Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
File:                     051C9854E9B911E8B7734A26C4F9AE02.roa (raw, json)
Hash identifier:          Sd5cvsPSz0kxdFG77XDuQ6k4TPiUjw6hzxnNJf08BPQ=
Subject key identifier:   95:73:AD:B6:CE:29:F3:DF:33:A3:B8:F8:0E:78:5B:E5:DF:A4:CD:D6
Certificate issuer:       /CN=A916BCDF/serialNumber=51AAAC7F6F58F747072C87EC2F4878EF1CB8F4CE
Certificate serial:       10FB
Authority key identifier: 51:AA:AC:7F:6F:58:F7:47:07:2C:87:EC:2F:48:78:EF:1C:B8:F4:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uaqsf29Y90cHLIfsL0h47xy49M4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
Signing time:             Tue 14 Nov 2023 18:05:24 +0000
ROA not before:           Tue 14 Nov 2023 18:05:24 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        43.224.32.0/22 maxlen: 24
                          103.43.72.0/22 maxlen: 22
                          202.182.96.0/20 maxlen: 24
                          202.182.112.0/20 maxlen: 24
                          2401:c080:1000::/38 maxlen: 38
                          2401:c080:1400::/38 maxlen: 38
                          2401:c080:1800::/38 maxlen: 38
                          2401:c080:18fb::/48 maxlen: 48
                          2401:c080:1c00::/38 maxlen: 38
                          2401:c080:2000::/38 maxlen: 38
                          2401:c080:2400::/38 maxlen: 38
                          2401:c080:3000::/38 maxlen: 38
                          2401:c080:3400::/38 maxlen: 38
                          2401:c080:3800::/38 maxlen: 38

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4347 (0x10fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916BCDF/serialNumber=51AAAC7F6F58F747072C87EC2F4878EF1CB8F4CE
        Validity
            Not Before: Nov 14 18:05:24 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6553b6e4-6e59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:96:61:3d:5d:1a:70:8b:7f:5e:2f:dd:59:be:
                    0b:4a:14:e3:f9:20:6d:78:ac:b0:cf:b6:88:fe:fc:
                    06:c2:6c:a1:53:f3:d4:52:a9:18:20:94:aa:57:b2:
                    04:ff:85:48:19:66:d7:b1:f2:dd:4f:02:69:15:86:
                    30:3b:3a:6c:3c:e8:7e:10:55:69:77:fd:a2:69:4d:
                    47:64:e1:4a:24:b4:0c:e5:02:e9:cf:cb:6e:44:a1:
                    a1:fe:09:9f:ad:b0:23:78:a3:3b:d9:1e:8f:2b:0e:
                    41:86:d6:bb:c9:58:f6:09:6a:56:6c:52:e6:31:8e:
                    04:6e:ba:a8:02:5d:d0:d0:d0:fc:eb:ed:4e:bc:06:
                    30:f0:87:a3:6f:de:d6:57:99:2a:16:04:4c:00:67:
                    ef:aa:a8:40:8b:fd:31:37:2b:7f:42:93:61:69:eb:
                    c5:91:04:9e:8f:69:4d:52:28:ba:43:6e:b4:70:a8:
                    9e:2f:91:b4:35:54:46:e9:c3:e2:e3:19:a4:8c:72:
                    8c:38:36:b2:ca:0d:7d:bd:d7:0c:a9:39:8b:1c:a1:
                    74:6b:9d:07:52:51:ec:6f:b4:86:9b:52:2a:1e:d3:
                    e3:29:7f:c9:23:eb:e9:9f:70:80:45:24:a6:5b:d1:
                    61:f1:1f:a3:6c:ad:a0:10:d7:65:ec:b4:64:3f:43:
                    98:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:73:AD:B6:CE:29:F3:DF:33:A3:B8:F8:0E:78:5B:E5:DF:A4:CD:D6
            X509v3 Authority Key Identifier:
                keyid:51:AA:AC:7F:6F:58:F7:47:07:2C:87:EC:2F:48:78:EF:1C:B8:F4:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/Uaqsf29Y90cHLIfsL0h47xy49M4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Uaqsf29Y90cHLIfsL0h47xy49M4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/F858344EE36D11E8956F3516C4F9AE02/051C9854E9B911E8B7734A26C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.224.32.0/22
                  103.43.72.0/22
                  202.182.96.0/19
                IPv6:
                  2401:c080:1000::-2401:c080:27ff:ffff:ffff:ffff:ffff:ffff
                  2401:c080:3000::-2401:c080:3bff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         d4:66:4c:22:f8:b9:cf:e7:78:0c:b9:a5:71:7f:51:07:44:69:
         c3:0f:da:47:0f:1b:bb:dc:20:90:c6:5c:67:9d:20:1f:03:38:
         bc:35:19:81:73:67:e0:14:cb:f0:9b:1f:2d:95:f4:c9:cc:44:
         e1:11:b0:0f:68:a0:42:12:d2:68:10:7a:fb:2a:8b:49:8c:45:
         8c:b3:e8:70:96:0e:b9:b5:47:dc:7a:72:4a:0b:7a:cd:62:b8:
         3d:1a:e1:9c:c1:2a:79:f5:40:d5:3a:23:57:c7:b5:39:50:fb:
         39:e9:72:36:a9:16:60:40:ca:4d:d1:60:72:91:25:e7:9b:86:
         37:9a:50:c4:ad:0e:a7:02:1f:79:f0:fe:cc:9e:e7:d9:0b:22:
         58:23:0a:66:c1:0a:ab:8c:a2:aa:b9:8d:58:9b:39:3b:e7:93:
         e4:64:94:12:7b:e3:48:1f:37:ea:8b:7a:2b:23:52:d1:3f:0c:
         5b:4a:61:f1:ac:74:29:12:44:09:d8:51:87:00:cb:63:05:9b:
         33:59:59:69:fc:c5:62:f1:69:a9:a2:fb:30:8e:28:e5:bf:92:
         fe:2a:cc:4b:8c:84:c1:0a:c7:91:4f:9a:a6:f4:a4:c1:97:6a:
         49:7a:67:c7:6c:88:17:0b:89:e9:5a:dd:d4:e2:5f:fb:b0:4a:
         0f:3d:55:7f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICEPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDREYxMTAvBgNVBAUTKDUxQUFBQzdGNkY1OEY3NDcwNzJDODdFQzJGNDg3OEVG
MUNCOEY0Q0UwHhcNMjMxMTE0MTgwNTI0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUzYjZlNC02ZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu5ZhPV0acIt/Xi/dWb4LShTj+SBteKywz7aI/vwGwmyhU/PUUqkYIJSqV7IE
/4VIGWbXsfLdTwJpFYYwOzpsPOh+EFVpd/2iaU1HZOFKJLQM5QLpz8tuRKGh/gmf
rbAjeKM72R6PKw5Bhta7yVj2CWpWbFLmMY4EbrqoAl3Q0ND86+1OvAYw8Iejb97W
V5kqFgRMAGfvqqhAi/0xNyt/QpNhaevFkQSej2lNUii6Q260cKieL5G0NVRG6cPi
4xmkjHKMODayyg19vdcMqTmLHKF0a50HUlHsb7SGm1IqHtPjKX/JI+vpn3CARSSm
W9Fh8R+jbK2gENdl7LRkP0OYlwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFJVzrbbO
KfPfM6O4+A54W+XfpM3WMB8GA1UdIwQYMBaAFFGqrH9vWPdHByyH7C9IeO8cuPTO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9GODU4MzQ0RUUz
NkQxMUU4OTU2RjM1MTZDNEY5QUUwMi9VYXFzZjI5WTkwY0hMSWZzTDBoNDd4eTQ5
TTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VhcXNmMjlZOTBjSExJZnNMMGg0N3h5NDlNNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDREYvRjg1ODM0NEVFMzZEMTFFODk1NkYzNTE2QzRGOUFFMDIvMDUxQzk4NTRF
OUI5MTFFOEI3NzM0QTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMBgEAgABMBIDBAIr4CADBAJnK0gDBAXKtmAwKgQCAAIwJDAQAwYEJAHAgBAD
BgMkAcCAIDAQAwYEJAHAgDADBgIkAcCAODANBgkqhkiG9w0BAQsFAAOCAQEA1GZM
Ivi5z+d4DLmlcX9RB0Rpww/aRw8bu9wgkMZcZ50gHwM4vDUZgXNn4BTL8JsfLZX0
ycxE4RGwD2igQhLSaBB6+yqLSYxFjLPocJYOubVH3HpySgt6zWK4PRrhnMEqefVA
1TojV8e1OVD7OelyNqkWYEDKTdFgcpEl55uGN5pQxK0OpwIfefD+zJ7n2QsiWCMK
ZsEKq4yiqrmNWJs5O+eT5GSUEnvjSB836ot6KyNS0T8MW0ph8ax0KRJECdhRhwDL
YwWbM1lZafzFYvFpqaL7MI4o5b+S/irMS4yEwQrHkU+apvSkwZdqSXpnx2yIFwuJ
6Vrd1OJf+7BKDz1Vfw==
-----END CERTIFICATE-----
Generated at Mon Dec 11 19:25:43 2023 by rpki-client on console-fra.rpki-client.org