Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
File:                     1CD708523B4A11EEA4BB216FC4F9AE02.roa (raw, json)
Hash identifier:          QUk7Gw8AlHH0gcBbgSdvJpbhH3rU8nVB1WY1Ewi2sWc=
Subject key identifier:   96:33:CA:AA:B4:43:58:41:B8:F3:B7:96:9C:39:00:D1:18:4A:8F:A8
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       0638
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
Signing time:             Tue 15 Aug 2023 09:00:00 +0000
ROA not before:           Tue 15 Aug 2023 09:00:00 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     47813
IP address blocks:        103.54.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Sep 2023 15:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1592 (0x638)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: Aug 15 09:00:00 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64db3e8f-293f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:4c:b4:8f:6c:40:fb:b3:5d:f0:e6:cc:a6:c0:
                    da:1d:38:3d:c5:21:47:a9:fe:d6:cf:b2:d6:37:de:
                    bc:35:c8:1d:16:2f:fb:14:1b:bc:61:f3:e2:42:ff:
                    d7:c6:3c:9d:fa:fa:e9:1e:aa:da:3a:a8:27:f5:cb:
                    9e:2e:90:c1:70:64:e0:0e:52:0b:3e:d8:2d:4e:84:
                    8f:f4:ff:f1:a0:68:85:bb:a6:fd:c2:a6:af:6b:20:
                    4b:0e:6f:c3:3c:b6:d1:84:73:5e:7e:4a:1a:1a:cf:
                    7e:63:de:9f:54:71:c5:09:e0:5f:e5:41:28:51:af:
                    c2:d1:41:02:53:1f:ba:0e:05:1d:6b:97:92:d1:74:
                    01:45:ce:22:7f:52:7b:9a:19:eb:cf:97:95:fd:b7:
                    fa:8b:4d:6d:c6:96:37:f2:ea:7a:dd:a0:e2:98:e3:
                    be:d6:9e:d8:c4:23:e9:02:ec:92:0c:59:3e:ec:14:
                    0f:62:fa:2e:90:1b:c7:6a:97:e3:60:cf:c6:b2:43:
                    06:eb:d9:69:55:2f:31:07:a5:d5:b4:32:39:d8:58:
                    72:43:dc:8b:4f:0f:80:10:7d:8e:9d:14:0f:7b:ff:
                    37:2c:8d:a1:f4:34:2d:aa:dc:84:a8:df:b8:81:4f:
                    ab:38:af:a2:05:6b:26:6d:c8:56:0e:b7:03:1b:2a:
                    9b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:33:CA:AA:B4:43:58:41:B8:F3:B7:96:9C:39:00:D1:18:4A:8F:A8
            X509v3 Authority Key Identifier:
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1CD708523B4A11EEA4BB216FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.54.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:54:65:37:26:c4:27:88:ff:7a:91:58:b9:af:a5:d0:2e:a2:
         d7:bf:40:88:fd:69:b3:a0:92:90:60:11:ed:37:93:7d:fe:2f:
         4c:6a:99:cd:0a:25:c8:a4:f6:1c:28:61:97:ee:0e:6b:5e:7c:
         bd:a3:5c:d6:63:ed:cb:d5:8e:ea:b2:a2:1f:01:90:b1:f2:9a:
         11:d2:da:68:11:ae:d0:b9:99:f3:95:61:e5:ad:af:d2:27:65:
         87:10:c4:cc:d2:4d:61:8c:74:95:dd:96:5f:8c:d7:9a:54:72:
         c1:61:d5:63:45:39:c5:39:03:a8:20:d4:66:92:3e:e0:a3:e9:
         2e:86:e5:a5:6f:93:b7:3a:f6:7b:0f:6f:2e:ea:04:10:52:fd:
         a6:ed:19:db:0b:fb:6c:8b:0b:7d:a3:87:23:15:94:f6:e1:3c:
         83:7b:14:a1:fd:a5:d6:91:7d:0c:a2:db:0d:0f:03:82:16:d2:
         f7:8e:ff:be:4a:1b:94:f7:9d:67:8c:26:e5:c1:84:b4:fe:8c:
         58:93:eb:2a:20:7f:d2:e2:8b:8f:1c:e1:fe:02:ef:f9:2e:e3:
         60:7f:d1:36:98:f7:e8:fb:89:2c:14:cf:94:2e:58:16:0e:17:
         c8:08:e1:12:08:fa:af:fc:f9:85:7f:8f:0f:7a:95:9c:c7:b7:
         4e:9c:0d:93
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwODE1MDkwMDAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiM2U4Zi0yOTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ey0j2xA+7Nd8ObMpsDaHTg9xSFHqf7Wz7LWN968NcgdFi/7FBu8YfPiQv/X
xjyd+vrpHqraOqgn9cueLpDBcGTgDlILPtgtToSP9P/xoGiFu6b9wqavayBLDm/D
PLbRhHNefkoaGs9+Y96fVHHFCeBf5UEoUa/C0UECUx+6DgUda5eS0XQBRc4if1J7
mhnrz5eV/bf6i01txpY38up63aDimOO+1p7YxCPpAuySDFk+7BQPYvoukBvHapfj
YM/GskMG69lpVS8xB6XVtDI52FhyQ9yLTw+AEH2OnRQPe/83LI2h9DQtqtyEqN+4
gU+rOK+iBWsmbchWDrcDGyqbBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJYzyqq0
Q1hBuPO3lpw5ANEYSo+oMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMUNENzA4NTIz
QjRBMTFFRUE0QkIyMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpgwDQYJKoZIhvcNAQELBQADggEBAKdUZTcmxCeI/3qR
WLmvpdAuote/QIj9abOgkpBgEe03k33+L0xqmc0KJcik9hwoYZfuDmtefL2jXNZj
7cvVjuqyoh8BkLHymhHS2mgRrtC5mfOVYeWtr9InZYcQxMzSTWGMdJXdll+M15pU
csFh1WNFOcU5A6gg1GaSPuCj6S6G5aVvk7c69nsPby7qBBBS/abtGdsL+2yLC32j
hyMVlPbhPIN7FKH9pdaRfQyi2w0PA4IW0veO/75KG5T3nWeMJuXBhLT+jFiT6yog
f9Lii48c4f4C7/ku42B/0TaY9+j7iSwUz5QuWBYOF8gI4RII+q/8+YV/jw96lZzH
t06cDZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org