Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/4FC77880E1F011EE9320D385C4F9AE02.roa
File:                     4FC77880E1F011EE9320D385C4F9AE02.roa (raw, json)
Hash identifier:          b5KavFeK0WX7/DR6g+gJ9Rfuf2etkzaNXe+URRFVEXY=
Subject key identifier:   00:E4:06:3A:38:50:5A:0E:22:A9:53:25:5D:85:16:A5:AF:48:2D:45
Certificate issuer:       /CN=A91977B8/serialNumber=6BA99ED6391A67CCA610E565F453EB0912514F0E
Certificate serial:       18
Authority key identifier: 6B:A9:9E:D6:39:1A:67:CC:A6:10:E5:65:F4:53:EB:09:12:51:4F:0E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6me1jkaZ8ymEOVl9FPrCRJRTw4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/4FC77880E1F011EE9320D385C4F9AE02.roa
Signing time:             Tue 16 Apr 2024 02:22:36 +0000
ROA not before:           Tue 16 Apr 2024 02:22:36 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     135338
IP address blocks:        103.225.28.0/23 maxlen: 23
                          103.225.28.0/24 maxlen: 24
                          103.225.29.0/24 maxlen: 24
                          2001:df2:95c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 16 Apr 2024 03:37:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24 (0x18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91977B8/serialNumber=6BA99ED6391A67CCA610E565F453EB0912514F0E
        Validity
            Not Before: Apr 16 02:22:36 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=661de0ec-14a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:13:63:4d:6a:b9:7d:86:ed:74:6b:30:13:a8:
                    7e:67:19:05:c9:02:b7:43:ea:6d:41:b7:37:f8:7c:
                    38:09:a4:3a:3c:ee:68:80:3d:b3:73:0c:94:24:6e:
                    49:ed:9b:d8:09:1a:08:3a:3b:fc:4a:e6:9d:ed:cb:
                    32:5a:ac:9f:a2:1f:be:a3:13:7b:19:ce:39:44:4f:
                    91:20:1f:5d:e9:71:de:ee:d4:00:68:30:e5:89:f9:
                    bb:f1:43:a8:de:de:03:cf:b1:86:76:06:2e:fd:bd:
                    92:00:ce:6b:71:68:0e:db:b3:8e:5c:16:9d:0b:14:
                    3b:46:a1:80:2b:f5:8c:90:9b:8b:55:9a:38:21:7d:
                    c4:6b:b2:32:02:d9:d0:94:85:51:4c:8d:de:1a:4c:
                    74:81:9c:18:19:cc:cf:a8:d8:20:7e:8c:ad:4e:76:
                    69:21:ad:91:2c:9a:0f:09:a2:5d:d7:1c:95:d1:02:
                    00:93:45:71:c7:58:f6:af:37:7c:6f:41:68:47:ab:
                    0a:11:e9:a5:f6:93:d5:f7:34:02:1f:d5:c9:89:b2:
                    bb:6c:c3:30:2e:5c:22:52:99:39:2c:8f:39:ba:3b:
                    c4:4d:63:d8:7e:61:c3:c9:af:34:2b:1a:51:50:f3:
                    d3:22:f0:fc:77:21:d4:27:b4:6c:24:44:ec:49:cc:
                    70:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E4:06:3A:38:50:5A:0E:22:A9:53:25:5D:85:16:A5:AF:48:2D:45
            X509v3 Authority Key Identifier:
                keyid:6B:A9:9E:D6:39:1A:67:CC:A6:10:E5:65:F4:53:EB:09:12:51:4F:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/a6me1jkaZ8ymEOVl9FPrCRJRTw4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6me1jkaZ8ymEOVl9FPrCRJRTw4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/4FC77880E1F011EE9320D385C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.225.28.0/23
                IPv6:
                  2001:df2:95c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         2d:f1:2c:90:c8:e1:ed:70:06:46:13:de:1c:6a:00:aa:3d:16:
         59:79:7f:f6:cd:60:f1:c8:6a:d9:d4:cd:15:a7:4c:ad:5a:c6:
         51:8a:f3:0f:94:d0:c2:e8:16:8e:74:66:47:ae:1d:8c:50:5b:
         5b:68:0d:48:76:8c:12:d3:64:0d:9d:dd:81:9c:97:ed:51:59:
         98:21:13:ac:7b:51:bb:04:e5:92:a2:68:11:dc:3c:b9:21:19:
         0e:b7:3a:46:2a:3f:af:87:1d:1e:d1:36:ac:01:3d:cc:c8:2b:
         da:1e:90:27:34:95:86:53:16:3c:7c:e4:cf:8d:4a:1b:1e:e7:
         d8:36:7c:57:33:4b:f8:13:4d:32:f8:86:ea:b6:36:96:b3:0f:
         92:1f:68:c1:5a:ae:5a:81:f9:3f:62:51:84:27:41:2a:9e:74:
         ee:61:78:19:b3:dd:d0:bd:08:39:6b:23:8c:6d:0c:bd:b8:79:
         d8:4a:cd:cc:96:ed:05:e1:cf:68:6b:a3:0d:20:bb:7c:de:64:
         1d:07:39:01:62:42:e3:01:55:7e:7e:0e:e2:92:93:f4:a7:2b:
         1a:42:e6:05:cf:67:30:c4:27:b0:19:36:8c:cc:aa:c6:52:e2:
         73:22:a0:34:26:3f:98:bc:3f:f5:1f:28:41:b0:31:01:3b:35:
         ef:42:c2:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzdCODExMC8GA1UEBRMoNkJBOTlFRDYzOTFBNjdDQ0E2MTBFNTY1RjQ1M0VCMDkx
MjUxNEYwRTAeFw0yNDA0MTYwMjIyMzZaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MWRlMGVjLTE0YTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOE2NNarl9hu10azATqH5nGQXJArdD6m1Btzf4fDgJpDo87miAPbNzDJQkbknt
m9gJGgg6O/xK5p3tyzJarJ+iH76jE3sZzjlET5EgH13pcd7u1ABoMOWJ+bvxQ6je
3gPPsYZ2Bi79vZIAzmtxaA7bs45cFp0LFDtGoYAr9YyQm4tVmjghfcRrsjIC2dCU
hVFMjd4aTHSBnBgZzM+o2CB+jK1OdmkhrZEsmg8Jol3XHJXRAgCTRXHHWPavN3xv
QWhHqwoR6aX2k9X3NAIf1cmJsrtswzAuXCJSmTksjzm6O8RNY9h+YcPJrzQrGlFQ
89Mi8Px3IdQntGwkROxJzHBHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUAOQGOjhQ
Wg4iqVMlXYUWpa9ILUUwHwYDVR0jBBgwFoAUa6me1jkaZ8ymEOVl9FPrCRJRTw4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3N0I4LzBBQjA3NDA0RTFG
MDExRUU5MDFBNjA4NUM0RjlBRTAyL2E2bWUxamthWjh5bUVPVmw5RlByQ1JKUlR3
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYTZtZTFqa2FaOHltRU9WbDlGUHJDUkpSVHc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzdCOC8wQUIwNzQwNEUxRjAxMUVFOTAxQTYwODVDNEY5QUUwMi80RkM3Nzg4MEUx
RjAxMUVFOTMyMEQzODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWfhHDAPBAIAAjAJAwcAIAEN8pXAMA0GCSqGSIb3DQEBCwUA
A4IBAQAt8SyQyOHtcAZGE94cagCqPRZZeX/2zWDxyGrZ1M0Vp0ytWsZRivMPlNDC
6BaOdGZHrh2MUFtbaA1IdowS02QNnd2BnJftUVmYIROse1G7BOWSomgR3Dy5IRkO
tzpGKj+vhx0e0TasAT3MyCvaHpAnNJWGUxY8fOTPjUobHufYNnxXM0v4E00y+Ibq
tjaWsw+SH2jBWq5agfk/YlGEJ0EqnnTuYXgZs93QvQg5ayOMbQy9uHnYSs3Mlu0F
4c9oa6MNILt83mQdBzkBYkLjAVV+fg7ikpP0pysaQuYFz2cwxCewGTaMzKrGUuJz
IqA0Jj+YvD/1HyhBsDEBOzXvQsIZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org