Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D8723AA8384511EEA0F73811C4F9AE02.roa
File:                     D8723AA8384511EEA0F73811C4F9AE02.roa (raw, json)
Hash identifier:          9AIFSJuyDIchFH5nyhcVCsYGWJ+i70rZGSlKDfdduVA=
Subject key identifier:   EB:43:B4:03:3B:59:BD:60:B3:44:90:50:76:29:CC:1B:0D:F9:7A:9D
Certificate issuer:       /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial:       347D
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D8723AA8384511EEA0F73811C4F9AE02.roa
Signing time:             Fri 11 Aug 2023 12:51:53 +0000
ROA not before:           Fri 11 Aug 2023 12:51:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38616
IP address blocks:        111.88.79.0/24 maxlen: 24
                          111.88.138.0/24 maxlen: 24
                          111.88.139.0/24 maxlen: 24
                          111.88.144.0/20 maxlen: 23
                          111.88.144.0/23 maxlen: 24
                          111.88.146.0/24 maxlen: 24
                          111.88.150.0/23 maxlen: 24
                          111.88.152.0/23 maxlen: 24
                          111.88.156.0/22 maxlen: 24
                          111.88.164.0/22 maxlen: 24
                          111.88.168.0/22 maxlen: 24
                          111.88.184.0/22 maxlen: 23
                          115.186.0.0/24 maxlen: 24
                          115.186.19.0/24 maxlen: 24
                          115.186.48.0/21 maxlen: 24
                          115.186.64.0/19 maxlen: 21
                          115.186.64.0/21 maxlen: 24
                          115.186.76.0/22 maxlen: 24
                          115.186.80.0/20 maxlen: 24
                          115.186.97.0/24 maxlen: 24
                          115.186.99.0/24 maxlen: 24
                          115.186.100.0/22 maxlen: 22
                          115.186.100.0/24 maxlen: 24
                          115.186.104.0/24 maxlen: 24
                          115.186.105.0/24 maxlen: 24
                          115.186.114.0/24 maxlen: 24
                          115.186.116.0/22 maxlen: 22
                          115.186.116.0/24 maxlen: 24
                          115.186.122.0/23 maxlen: 23
                          115.186.126.0/23 maxlen: 23
                          115.186.127.0/24 maxlen: 24
                          117.102.12.0/22 maxlen: 24
                          117.102.29.0/24 maxlen: 24
                          117.102.30.0/24 maxlen: 24
                          117.102.31.0/24 maxlen: 24
                          203.81.216.0/24 maxlen: 24
                          203.81.219.0/24 maxlen: 24
                          203.81.220.0/22 maxlen: 22
                          203.81.220.0/24 maxlen: 24
                          203.81.221.0/24 maxlen: 24
                          203.81.222.0/24 maxlen: 24
                          203.81.223.0/24 maxlen: 24
                          203.81.224.0/22 maxlen: 22
                          203.81.224.0/24 maxlen: 24
                          203.81.225.0/24 maxlen: 24
                          203.81.226.0/24 maxlen: 24
                          203.81.227.0/24 maxlen: 24
                          203.81.228.0/23 maxlen: 24
                          203.81.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 30 Aug 2023 11:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13437 (0x347d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
        Validity
            Not Before: Aug 11 12:51:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64d62ee9-bbe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f9:f3:bf:2d:e6:9f:5d:f6:3b:9e:1f:bd:de:
                    40:19:b5:fa:b7:38:2d:15:02:9f:72:fb:b0:34:2a:
                    c4:10:99:27:4f:ac:93:6e:d7:5c:7d:29:ee:2c:87:
                    fc:d7:92:19:87:74:a2:66:7e:3d:6b:80:87:e4:12:
                    5f:f7:05:2b:96:95:9a:3f:cf:b3:b7:d0:34:0a:c9:
                    5f:c2:b4:13:84:85:78:6c:b4:57:96:6b:59:49:47:
                    95:ba:1c:17:e5:d3:3b:01:05:97:98:2a:da:ba:cd:
                    3b:f9:a3:70:3e:6a:56:7b:40:d6:7f:0a:15:d9:98:
                    0a:70:a3:7a:9e:41:ee:93:35:6d:d4:94:3e:98:1c:
                    9a:41:ce:eb:82:df:19:4b:3f:b4:2e:76:f4:a4:21:
                    ea:8b:36:5b:e7:3b:1f:df:c9:09:68:fa:6c:4f:0f:
                    87:1b:21:5a:96:ea:48:1e:3e:c6:8b:11:47:d1:c2:
                    c7:6c:20:a3:a4:ae:85:9d:59:f0:d6:06:5b:d3:92:
                    77:a0:d0:c6:93:ea:85:be:26:80:fb:98:59:ba:9c:
                    9b:6d:66:10:e1:d6:bd:26:ce:22:69:61:3e:bb:7f:
                    ea:7d:55:a3:8c:e2:54:df:92:56:44:98:18:0a:91:
                    ca:f3:d4:f7:4d:ee:87:32:e1:57:6a:b4:4f:46:17:
                    34:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:43:B4:03:3B:59:BD:60:B3:44:90:50:76:29:CC:1B:0D:F9:7A:9D
            X509v3 Authority Key Identifier:
                keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/D8723AA8384511EEA0F73811C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.88.79.0/24
                  111.88.138.0/23
                  111.88.144.0/20
                  111.88.164.0-111.88.171.255
                  111.88.184.0/22
                  115.186.0.0/24
                  115.186.19.0/24
                  115.186.48.0/21
                  115.186.64.0/19
                  115.186.97.0/24
                  115.186.99.0-115.186.105.255
                  115.186.114.0/24
                  115.186.116.0/22
                  115.186.122.0/23
                  115.186.126.0/23
                  117.102.12.0/22
                  117.102.29.0-117.102.31.255
                  203.81.216.0/24
                  203.81.219.0-203.81.229.255
                  203.81.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:e6:5b:6f:c8:e3:98:a9:da:3f:08:5f:e6:11:8f:64:11:4a:
         c3:ff:65:df:5b:63:02:45:36:29:20:7d:75:a2:7a:51:31:3d:
         e7:78:dd:e7:d9:a0:43:33:39:10:ac:58:a7:52:3c:7a:5a:75:
         42:43:c1:a3:81:3c:fe:95:0b:0b:e7:80:9a:a3:f6:e2:7a:10:
         51:2f:55:46:04:38:b6:f3:fe:46:a7:69:df:9c:0b:b6:d8:60:
         9c:23:0b:1f:13:dd:98:d5:69:ab:06:51:59:e1:a5:da:f5:80:
         fc:82:00:fb:f7:5c:97:5c:ec:22:da:37:7a:0f:e7:90:71:6d:
         76:a6:b7:e3:c4:c8:14:97:70:2c:98:0e:d7:f4:9f:22:26:57:
         0b:be:48:d0:30:dd:4d:24:72:67:88:74:f9:5f:10:30:8a:18:
         b3:a1:9e:19:23:50:e9:60:f2:11:c3:2d:5c:97:cc:88:dd:06:
         a3:8a:47:f8:c4:14:1e:ac:c5:9e:ea:80:f5:19:6a:d5:f4:1c:
         c5:cc:ed:76:7d:86:7a:4b:03:b3:ff:d8:eb:d6:dd:b5:71:cc:
         76:b8:db:4c:aa:26:f9:db:8e:8b:bf:04:9f:c9:11:7f:73:ef:
         88:6b:0c:f8:b2:87:0d:77:89:ed:50:e9:5e:03:37:3d:9e:1e:
         da:fe:59:d2
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICNH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwODExMTI1MTUzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2MmVlOS1iYmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvPnzvy3mn132O54fvd5AGbX6tzgtFQKfcvuwNCrEEJknT6yTbtdcfSnuLIf8
15IZh3SiZn49a4CH5BJf9wUrlpWaP8+zt9A0CslfwrQThIV4bLRXlmtZSUeVuhwX
5dM7AQWXmCraus07+aNwPmpWe0DWfwoV2ZgKcKN6nkHukzVt1JQ+mByaQc7rgt8Z
Sz+0Lnb0pCHqizZb5zsf38kJaPpsTw+HGyFalupIHj7GixFH0cLHbCCjpK6FnVnw
1gZb05J3oNDGk+qFviaA+5hZupybbWYQ4da9Js4iaWE+u3/qfVWjjOJU35JWRJgY
CpHK89T3Te6HMuFXarRPRhc0YQIDAQABo4IDLDCCAygwHQYDVR0OBBYEFOtDtAM7
Wb1gs0SQUHYpzBsN+XqdMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvRDg3MjNBQTgz
ODQ1MTFFRUEwRjczODExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbUGCCsGAQUFBwEHAQH/
BIGlMIGiMIGfBAIAATCBmAMEAG9YTwMEAW9YigMEBG9YkDAMAwQCb1ikAwQCb1io
AwQCb1i4AwQAc7oAAwQAc7oTAwQDc7owAwQFc7pAAwQAc7phMAwDBABzumMDBAFz
umgDBABzunIDBAJzunQDBAFzunoDBAFzun4DBAJ1ZgwwDAMEAHVmHQMEBXVmAAME
AMtR2DAMAwQAy1HbAwQBy1HkAwQAy1HnMA0GCSqGSIb3DQEBCwUAA4IBAQBg5ltv
yOOYqdo/CF/mEY9kEUrD/2XfW2MCRTYpIH11onpRMT3neN3n2aBDMzkQrFinUjx6
WnVCQ8GjgTz+lQsL54Cao/biehBRL1VGBDi28/5Gp2nfnAu22GCcIwsfE92Y1Wmr
BlFZ4aXa9YD8ggD791yXXOwi2jd6D+eQcW12prfjxMgUl3AsmA7X9J8iJlcLvkjQ
MN1NJHJniHT5XxAwihizoZ4ZI1DpYPIRwy1cl8yI3Qajikf4xBQerMWe6oD1GWrV
9BzFzO12fYZ6SwOz/9jr1t21ccx2uNtMqib5246LvwSfyRF/c++Iawz4socNd4nt
UOleAzc9nh7a/lnS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org