Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/E54D7B6225ED11EE84D2F151C4F9AE02.roa
File:                     E54D7B6225ED11EE84D2F151C4F9AE02.roa (raw, json)
Hash identifier:          Cwg+Q1QztIUil2C5oHRIlNOvRQXCuMKWOmElLaSBMS0=
Subject key identifier:   E1:6D:C7:2D:B8:E4:5B:A2:71:AB:1F:14:F1:31:13:68:A3:36:1A:8F
Certificate issuer:       /CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Certificate serial:       0486
Authority key identifier: 7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/E54D7B6225ED11EE84D2F151C4F9AE02.roa
Signing time:             Wed 19 Jul 2023 04:36:58 +0000
ROA not before:           Wed 19 Jul 2023 04:36:58 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        103.116.64.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 21 Jul 2023 03:17:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1158 (0x486)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
        Validity
            Not Before: Jul 19 04:36:58 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64b7686a-4e83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:45:af:86:f2:94:98:99:f3:e4:6d:ac:42:8c:
                    ca:d3:1f:a2:17:83:75:d4:0e:18:e3:c6:f0:42:78:
                    b0:fe:52:18:5f:19:81:02:a7:07:15:4b:d4:8a:4f:
                    be:d0:74:24:ae:b6:77:1d:f6:eb:89:cb:d7:bd:ad:
                    2e:27:16:1d:b5:81:ad:be:cf:f3:8b:fb:3e:ea:6d:
                    b1:50:08:7d:2e:f3:8c:01:2c:3e:b2:ac:3f:fe:fb:
                    36:a7:65:7a:01:65:18:a3:99:27:4c:62:7d:dc:de:
                    f3:bc:e8:32:c8:e8:b4:a1:10:6e:4c:73:e0:0f:f5:
                    89:c8:8b:4e:23:e9:6d:ee:0b:17:53:1a:34:be:09:
                    b6:27:51:29:48:fe:da:6f:e6:e9:a1:ad:61:5b:60:
                    f1:b5:78:b1:51:7e:63:c2:d3:82:5c:63:60:c8:84:
                    a1:ed:a2:62:52:d5:e8:0a:14:95:92:f8:2d:e6:af:
                    2e:c2:ef:c3:71:70:c0:07:24:1d:84:14:cf:de:47:
                    92:8c:32:9a:6a:e0:f2:91:8e:f1:79:19:65:3f:9d:
                    eb:65:80:9a:de:f1:c9:80:4f:d4:6e:ac:1b:66:ff:
                    fe:4d:cb:ca:cb:35:46:b0:a9:4e:ef:eb:7c:6b:86:
                    fd:05:df:9a:c1:e8:83:c1:67:c3:16:6b:f6:9f:a3:
                    76:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:6D:C7:2D:B8:E4:5B:A2:71:AB:1F:14:F1:31:13:68:A3:36:1A:8F
            X509v3 Authority Key Identifier:
                keyid:7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/f_PqmsCDJR9dMLAdBWvLzeGn7i0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/E54D7B6225ED11EE84D2F151C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:91:a7:ce:25:57:6b:87:d3:80:3b:2d:46:d6:53:f0:90:e7:
         78:b1:6f:03:73:0d:5e:c8:f2:be:ec:4d:ae:b1:12:c5:09:c5:
         26:c7:82:fe:46:12:04:2d:cf:b6:87:93:a7:cc:9c:60:03:cf:
         c2:2e:f6:04:dc:e6:ca:7e:7b:bf:96:22:8d:ac:73:09:37:d0:
         6a:95:1a:7c:42:f9:8c:ca:fd:19:f5:91:2f:86:0f:84:6f:f8:
         5e:77:0a:a1:2d:8e:ac:8b:aa:51:53:99:f4:cf:57:5b:e3:85:
         8f:40:3c:fd:aa:1d:25:df:f4:37:c2:a5:0b:47:81:d0:48:7b:
         df:46:92:9f:7d:f4:84:ce:12:33:d2:c1:70:34:a3:82:ee:bb:
         df:49:c3:fb:39:e0:53:6f:a8:77:a7:8d:a6:75:f0:a7:33:a5:
         b3:f5:7d:f8:b7:d8:97:2f:8b:23:ef:c6:71:11:d0:17:34:58:
         69:f2:ed:4f:25:c5:1b:7f:46:c5:ba:df:f3:31:aa:c6:bd:88:
         36:2f:5f:77:a6:de:c7:8e:00:44:ed:24:fa:a5:f1:bb:69:05:
         09:85:03:8c:0e:1f:50:52:ee:40:82:8a:f9:56:c8:fb:74:4e:
         73:31:7d:e0:72:47:de:37:5a:c8:50:4b:f6:0d:84:5c:d3:45:
         74:72:89:cd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRBM0YxMTAvBgNVBAUTKDdGRjNFQTlBQzA4MzI1MUY1RDMwQjAxRDA1NkJDQkNE
RTFBN0VFMkQwHhcNMjMwNzE5MDQzNjU4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI3Njg2YS00ZTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEWvhvKUmJnz5G2sQozK0x+iF4N11A4Y48bwQniw/lIYXxmBAqcHFUvUik++
0HQkrrZ3HfbricvXva0uJxYdtYGtvs/zi/s+6m2xUAh9LvOMASw+sqw//vs2p2V6
AWUYo5knTGJ93N7zvOgyyOi0oRBuTHPgD/WJyItOI+lt7gsXUxo0vgm2J1EpSP7a
b+bpoa1hW2DxtXixUX5jwtOCXGNgyISh7aJiUtXoChSVkvgt5q8uwu/DcXDAByQd
hBTP3keSjDKaauDykY7xeRllP53rZYCa3vHJgE/UbqwbZv/+TcvKyzVGsKlO7+t8
a4b9Bd+aweiDwWfDFmv2n6N2wQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOFtxy24
5FuicasfFPExE2ijNhqPMB8GA1UdIwQYMBaAFH/z6prAgyUfXTCwHQVry83hp+4t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REEzRi8wNEZGODlEOEI2
Q0QxMUVCOEUxMDgwMjZDNEY5QUUwMi9mX1BxbXNDREpSOWRNTEFkQld2THplR243
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfUHFtc0NESlI5ZE1MQWRCV3ZMemVHbjdpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRBM0YvMDRGRjg5RDhCNkNEMTFFQjhFMTA4MDI2QzRGOUFFMDIvRTU0RDdCNjIy
NUVEMTFFRTg0RDJGMTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndEAwDQYJKoZIhvcNAQELBQADggEBAAyRp84lV2uH04A7
LUbWU/CQ53ixbwNzDV7I8r7sTa6xEsUJxSbHgv5GEgQtz7aHk6fMnGADz8Iu9gTc
5sp+e7+WIo2scwk30GqVGnxC+YzK/Rn1kS+GD4Rv+F53CqEtjqyLqlFTmfTPV1vj
hY9APP2qHSXf9DfCpQtHgdBIe99Gkp999ITOEjPSwXA0o4Luu99Jw/s54FNvqHen
jaZ18KczpbP1ffi32JcviyPvxnER0Bc0WGny7U8lxRt/RsW63/Mxqsa9iDYvX3em
3seOAETtJPql8btpBQmFA4wOH1BS7kCCivlWyPt0TnMxfeByR943WshQS/YNhFzT
RXRyic0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org