Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9199560/CE17025C2E7D11EB9EF74267C4F9AE02/E66FA5282E7F11EB8870606CC4F9AE02.roa
File:                     E66FA5282E7F11EB8870606CC4F9AE02.roa (raw, json)
Hash identifier:          hvQ6ZuWnOVpBdH2//70ssxwTnhrGcw4Jb0aMYQ4Vvsw=
Subject key identifier:   E1:AF:06:3A:17:02:A9:C5:CB:55:3B:E7:7A:34:31:B4:A9:E4:F9:CE
Certificate issuer:       /CN=A9199560/serialNumber=27395E42B97D78CE3B2F85946B27E7C688075432
Certificate serial:       0621
Authority key identifier: 27:39:5E:42:B9:7D:78:CE:3B:2F:85:94:6B:27:E7:C6:88:07:54:32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JzleQrl9eM47L4WUayfnxogHVDI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9199560/CE17025C2E7D11EB9EF74267C4F9AE02/E66FA5282E7F11EB8870606CC4F9AE02.roa
Signing time:             Tue 31 Oct 2023 23:31:17 +0000
ROA not before:           Tue 31 Oct 2023 23:31:17 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        103.130.176.0/24 maxlen: 24
                          103.130.177.0/24 maxlen: 24
                          103.130.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 01:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1569 (0x621)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9199560/serialNumber=27395E42B97D78CE3B2F85946B27E7C688075432
        Validity
            Not Before: Oct 31 23:31:17 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65418e45-b558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:bd:be:aa:bd:63:e4:82:0c:24:ca:27:0f:b4:
                    27:65:00:af:03:78:59:a2:f3:c7:6c:67:2e:c9:ee:
                    7f:c0:5e:70:ac:96:07:1c:d0:87:8c:0b:16:6a:0c:
                    ff:88:29:1d:4d:d1:1c:38:7d:44:c4:7e:dd:00:28:
                    a1:53:57:fe:b2:9e:e2:d0:22:51:d9:09:6e:31:27:
                    7d:4b:c6:06:df:7f:ba:d1:32:68:bc:b3:2a:a1:13:
                    fc:82:7f:e4:2f:99:e7:4e:b7:b0:fa:0c:0d:b7:c1:
                    66:87:9a:53:1a:65:0c:bd:e7:49:e9:5b:cb:f4:9d:
                    7f:3f:ff:08:ec:43:ba:63:33:59:6d:68:55:f6:e4:
                    52:17:0a:37:fd:f6:34:cc:e2:ef:09:5e:c6:45:eb:
                    fa:99:55:e5:89:6a:d4:ae:80:6e:0e:bb:46:f5:f1:
                    c4:f2:c3:52:a0:63:6b:51:d1:65:c1:3d:1f:e2:27:
                    21:0a:59:48:9e:61:4e:0a:08:9a:6f:fc:07:a1:0c:
                    7d:e7:f7:19:7c:fc:49:33:d2:7a:58:6d:1b:7c:71:
                    2f:c0:83:d1:82:51:06:65:85:41:48:dc:a9:00:4c:
                    c1:87:f0:e1:f2:26:c5:78:91:f6:7e:db:f8:9c:ef:
                    47:a7:5f:5b:60:c6:86:75:9d:ce:24:ef:5d:4d:06:
                    8d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:AF:06:3A:17:02:A9:C5:CB:55:3B:E7:7A:34:31:B4:A9:E4:F9:CE
            X509v3 Authority Key Identifier:
                keyid:27:39:5E:42:B9:7D:78:CE:3B:2F:85:94:6B:27:E7:C6:88:07:54:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9199560/CE17025C2E7D11EB9EF74267C4F9AE02/JzleQrl9eM47L4WUayfnxogHVDI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JzleQrl9eM47L4WUayfnxogHVDI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199560/CE17025C2E7D11EB9EF74267C4F9AE02/E66FA5282E7F11EB8870606CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.176.0-103.130.178.255

    Signature Algorithm: sha256WithRSAEncryption
         96:64:16:ce:49:5c:92:93:ac:10:8e:7f:95:30:f1:47:1f:bb:
         20:3a:65:71:58:b6:d4:49:fe:ca:40:3a:94:56:b4:a1:ce:b5:
         5a:7b:0b:7f:98:34:fa:c0:f3:a8:a9:f2:08:8c:32:6d:c3:ca:
         66:46:c7:ff:e0:32:76:cb:07:53:2a:25:f1:8a:67:e5:05:cb:
         5b:d6:14:a3:e3:f2:2b:6e:10:e6:14:d2:7a:ae:63:19:5b:c9:
         16:ee:dc:db:74:ca:11:32:c4:b3:b7:96:2f:a7:b8:de:6d:9d:
         68:a6:fd:74:14:0f:b9:35:a8:78:bf:e5:aa:89:46:41:dd:4d:
         df:e8:74:1b:6c:69:8c:14:cc:1d:1c:5c:71:e8:79:3a:7b:b7:
         9b:56:6e:eb:5a:2a:a9:ad:13:bb:ec:7a:d3:22:fc:12:f4:40:
         f4:d1:9e:a9:4b:74:15:f9:73:58:a9:7f:50:6b:7c:9c:c4:d0:
         28:ff:b0:e2:13:62:b8:74:58:0a:1c:61:bf:d6:41:0e:7e:f5:
         e1:44:82:54:77:2e:08:24:99:ea:0f:0b:62:db:8a:54:25:05:
         db:4a:d7:2f:c4:8c:a3:db:b4:fd:6a:96:5b:5b:b6:f6:1d:65:
         a0:0c:5f:a8:63:ae:5d:bc:89:83:1c:d5:45:44:ba:bc:d4:61:
         56:0d:1d:6a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk1NjAxMTAvBgNVBAUTKDI3Mzk1RTQyQjk3RDc4Q0UzQjJGODU5NDZCMjdFN0M2
ODgwNzU0MzIwHhcNMjMxMDMxMjMzMTE3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQxOGU0NS1iNTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnb2+qr1j5IIMJMonD7QnZQCvA3hZovPHbGcuye5/wF5wrJYHHNCHjAsWagz/
iCkdTdEcOH1ExH7dACihU1f+sp7i0CJR2QluMSd9S8YG33+60TJovLMqoRP8gn/k
L5nnTrew+gwNt8Fmh5pTGmUMvedJ6VvL9J1/P/8I7EO6YzNZbWhV9uRSFwo3/fY0
zOLvCV7GRev6mVXliWrUroBuDrtG9fHE8sNSoGNrUdFlwT0f4ichCllInmFOCgia
b/wHoQx95/cZfPxJM9J6WG0bfHEvwIPRglEGZYVBSNypAEzBh/Dh8ibFeJH2ftv4
nO9Hp19bYMaGdZ3OJO9dTQaN5wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFOGvBjoX
AqnFy1U753o0MbSp5PnOMB8GA1UdIwQYMBaAFCc5XkK5fXjOOy+FlGsn58aIB1Qy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTU2MC9DRTE3MDI1QzJF
N0QxMUVCOUVGNzQyNjdDNEY5QUUwMi9KemxlUXJsOWVNNDdMNFdVYXlmbnhvZ0hW
REkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0p6bGVRcmw5ZU00N0w0V1VheWZueG9nSFZESS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk1NjAvQ0UxNzAyNUMyRTdEMTFFQjlFRjc0MjY3QzRGOUFFMDIvRTY2RkE1Mjgy
RTdGMTFFQjg4NzA2MDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEBGeCsAMEAGeCsjANBgkqhkiG9w0BAQsFAAOCAQEAlmQW
zklckpOsEI5/lTDxRx+7IDplcVi21En+ykA6lFa0oc61WnsLf5g0+sDzqKnyCIwy
bcPKZkbH/+AydssHUyol8Ypn5QXLW9YUo+PyK24Q5hTSeq5jGVvJFu7c23TKETLE
s7eWL6e43m2daKb9dBQPuTWoeL/lqolGQd1N3+h0G2xpjBTMHRxcceh5Onu3m1Zu
61oqqa0Tu+x60yL8EvRA9NGeqUt0FflzWKl/UGt8nMTQKP+w4hNiuHRYChxhv9ZB
Dn714USCVHcuCCSZ6g8LYtuKVCUF20rXL8SMo9u0/WqWW1u29h1loAxfqGOuXbyJ
gxzVRUS6vNRhVg0dag==
-----END CERTIFICATE-----
Generated at Fri Jan 19 03:05:24 2024 by rpki-client on console-ams.rpki-client.org