Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/27FA0AE0513511ED9255DB7CC4F9AE02.roa
File:                     27FA0AE0513511ED9255DB7CC4F9AE02.roa (raw, json)
Hash identifier:          6gCrOfQFRqacO3Rcz4O2ln2/HeT9pzLoQ7Sfm+FPxS0=
Subject key identifier:   FB:9B:F8:18:1E:31:5B:F9:E9:97:A3:C1:DD:0F:9F:33:01:B2:E2:AD
Certificate issuer:       /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial:       3616
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/27FA0AE0513511ED9255DB7CC4F9AE02.roa
Signing time:             Fri 26 Apr 2024 15:00:41 +0000
ROA not before:           Fri 26 Apr 2024 15:00:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     141711
IP address blocks:        203.81.200.0/21 maxlen: 24
                          203.81.216.0/24 maxlen: 24
                          203.81.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jul 2024 08:21:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13846 (0x3616)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
        Validity
            Not Before: Apr 26 15:00:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=662bc198-1584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:6f:af:3d:1d:14:e5:c2:01:cc:88:00:80:bc:
                    6f:77:c2:1c:82:4c:db:69:c9:f2:18:d6:6b:94:9e:
                    9b:aa:f7:65:61:c6:44:6a:3a:0c:49:47:94:84:1d:
                    3a:8b:3c:0e:36:8b:e0:1f:b3:e8:c2:c6:a4:3e:05:
                    91:bb:27:92:4e:46:29:b7:17:ea:59:6a:55:db:f6:
                    38:f2:87:9a:8c:8f:ab:9c:75:7a:84:b0:79:9f:00:
                    b7:fd:d9:54:63:c1:d1:0d:67:1d:c1:f6:0e:c7:93:
                    56:55:c9:3d:79:61:01:41:92:1f:7b:bd:bb:6b:31:
                    f4:c2:1a:f0:59:51:4f:59:de:b2:ce:28:86:f1:c7:
                    cc:68:89:3e:39:26:2d:90:af:ad:78:e4:29:3a:27:
                    81:82:2e:71:d9:9e:d7:38:85:17:c7:6d:fb:ae:91:
                    7f:ff:37:30:c2:ce:70:7e:29:bc:d3:4d:10:e1:b4:
                    6a:54:48:f5:73:40:c3:6f:5b:ee:68:f2:6c:29:10:
                    df:91:0f:36:ba:ca:0f:7f:e2:1b:03:70:c0:10:35:
                    e0:0c:d9:36:85:45:44:10:3e:ae:3f:2f:3f:49:04:
                    d0:3c:7f:a4:12:3c:c7:7b:af:5b:32:c2:3d:ae:b5:
                    6a:e2:4c:56:8f:d6:18:66:6d:3e:05:ed:12:57:11:
                    62:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9B:F8:18:1E:31:5B:F9:E9:97:A3:C1:DD:0F:9F:33:01:B2:E2:AD
            X509v3 Authority Key Identifier:
                keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/27FA0AE0513511ED9255DB7CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.81.200.0/21
                  203.81.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:e6:ea:6b:a3:74:c1:0a:d4:20:57:f6:99:a7:5d:21:d5:7d:
         8d:61:e7:0a:5a:8a:b3:90:fa:c9:57:5e:c1:76:e1:3d:5b:55:
         c0:91:f0:93:86:fd:55:ee:ba:82:4b:31:4e:ba:22:7a:a6:ca:
         e5:ad:af:0b:e1:6e:75:1a:fb:3c:f0:19:da:0d:bf:dc:c2:f1:
         e1:be:15:8c:9a:ee:df:d3:ff:48:32:e7:cc:c7:90:e7:5f:28:
         66:c0:6c:9c:19:7b:fb:dd:24:3a:bc:96:d2:5a:21:f9:0f:e3:
         25:37:e6:15:f6:67:3b:0c:46:57:80:b2:73:51:65:8c:28:e4:
         a3:c7:c4:de:6a:80:4a:69:20:c3:aa:65:8d:95:d0:74:1a:99:
         4f:b7:df:f7:5c:3d:9c:3d:d5:a4:06:15:6f:c1:67:1a:27:26:
         c7:65:89:5c:d8:d1:d4:a8:7d:72:ab:66:9d:2c:67:0e:32:43:
         a7:34:b3:bc:31:43:fa:a3:df:0b:c3:54:e8:72:ae:de:f8:ad:
         71:e9:e7:1c:7f:f8:8d:47:4e:95:d1:53:8d:6d:43:e5:fb:49:
         ba:c3:1c:4d:2c:fd:48:3a:01:a1:68:f0:39:f2:43:aa:75:d7:
         1d:a1:e9:2f:ba:6d:72:77:33:f6:54:c3:82:da:8b:cf:93:17:
         6b:39:c2:10
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwNDI2MTUwMDQxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiYzE5OC0xNTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA62+vPR0U5cIBzIgAgLxvd8IcgkzbacnyGNZrlJ6bqvdlYcZEajoMSUeUhB06
izwONovgH7PowsakPgWRuyeSTkYptxfqWWpV2/Y48oeajI+rnHV6hLB5nwC3/dlU
Y8HRDWcdwfYOx5NWVck9eWEBQZIfe727azH0whrwWVFPWd6yziiG8cfMaIk+OSYt
kK+teOQpOieBgi5x2Z7XOIUXx237rpF//zcwws5wfim8000Q4bRqVEj1c0DDb1vu
aPJsKRDfkQ82usoPf+IbA3DAEDXgDNk2hUVEED6uPy8/SQTQPH+kEjzHe69bMsI9
rrVq4kxWj9YYZm0+Be0SVxFi/wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPub+Bge
MVv56Zejwd0PnzMBsuKtMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMjdGQTBBRTA1
MTM1MTFFRDkyNTVEQjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAPLUcgDBAHLUdgwDQYJKoZIhvcNAQELBQADggEBADXm6muj
dMEK1CBX9pmnXSHVfY1h5wpairOQ+slXXsF24T1bVcCR8JOG/VXuuoJLMU66Inqm
yuWtrwvhbnUa+zzwGdoNv9zC8eG+FYya7t/T/0gy58zHkOdfKGbAbJwZe/vdJDq8
ltJaIfkP4yU35hX2ZzsMRleAsnNRZYwo5KPHxN5qgEppIMOqZY2V0HQamU+33/dc
PZw91aQGFW/BZxonJsdliVzY0dSofXKrZp0sZw4yQ6c0s7wxQ/qj3wvDVOhyrt74
rXHp5xx/+I1HTpXRU41tQ+X7SbrDHE0s/Ug6AaFo8DnyQ6p11x2h6S+6bXJ3M/ZU
w4Lai8+TF2s5whA=
-----END CERTIFICATE-----
Generated at Thu Jul 25 10:10:07 2024 by rpki-client on console-fra.rpki-client.org