Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/E761A38C324811EC84006646C4F9AE02.roa
File:                     E761A38C324811EC84006646C4F9AE02.roa (raw, json)
Hash identifier:          /3/7GWvnWQQUw9nhXT/AJNkLLqXZgkdZAqfDTMifFfc=
Subject key identifier:   84:B0:94:FF:4C:18:32:A8:95:E5:6D:EA:12:48:44:97:0E:1F:95:3F
Certificate issuer:       /CN=A917AD0E/serialNumber=C9BB92FAC6A5532E423556751D0EA72891E6DE7A
Certificate serial:       0659
Authority key identifier: C9:BB:92:FA:C6:A5:53:2E:42:35:56:75:1D:0E:A7:28:91:E6:DE:7A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ybuS-salUy5CNVZ1HQ6nKJHm3no.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/E761A38C324811EC84006646C4F9AE02.roa
Signing time:             Wed 16 Aug 2023 22:19:43 +0000
ROA not before:           Wed 16 Aug 2023 22:19:43 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     399546
IP address blocks:        103.118.16.0/24 maxlen: 24
                          103.118.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 10:11:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1625 (0x659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917AD0E/serialNumber=C9BB92FAC6A5532E423556751D0EA72891E6DE7A
        Validity
            Not Before: Aug 16 22:19:43 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64dd4b7f-73c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:12:ed:14:e2:43:e2:65:86:a9:0b:5d:f1:b0:
                    83:0a:e5:10:40:e9:0c:ab:f6:f3:cd:2b:3b:b3:7f:
                    ba:33:8c:fc:ea:b3:82:da:a8:53:12:3b:88:28:76:
                    9a:66:63:9d:17:5c:3f:7a:25:09:cb:38:f2:98:31:
                    2f:35:8a:cf:2b:d2:82:c6:58:24:64:3e:29:a8:41:
                    d0:61:e9:f0:c2:89:72:8a:08:f1:1b:f4:be:65:0a:
                    a9:b9:51:5a:3e:c2:5a:3c:37:af:f8:a5:3b:ab:39:
                    36:87:e1:39:ea:0c:90:9c:49:27:d2:8c:71:41:19:
                    3b:52:ee:25:2c:aa:ad:55:74:8b:af:38:30:cc:fd:
                    ee:c7:ec:89:a1:75:89:53:25:b5:13:6b:8f:b8:fb:
                    eb:0a:0d:69:f4:76:a7:9b:d2:e4:28:3a:d5:e2:80:
                    a9:c3:d2:fc:72:f5:7c:91:12:a7:c4:d4:c5:fe:77:
                    50:59:f9:c7:ec:88:4b:a0:16:c1:bd:85:6b:14:63:
                    d6:6a:78:72:f3:01:ee:48:7c:6d:c1:64:f1:50:be:
                    db:5d:8e:68:b4:b8:21:2a:39:8c:bb:0b:28:2d:c3:
                    f0:7b:5c:b4:49:e4:f6:41:3c:c6:22:6d:78:bd:8b:
                    03:d8:bd:b2:73:d9:37:fc:3b:ba:a7:66:d8:23:4f:
                    e9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B0:94:FF:4C:18:32:A8:95:E5:6D:EA:12:48:44:97:0E:1F:95:3F
            X509v3 Authority Key Identifier:
                keyid:C9:BB:92:FA:C6:A5:53:2E:42:35:56:75:1D:0E:A7:28:91:E6:DE:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/ybuS-salUy5CNVZ1HQ6nKJHm3no.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ybuS-salUy5CNVZ1HQ6nKJHm3no.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AD0E/142820B20D5B11EBAD51CE36C4F9AE02/E761A38C324811EC84006646C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a8:a4:1e:43:47:a2:c3:a8:0e:51:21:1e:7d:90:35:4b:7a:4b:
         f7:ab:9e:3e:df:c9:a3:9d:0c:ee:c0:99:58:e1:c1:45:3e:ec:
         f0:27:2e:86:b4:1f:0f:29:5f:7d:7b:da:8f:6d:7e:e2:f5:30:
         78:aa:41:b8:03:7b:bd:bc:c1:be:e5:12:fe:a1:a2:f8:f8:a9:
         28:b4:dc:c1:38:72:d1:d2:9c:ef:e1:32:a5:20:ff:bc:29:d8:
         28:e0:8b:2e:0d:8b:0e:27:7f:f9:f3:40:f0:57:19:ad:09:b6:
         43:3a:13:c4:23:70:50:31:07:e9:2e:04:79:18:2a:ed:9c:97:
         8a:7d:b2:73:58:e6:c3:f7:90:4a:0a:7b:68:49:7b:4d:0a:50:
         e4:4f:d2:b7:f8:98:56:90:bc:52:50:ef:eb:8d:43:e0:37:3e:
         4c:c7:5a:ee:fc:b9:4f:bc:67:17:f9:f5:50:f6:de:ac:64:62:
         63:11:90:56:70:17:77:b5:e6:7a:a6:61:de:ce:b3:e3:ca:ce:
         ca:df:02:74:d7:29:b8:0c:39:5f:8b:75:a1:9c:0e:e1:fb:f5:
         78:5b:b9:9e:29:b8:b5:30:dd:8e:fd:61:9c:37:b8:37:82:a6:
         b8:1f:18:8c:92:7a:0d:ce:77:5a:71:4a:c2:80:16:17:d2:62:
         2a:60:0e:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FEMEUxMTAvBgNVBAUTKEM5QkI5MkZBQzZBNTUzMkU0MjM1NTY3NTFEMEVBNzI4
OTFFNkRFN0EwHhcNMjMwODE2MjIxOTQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRkNGI3Zi03M2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4xLtFOJD4mWGqQtd8bCDCuUQQOkMq/bzzSs7s3+6M4z86rOC2qhTEjuIKHaa
ZmOdF1w/eiUJyzjymDEvNYrPK9KCxlgkZD4pqEHQYenwwolyigjxG/S+ZQqpuVFa
PsJaPDev+KU7qzk2h+E56gyQnEkn0oxxQRk7Uu4lLKqtVXSLrzgwzP3ux+yJoXWJ
UyW1E2uPuPvrCg1p9Hanm9LkKDrV4oCpw9L8cvV8kRKnxNTF/ndQWfnH7IhLoBbB
vYVrFGPWanhy8wHuSHxtwWTxUL7bXY5otLghKjmMuwsoLcPwe1y0SeT2QTzGIm14
vYsD2L2yc9k3/Du6p2bYI0/pHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFISwlP9M
GDKoleVt6hJIRJcOH5U/MB8GA1UdIwQYMBaAFMm7kvrGpVMuQjVWdR0OpyiR5t56
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUQwRS8xNDI4MjBCMjBE
NUIxMUVCQUQ1MUNFMzZDNEY5QUUwMi95YnVTLXNhbFV5NUNOVloxSFE2bktKSG0z
bm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lidVMtc2FsVXk1Q05WWjFIUTZuS0pIbTNuby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0FEMEUvMTQyODIwQjIwRDVCMTFFQkFENTFDRTM2QzRGOUFFMDIvRTc2MUEzOEMz
MjQ4MTFFQzg0MDA2NjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFndhAwDQYJKoZIhvcNAQELBQADggEBAKikHkNHosOoDlEh
Hn2QNUt6S/ernj7fyaOdDO7AmVjhwUU+7PAnLoa0Hw8pX3172o9tfuL1MHiqQbgD
e728wb7lEv6hovj4qSi03ME4ctHSnO/hMqUg/7wp2Cjgiy4Niw4nf/nzQPBXGa0J
tkM6E8QjcFAxB+kuBHkYKu2cl4p9snNY5sP3kEoKe2hJe00KUORP0rf4mFaQvFJQ
7+uNQ+A3PkzHWu78uU+8Zxf59VD23qxkYmMRkFZwF3e15nqmYd7Os+PKzsrfAnTX
KbgMOV+LdaGcDuH79XhbuZ4puLUw3Y79YZw3uDeCprgfGIySeg3Od1pxSsKAFhfS
YipgDnA=
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:40:31 2024 by rpki-client on console-fra.rpki-client.org