Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186C05/7E16E59AEFD911EDBC545971C4F9AE02/AFB1CD36F09211EDAA42B82AC4F9AE02.roa
File:                     AFB1CD36F09211EDAA42B82AC4F9AE02.roa (raw, json)
Hash identifier:          tbewbLFkuIyDRGua2ulUKGVroOrJ0NOK3vYx+Yy8p/4=
Subject key identifier:   1E:E6:3F:01:E8:B3:12:85:FA:A3:6F:59:F4:C8:D6:80:3F:65:95:AF
Certificate issuer:       /CN=A9186C05/serialNumber=A8F4A4D78517110D7B180A5E371B9805C625230B
Certificate serial:       32
Authority key identifier: A8:F4:A4:D7:85:17:11:0D:7B:18:0A:5E:37:1B:98:05:C6:25:23:0B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qPSk14UXEQ17GApeNxuYBcYlIws.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186C05/7E16E59AEFD911EDBC545971C4F9AE02/AFB1CD36F09211EDAA42B82AC4F9AE02.roa
Signing time:             Sat 05 Aug 2023 05:05:13 +0000
ROA not before:           Sat 05 Aug 2023 05:05:13 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     136993
IP address blocks:        103.69.132.0/22 maxlen: 24
                          116.66.176.0/24 maxlen: 24
                          116.66.177.0/24 maxlen: 24
                          116.66.178.0/24 maxlen: 24
                          116.66.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 02:52:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50 (0x32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186C05/serialNumber=A8F4A4D78517110D7B180A5E371B9805C625230B
        Validity
            Not Before: Aug  5 05:05:13 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64cdd888-3a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:dd:6b:e3:e6:36:b0:c5:cd:9b:2e:6d:7f:24:
                    71:cb:73:cf:63:e4:d6:1b:0c:06:69:9c:e1:50:1a:
                    80:63:e2:07:6b:95:9e:a7:ba:f9:14:42:72:cc:e6:
                    20:c4:a1:be:95:ba:b9:5e:62:26:53:19:db:01:b6:
                    a9:87:14:c1:cb:80:28:6f:54:8f:4f:6d:a8:44:cd:
                    1c:fe:4a:cf:4f:89:ce:9c:fd:78:72:91:1b:3b:bb:
                    74:59:6c:4b:e3:0e:c9:e0:c9:4f:e6:a7:c8:1f:43:
                    93:45:d3:48:ea:0c:a0:5e:c8:65:b7:ec:9b:34:d3:
                    fc:66:e2:2f:63:7b:29:f0:85:22:40:b4:bc:19:fe:
                    30:0e:52:32:f2:ea:c7:e9:5c:5a:19:7e:5f:02:be:
                    49:56:f3:9d:06:af:95:ba:76:51:1a:cb:8a:4f:43:
                    bc:4a:24:e4:97:2a:67:f2:0e:9d:87:1f:67:23:ca:
                    7a:4b:26:d3:3b:80:68:9a:97:58:d1:67:04:c9:79:
                    dc:ad:73:42:6f:78:33:b6:27:15:d9:6f:9d:a9:0a:
                    c6:7d:69:2b:46:82:28:a5:80:c5:f9:8d:5c:fe:a1:
                    9a:99:09:89:82:56:5e:a0:01:cf:23:74:0f:91:85:
                    67:73:e9:27:57:ae:6f:09:1a:f1:fe:d8:35:fc:65:
                    bd:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E6:3F:01:E8:B3:12:85:FA:A3:6F:59:F4:C8:D6:80:3F:65:95:AF
            X509v3 Authority Key Identifier:
                keyid:A8:F4:A4:D7:85:17:11:0D:7B:18:0A:5E:37:1B:98:05:C6:25:23:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186C05/7E16E59AEFD911EDBC545971C4F9AE02/qPSk14UXEQ17GApeNxuYBcYlIws.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qPSk14UXEQ17GApeNxuYBcYlIws.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186C05/7E16E59AEFD911EDBC545971C4F9AE02/AFB1CD36F09211EDAA42B82AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.132.0/22
                  116.66.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:9b:25:e8:03:77:d1:06:82:55:6a:02:2f:d1:83:ca:82:a3:
         20:c8:d4:15:6e:1f:37:49:5a:71:ee:99:76:bf:3a:e5:da:ad:
         1a:98:9f:62:67:1d:d3:9b:d6:7a:a2:4f:72:fe:d0:95:bf:bd:
         10:64:47:8a:ff:5f:d3:e6:f9:b0:2b:bf:11:96:e0:d2:d4:06:
         75:45:77:74:8a:46:7f:49:f2:d5:08:10:07:1b:46:da:16:b2:
         94:3a:ab:9a:26:26:25:c3:87:21:e9:dd:4a:d0:a7:48:fc:a9:
         ee:1a:b7:e1:2f:21:60:8f:70:83:8a:7c:58:b7:e0:53:23:23:
         51:17:e9:df:f8:06:3c:46:5f:28:a3:2a:c4:ed:6a:d7:30:dd:
         ab:6d:85:94:bd:fb:ff:2b:7d:bd:12:ef:9e:d2:35:cf:30:da:
         71:b6:d0:11:c9:8b:b5:64:74:01:c0:0e:52:97:b6:9e:99:c1:
         08:70:c0:fe:f3:7f:82:ff:7f:6a:19:2e:0d:dd:05:41:0a:ff:
         16:fa:82:01:2c:d0:1a:7d:69:10:d0:98:60:e9:93:b6:02:d3:
         83:95:22:6f:79:3f:9f:cd:05:83:90:1d:c2:ab:58:1f:60:5d:
         57:9c:42:60:c3:61:6e:e8:d1:59:c4:6f:d9:1e:71:b1:f1:39:
         3a:b1:d0:da
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NkMwNTExMC8GA1UEBRMoQThGNEE0RDc4NTE3MTEwRDdCMTgwQTVFMzcxQjk4MDVD
NjI1MjMwQjAeFw0yMzA4MDUwNTA1MTNaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0Y2RkODg4LTNhMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCz3Wvj5jawxc2bLm1/JHHLc89j5NYbDAZpnOFQGoBj4gdrlZ6nuvkUQnLM5iDE
ob6VurleYiZTGdsBtqmHFMHLgChvVI9PbahEzRz+Ss9Pic6c/XhykRs7u3RZbEvj
DsngyU/mp8gfQ5NF00jqDKBeyGW37Js00/xm4i9jeynwhSJAtLwZ/jAOUjLy6sfp
XFoZfl8CvklW850Gr5W6dlEay4pPQ7xKJOSXKmfyDp2HH2cjynpLJtM7gGial1jR
ZwTJedytc0JveDO2JxXZb52pCsZ9aStGgiilgMX5jVz+oZqZCYmCVl6gAc8jdA+R
hWdz6SdXrm8JGvH+2DX8Zb0rAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUHuY/Aeiz
EoX6o29Z9MjWgD9lla8wHwYDVR0jBBgwFoAUqPSk14UXEQ17GApeNxuYBcYlIwsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg2QzA1LzdFMTZFNTlBRUZE
OTExRURCQzU0NTk3MUM0RjlBRTAyL3FQU2sxNFVYRVExN0dBcGVOeHVZQmNZbEl3
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcVBTazE0VVhFUTE3R0FwZU54dVlCY1lsSXdzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NkMwNS83RTE2RTU5QUVGRDkxMUVEQkM1NDU5NzFDNEY5QUUwMi9BRkIxQ0QzNkYw
OTIxMUVEQUE0MkI4MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdFhAMEAnRCsDANBgkqhkiG9w0BAQsFAAOCAQEAaJsl6AN3
0QaCVWoCL9GDyoKjIMjUFW4fN0lace6Zdr865dqtGpifYmcd05vWeqJPcv7Qlb+9
EGRHiv9f0+b5sCu/EZbg0tQGdUV3dIpGf0ny1QgQBxtG2haylDqrmiYmJcOHIend
StCnSPyp7hq34S8hYI9wg4p8WLfgUyMjURfp3/gGPEZfKKMqxO1q1zDdq22FlL37
/yt9vRLvntI1zzDacbbQEcmLtWR0AcAOUpe2npnBCHDA/vN/gv9/ahkuDd0FQQr/
FvqCASzQGn1pENCYYOmTtgLTg5Uib3k/n80Fg5AdwqtYH2BdV5xCYMNhbujRWcRv
2R5xsfE5OrHQ2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org