Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/21B5495AFCF811ED8F8B6F18C4F9AE02.roa
File:                     21B5495AFCF811ED8F8B6F18C4F9AE02.roa (raw, json)
Hash identifier:          6EZ6fMwQDwX3UfX4xaShSmzzMXFJ46vZNEA//eno1Bw=
Subject key identifier:   07:88:35:7C:3E:51:E9:DE:C9:9A:96:48:C0:1F:4F:05:93:DB:2F:81
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       0610
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/21B5495AFCF811ED8F8B6F18C4F9AE02.roa
Signing time:             Mon 12 Jun 2023 14:47:48 +0000
ROA not before:           Mon 12 Jun 2023 14:47:48 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        103.54.152.0/24 maxlen: 24
                          103.54.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 30 Jul 2023 20:54:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1552 (0x610)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: Jun 12 14:47:48 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64873014-1b4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e1:63:99:e2:46:82:7e:c6:96:f4:7c:ca:56:
                    3d:19:cc:0e:b3:de:84:8a:8e:d0:50:b5:ba:d9:28:
                    07:11:b1:6e:43:c6:5e:94:d7:a8:7a:34:70:2e:72:
                    d0:0d:07:a2:aa:49:e1:2a:eb:f0:e2:00:b5:db:3a:
                    f3:eb:cd:d4:a4:2f:09:dc:3e:9c:9d:10:9e:23:48:
                    0a:e1:72:0b:1c:c5:b7:c5:76:75:9a:a1:7d:a5:c2:
                    67:8a:3c:f1:e6:50:2e:ab:17:2f:3d:f2:2a:46:90:
                    b0:e4:ba:72:73:07:b7:64:24:ad:03:89:da:10:9a:
                    48:7c:5f:d0:3e:10:50:cf:0f:ef:01:67:36:e4:9c:
                    25:75:23:cc:24:44:83:3f:84:1a:a6:6a:81:81:0d:
                    8f:12:ca:1c:e1:ef:65:ea:ac:f5:d1:00:d2:47:dd:
                    44:6b:92:01:d1:b4:fb:c2:7a:db:14:b4:e7:55:8e:
                    f2:8d:07:9c:bf:ee:53:d8:66:dc:24:eb:a2:2e:00:
                    81:5f:2a:81:39:83:05:e3:90:6b:76:ce:72:6e:e9:
                    76:3e:2c:3d:4e:18:ba:e2:01:6f:af:48:83:60:93:
                    b6:72:02:c2:5e:cb:1f:99:23:e3:ab:19:da:39:5a:
                    91:2d:0f:fb:f5:32:82:d4:6c:68:c8:31:8f:65:96:
                    90:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:88:35:7C:3E:51:E9:DE:C9:9A:96:48:C0:1F:4F:05:93:DB:2F:81
            X509v3 Authority Key Identifier:
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/21B5495AFCF811ED8F8B6F18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.54.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:0e:f6:d8:7c:59:54:4b:16:21:3a:d9:6e:82:db:89:63:b0:
         d9:68:03:b3:31:bb:e0:33:35:c3:fb:93:f6:2c:01:ac:f1:33:
         8b:44:4a:c0:26:a8:8d:9f:e7:d6:a5:1b:ae:00:90:fa:72:75:
         6c:e2:0b:9c:1b:65:09:db:29:d1:46:ff:7a:f1:81:f7:bb:4b:
         f6:60:74:3d:63:63:2c:2f:5f:d2:f9:3a:ff:3a:cb:5d:b0:69:
         55:a9:8f:68:b5:a0:7c:b5:ad:31:e1:14:78:a5:a0:60:e9:6a:
         25:f5:a2:b5:8e:06:5b:f0:0f:74:5d:4d:2f:82:57:3e:93:1b:
         2b:3c:08:35:d0:3f:ee:c5:dd:71:66:7e:77:ed:f2:f5:e5:bc:
         4e:b2:e8:00:6c:94:f5:6d:70:93:08:32:a9:f1:d7:88:fb:2e:
         45:fd:9d:41:a9:50:65:86:6c:33:8b:84:de:c2:5a:6a:b6:54:
         41:27:45:e0:87:42:34:03:30:9f:74:84:c3:ff:b1:cb:72:9a:
         83:59:d1:5f:c6:65:90:ec:6c:a4:6a:24:a7:71:82:ec:04:a3:
         64:06:80:41:df:4c:c7:b0:0c:44:64:bb:9e:e8:56:fe:5a:ed:
         09:db:4c:61:ce:f4:ce:cb:c7:c9:c3:8e:62:a7:c3:ce:d3:16:
         8f:3c:86:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwNjEyMTQ0NzQ4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg3MzAxNC0xYjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0eFjmeJGgn7GlvR8ylY9GcwOs96Eio7QULW62SgHEbFuQ8ZelNeoejRwLnLQ
DQeiqknhKuvw4gC12zrz683UpC8J3D6cnRCeI0gK4XILHMW3xXZ1mqF9pcJnijzx
5lAuqxcvPfIqRpCw5Lpycwe3ZCStA4naEJpIfF/QPhBQzw/vAWc25JwldSPMJESD
P4QapmqBgQ2PEsoc4e9l6qz10QDSR91Ea5IB0bT7wnrbFLTnVY7yjQecv+5T2Gbc
JOuiLgCBXyqBOYMF45Brds5ybul2Piw9Thi64gFvr0iDYJO2cgLCXssfmSPjqxna
OVqRLQ/79TKC1GxoyDGPZZaQrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAeINXw+
UeneyZqWSMAfTwWT2y+BMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMjFCNTQ5NUFG
Q0Y4MTFFRDhGOEI2RjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnNpgwDQYJKoZIhvcNAQELBQADggEBAF4O9th8WVRLFiE6
2W6C24ljsNloA7Mxu+AzNcP7k/YsAazxM4tESsAmqI2f59alG64AkPpydWziC5wb
ZQnbKdFG/3rxgfe7S/ZgdD1jYywvX9L5Ov86y12waVWpj2i1oHy1rTHhFHiloGDp
aiX1orWOBlvwD3RdTS+CVz6TGys8CDXQP+7F3XFmfnft8vXlvE6y6ABslPVtcJMI
Mqnx14j7LkX9nUGpUGWGbDOLhN7CWmq2VEEnReCHQjQDMJ90hMP/sctymoNZ0V/G
ZZDsbKRqJKdxguwEo2QGgEHfTMewDERku57oVv5a7QnbTGHO9M7Lx8nDjmKnw87T
Fo88hgc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org