95:f9:cb:28:79:3e:cd:ad:5d:0c:8f:b3:53:4f:0a:2e:b1:f6:
         cc:68:4a:71:f0:db:ea:09:65:76:08:59:b1:88:34:40:5f:34:
         a5:09:a8:0f:ad:31:e3:e9:2b:87:48:5b:20:c8:11:26:ba:76:
         5f:ef:5e:7e:76:93:31:1a:10:5c:38:cb:ae:46:8b:fe:2f:f9:
         7b:89:d6:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjMxMTIxMDE1MzI3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjMGQ5Ny1iMDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0HWqvHHiFPr3ymz9/Eg7l+X+f35K2nhRL+qnyoGgSvQdu+o5OwZ+rISxUHaM
qfyvVkT0JySa6Z8f/cUQBtUEpgxo19EXVQFeAPAuHt9xytXbNbYrsXVtw+sVgLn9
YtsxhYCtDfCxPiT6nPbs6zwGdNTy0YOWWMWVM4Km4IwpHYlDOJRjhKzr9Q3VtlyO
pgrJYjEvCukone7boBHMZj0UTJTZAyJrNPEMNA42dvzg5oY8DgY+uWya0dwe+0E8
urK+HFOwmBGRim4nQXFIK9H+/35rWUMKAZeRRFuhtDqyXuLSGyqEY1eNCIpwDFwC
8meqU3Dn/c8wH8Svw/bVGDsEdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNyXUKcD
rQt1jVVHRZIG6kbn4ChSMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvQ0E4RDE2QzJD
RDk5MTFFREFFMDA0MjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrmAwDQYJKoZIhvcNAQELBQADggEBAL8hSRSLEHke1I3/
ifSc/aa7fHf92IrUU2h4NKENVQuDxJVOKtuogfgrT25A+SL3Fd1H+fwWhp28X0y6
vvz4SUbY85AFtJmOACc2io6ihGcd1hDk8ys+N2B1bgeXcBMo6+Fgfg8Rus+cJJzr
4/x0NDOGlWqqTyy4zrYvEen+G94OAPnxP8/gb6P+IIcaQtKhbJO+wwoHejsE6nGu
iSfsgRIIuXyIIieNgW7G1cSEkfBUst51UZX5yyh5Ps2tXQyPs1NPCi6x9sxoSnHw
2+oJZXYIWbGINEBfNKUJqA+tMePpK4dIWyDIESa6dl/vXn52kzEaEFw4y65Gi/4v
+XuJ1tc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org