Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917F241/EB2136880BF611EF9CA9C151C4F9AE02/432F4C520BF711EF904EA752C4F9AE02.roa
File:                     432F4C520BF711EF904EA752C4F9AE02.roa (raw, json)
Hash identifier:          tqh7wDFlXS/J5cOytojM7QALEyVpM0SxJ9d1Dwd/CrU=
Subject key identifier:   71:2E:DC:ED:FF:3A:8E:A6:0A:71:0F:A2:FC:45:C4:4D:CA:E5:03:BB
Certificate issuer:       /CN=A917F241/serialNumber=29CD8DF8806E11674CBC5F9DF4DBF8D23E0C2283
Certificate serial:       04
Authority key identifier: 29:CD:8D:F8:80:6E:11:67:4C:BC:5F:9D:F4:DB:F8:D2:3E:0C:22:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kc2N-IBuEWdMvF-d9Nv40j4MIoM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917F241/EB2136880BF611EF9CA9C151C4F9AE02/432F4C520BF711EF904EA752C4F9AE02.roa
Signing time:             Mon 06 May 2024 22:29:24 +0000
ROA not before:           Mon 06 May 2024 22:29:24 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     136953
IP address blocks:        103.100.26.0/24 maxlen: 24
                          103.111.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Aug 2024 23:58:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917F241/serialNumber=29CD8DF8806E11674CBC5F9DF4DBF8D23E0C2283
        Validity
            Not Before: May  6 22:29:24 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=663959c4-310a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1d:37:df:cd:04:6a:c2:18:b1:18:d3:2f:18:
                    85:d4:16:17:4c:6f:f8:f6:a6:02:4c:96:0f:68:ea:
                    92:7d:d8:cf:d8:86:ec:e4:46:be:91:f2:27:eb:6b:
                    b7:5c:83:69:01:6e:08:c1:67:19:93:57:30:ff:28:
                    c5:58:fb:73:9d:47:34:19:99:bc:3f:04:1e:f9:d2:
                    03:5d:a5:26:98:da:99:34:31:b1:da:ba:d7:ee:2b:
                    2d:35:29:94:a9:79:b8:4d:99:c2:12:ca:a4:ae:09:
                    40:99:88:65:70:45:e3:0b:a7:3f:64:99:5b:29:3c:
                    4a:2d:ff:e7:34:cc:cc:01:b0:99:b1:f8:c7:9d:22:
                    83:3d:eb:17:c2:07:2f:ac:97:96:91:fe:51:9c:b4:
                    57:7d:62:64:8a:cf:4a:53:82:a4:ec:8a:95:9c:e4:
                    b3:0d:01:69:cc:7c:6b:75:4a:e6:3f:c6:d0:e2:d7:
                    bf:fd:93:e7:76:cc:7c:10:62:82:7e:f6:69:20:7b:
                    17:86:49:35:36:56:43:42:47:7e:01:7d:d8:d1:ad:
                    07:b1:74:7c:76:46:8c:b5:f0:b5:30:fd:20:fd:9e:
                    86:0b:d8:dd:48:07:3e:fd:2f:e1:f9:2f:0b:7e:92:
                    6a:d8:35:e1:9a:5e:e0:c7:24:4f:bd:74:d5:c4:5a:
                    b5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:2E:DC:ED:FF:3A:8E:A6:0A:71:0F:A2:FC:45:C4:4D:CA:E5:03:BB
            X509v3 Authority Key Identifier:
                keyid:29:CD:8D:F8:80:6E:11:67:4C:BC:5F:9D:F4:DB:F8:D2:3E:0C:22:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917F241/EB2136880BF611EF9CA9C151C4F9AE02/Kc2N-IBuEWdMvF-d9Nv40j4MIoM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kc2N-IBuEWdMvF-d9Nv40j4MIoM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F241/EB2136880BF611EF9CA9C151C4F9AE02/432F4C520BF711EF904EA752C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.100.26.0/24
                  103.111.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:97:fb:63:86:4c:8a:fa:a9:32:94:4a:e7:cc:67:b8:f4:a2:
         8c:46:0a:9d:b1:e9:49:21:f7:10:20:07:81:ed:16:ec:06:a5:
         0c:49:dc:aa:55:ac:5e:65:67:cc:1d:9a:16:c6:37:1b:fe:de:
         4f:8f:60:13:80:13:74:de:8d:45:b6:63:8f:fb:e7:12:5d:26:
         af:d9:59:01:ea:19:40:da:1a:53:01:d0:6d:29:73:35:ef:40:
         93:db:33:13:c2:8f:87:6c:95:d4:6a:fe:16:cb:8f:ac:11:8f:
         fb:d8:99:89:91:a9:45:88:b1:23:17:ca:11:4a:a5:84:40:9f:
         7e:0b:d4:f5:03:69:52:c0:fd:37:15:33:81:c3:ba:8a:8f:0a:
         04:92:01:33:99:f3:87:6a:6c:93:65:b9:47:d6:b6:17:52:a5:
         3b:4f:74:8d:5d:05:a6:2c:14:c9:6b:3f:b3:3e:2c:4d:37:98:
         97:ec:bd:fe:74:f3:55:6e:59:ad:3b:84:7c:da:b6:95:91:1c:
         68:c8:94:ac:a2:b4:84:f2:c0:a9:7e:fc:76:eb:fa:66:b8:90:
         3a:b6:2f:2e:bf:89:1a:98:9c:03:f3:80:2d:36:ed:6d:6c:65:
         72:de:ec:74:e7:92:4a:13:85:9c:2a:1d:09:85:08:d9:c9:92:
         ea:d0:8d:d1
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RjI0MTExMC8GA1UEBRMoMjlDRDhERjg4MDZFMTE2NzRDQkM1RjlERjREQkY4RDIz
RTBDMjI4MzAeFw0yNDA1MDYyMjI5MjRaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Mzk1OWM0LTMxMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/HTffzQRqwhixGNMvGIXUFhdMb/j2pgJMlg9o6pJ92M/YhuzkRr6R8ifra7dc
g2kBbgjBZxmTVzD/KMVY+3OdRzQZmbw/BB750gNdpSaY2pk0MbHautfuKy01KZSp
ebhNmcISyqSuCUCZiGVwReMLpz9kmVspPEot/+c0zMwBsJmx+MedIoM96xfCBy+s
l5aR/lGctFd9YmSKz0pTgqTsipWc5LMNAWnMfGt1SuY/xtDi17/9k+d2zHwQYoJ+
9mkgexeGSTU2VkNCR34BfdjRrQexdHx2Roy18LUw/SD9noYL2N1IBz79L+H5Lwt+
kmrYNeGaXuDHJE+9dNXEWrWPAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUcS7c7f86
jqYKcQ+i/EXETcrlA7swHwYDVR0jBBgwFoAUKc2N+IBuEWdMvF+d9Nv40j4MIoMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMjQxL0VCMjEzNjg4MEJG
NjExRUY5Q0E5QzE1MUM0RjlBRTAyL0tjMk4tSUJ1RVdkTXZGLWQ5TnY0MGo0TUlv
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS2MyTi1JQnVFV2RNdkYtZDlOdjQwajRNSW9NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjI0MS9FQjIxMzY4ODBCRjYxMUVGOUNBOUMxNTFDNEY5QUUwMi80MzJGNEM1MjBC
RjcxMUVGOTA0RUE3NTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGdkGgMEAGdv2DANBgkqhkiG9w0BAQsFAAOCAQEAcpf7Y4ZM
ivqpMpRK58xnuPSijEYKnbHpSSH3ECAHge0W7AalDEncqlWsXmVnzB2aFsY3G/7e
T49gE4ATdN6NRbZjj/vnEl0mr9lZAeoZQNoaUwHQbSlzNe9Ak9szE8KPh2yV1Gr+
FsuPrBGP+9iZiZGpRYixIxfKEUqlhECffgvU9QNpUsD9NxUzgcO6io8KBJIBM5nz
h2psk2W5R9a2F1KlO090jV0FpiwUyWs/sz4sTTeYl+y9/nTzVW5ZrTuEfNq2lZEc
aMiUrKK0hPLAqX78duv6ZriQOrYvLr+JGpicA/OALTbtbWxlct7sdOeSShOFnCod
CYUI2cmS6tCN0Q==
-----END CERTIFICATE-----
Generated at Fri Aug 23 03:55:06 2024 by rpki-client on console-ams.rpki-client.org