Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/9E2DB7F0E50711EDAFDF2556C4F9AE02.roa
File:                     9E2DB7F0E50711EDAFDF2556C4F9AE02.roa (raw, json)
Hash identifier:          J/eMoNH9cE1EJUvew0SJSDl1eTSGDijOTGjq8VbK3uE=
Subject key identifier:   F0:B9:77:CC:D5:ED:EE:C6:F8:54:5E:91:C3:CC:45:F6:8A:C2:FC:D4
Certificate issuer:       /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004
Certificate serial:       71
Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/9E2DB7F0E50711EDAFDF2556C4F9AE02.roa
Signing time:             Tue 21 Nov 2023 03:10:06 +0000
ROA not before:           Tue 21 Nov 2023 03:10:06 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     150436
IP address blocks:        101.47.0.0/18 maxlen: 24
                          101.47.64.0/20 maxlen: 24
                          101.47.80.0/20 maxlen: 24
                          2401:4c20::/40 maxlen: 40

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 08:44:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113 (0x71)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004
        Validity
            Not Before: Nov 21 03:10:06 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=655c1f8e-0e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e4:4d:eb:8f:9e:33:85:93:52:b4:84:6b:70:
                    c1:cc:fc:02:93:8c:a7:67:b0:2b:9e:36:02:40:a9:
                    0a:9a:f2:11:cf:ab:36:6c:f7:89:10:2f:e9:87:5d:
                    17:c1:73:e8:4a:02:29:e2:c5:9e:eb:45:94:2d:74:
                    8d:86:16:37:27:48:67:d7:2a:21:85:26:1f:80:43:
                    f0:ad:37:9e:6b:17:ac:67:d1:ff:ee:9f:77:ad:b1:
                    5f:d0:c9:52:cd:f3:ea:4d:8c:9e:1b:fc:55:66:b7:
                    c7:1f:c4:04:28:3c:e9:76:86:7f:a5:2d:6f:51:09:
                    6d:39:63:e7:7d:f9:6b:ae:f4:66:59:b0:74:0e:84:
                    f1:64:af:85:52:68:6d:54:39:68:df:f0:15:9c:1d:
                    ab:47:6b:44:a6:b5:e9:1a:a7:fd:f0:5a:35:bb:9f:
                    48:85:53:76:d0:33:0c:62:c4:c5:d3:9d:49:be:22:
                    c7:66:58:11:51:5a:ee:66:20:d8:1d:ca:38:11:1e:
                    36:6a:b9:93:38:c2:24:e1:77:05:c0:02:70:49:fe:
                    7f:79:b2:ca:55:09:1e:1d:27:d4:05:bd:4e:62:b9:
                    d1:86:82:59:ac:5b:8d:7b:1b:96:08:01:7c:fc:52:
                    22:7f:3c:49:a8:64:4c:52:96:a8:6b:70:50:13:48:
                    d1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B9:77:CC:D5:ED:EE:C6:F8:54:5E:91:C3:CC:45:F6:8A:C2:FC:D4
            X509v3 Authority Key Identifier:
                keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/9E2DB7F0E50711EDAFDF2556C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  101.47.0.0-101.47.95.255
                IPv6:
                  2401:4c20::/40

    Signature Algorithm: sha256WithRSAEncryption
         56:12:94:a8:ae:ac:fc:17:7a:73:17:b2:a8:40:72:d5:26:13:
         28:50:d6:6b:70:7e:1f:b2:1a:c7:fa:f0:98:0e:8d:9e:e7:31:
         c1:95:5a:d0:f2:03:df:42:89:be:20:0c:2d:a3:e2:40:18:1f:
         d4:88:65:73:d6:23:2a:99:a2:3c:d8:d8:74:41:33:85:24:a1:
         70:55:47:5b:b3:04:9c:c9:8c:74:26:7b:0f:00:c6:fe:71:95:
         5f:59:28:17:0d:a8:63:2c:7c:12:1c:57:bc:c9:2d:25:4e:c2:
         b0:e6:7c:09:73:61:c8:4c:ee:0c:27:a6:2f:96:19:86:b3:65:
         b1:7f:3a:ad:b3:14:55:cf:d8:fc:63:86:b6:29:57:92:e0:7b:
         46:ce:0b:71:80:99:0d:7c:3c:a9:81:0c:4a:a7:ce:a3:95:b7:
         88:db:96:b9:45:35:c9:87:a1:6a:80:ac:cb:20:de:2b:98:a3:
         5e:ec:40:66:9d:27:98:32:5b:c3:c5:0e:25:4b:e9:ac:86:e0:
         80:81:b8:62:4d:4d:c5:42:e7:cd:89:0f:66:10:f8:04:67:a2:
         3b:be:21:5d:01:f3:b8:ec:e8:e2:73:29:a2:63:6f:e7:06:1c:
         fb:7e:56:20:4d:70:73:de:92:59:e5:51:42:76:c1:39:21:c4:
         dd:64:10:c5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QjUyMDExMC8GA1UEBRMoNTQyQjk0RDg2MjVDRjcxMTk2NEZEMTM3NDEyOTVEMjdB
RDdBOTAwNDAeFw0yMzExMjEwMzEwMDZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NWMxZjhlLTBlNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC25E3rj54zhZNStIRrcMHM/AKTjKdnsCueNgJAqQqa8hHPqzZs94kQL+mHXRfB
c+hKAinixZ7rRZQtdI2GFjcnSGfXKiGFJh+AQ/CtN55rF6xn0f/un3etsV/QyVLN
8+pNjJ4b/FVmt8cfxAQoPOl2hn+lLW9RCW05Y+d9+Wuu9GZZsHQOhPFkr4VSaG1U
OWjf8BWcHatHa0Smtekap/3wWjW7n0iFU3bQMwxixMXTnUm+IsdmWBFRWu5mINgd
yjgRHjZquZM4wiThdwXAAnBJ/n95sspVCR4dJ9QFvU5iudGGglmsW417G5YIAXz8
UiJ/PEmoZExSlqhrcFATSNH1AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQU8Ll3zNXt
7sb4VF6Rw8xF9orC/NQwHwYDVR0jBBgwFoAUVCuU2GJc9xGWT9E3QSldJ616kAQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCNTIwLzE2MUQ0QzBBRTRD
QTExRURBNDE0RTI1OUM0RjlBRTAyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtB
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVkN1VTJHSmM5eEdXVDlFM1FTbGRKNjE2a0FRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QjUyMC8xNjFENEMwQUU0Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi85RTJEQjdGMEU1
MDcxMUVEQUZERjI1NTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEwQCAAEwDTALAwMAZS8DBAVlL0AwDgQCAAIwCAMGACQBTCAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBWEpSorqz8F3pzF7KoQHLVJhMoUNZrcH4fshrH+vCYDo2e5zHB
lVrQ8gPfQom+IAwto+JAGB/UiGVz1iMqmaI82Nh0QTOFJKFwVUdbswScyYx0JnsP
AMb+cZVfWSgXDahjLHwSHFe8yS0lTsKw5nwJc2HITO4MJ6YvlhmGs2WxfzqtsxRV
z9j8Y4a2KVeS4HtGzgtxgJkNfDypgQxKp86jlbeI25a5RTXJh6FqgKzLIN4rmKNe
7EBmnSeYMlvDxQ4lS+mshuCAgbhiTU3FQufNiQ9mEPgEZ6I7viFdAfO47Ojicymi
Y2/nBhz7flYgTXBz3pJZ5VFCdsE5IcTdZBDF
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org