Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/4BA1C33ED09111EEBE6FC469C4F9AE02.roa
File:                     4BA1C33ED09111EEBE6FC469C4F9AE02.roa (raw, json)
Hash identifier:          ZHDJk2RId4mY0PkMiV+VRRu0VA/Y9pA627kUM2Fd+yQ=
Subject key identifier:   F1:47:C3:4E:3B:91:23:29:A9:A5:3A:A0:66:ED:7F:40:37:B6:79:A6
Certificate issuer:       /CN=A919BC76/serialNumber=87A12E75149B3D8A4D272A13093EF6AC9B252CF3
Certificate serial:       99
Authority key identifier: 87:A1:2E:75:14:9B:3D:8A:4D:27:2A:13:09:3E:F6:AC:9B:25:2C:F3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6EudRSbPYpNJyoTCT72rJslLPM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/4BA1C33ED09111EEBE6FC469C4F9AE02.roa
Signing time:             Wed 21 Feb 2024 08:14:55 +0000
ROA not before:           Wed 21 Feb 2024 08:14:55 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     151200
IP address blocks:        103.69.76.0/23 maxlen: 23
                          103.69.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 07:44:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153 (0x99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919BC76/serialNumber=87A12E75149B3D8A4D272A13093EF6AC9B252CF3
        Validity
            Not Before: Feb 21 08:14:55 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65d5b0ff-ce01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b2:cf:c4:64:de:a9:f1:82:4f:7d:4e:6e:1d:
                    2a:7f:cf:c8:6d:65:5d:c6:2f:ee:f1:fc:fe:63:f1:
                    55:31:e1:85:e5:fa:f1:aa:9f:1f:94:ea:94:13:93:
                    a8:1b:8d:20:ac:17:ba:8a:e4:45:3d:8e:eb:c7:23:
                    7b:72:36:9e:f3:2b:63:0a:8d:7b:e9:5f:8e:09:2e:
                    3e:40:dd:d7:1f:92:e6:0e:8e:af:a0:5d:35:79:1c:
                    c9:d0:e0:92:68:e7:87:0c:9b:09:a8:79:7d:77:1f:
                    e7:bc:83:36:d8:3d:b9:d9:2b:bd:5f:a3:2d:46:87:
                    36:ef:06:37:f3:95:b0:3d:02:32:11:22:a6:6b:ef:
                    1e:1d:aa:6a:5f:11:41:f9:95:54:b5:bd:42:80:6d:
                    70:e1:3b:08:8c:5e:85:97:30:ec:06:93:91:f7:84:
                    8a:d3:92:bd:4f:6e:bc:e1:cf:91:cc:c1:6a:ce:e0:
                    42:4a:47:fc:38:26:3d:b4:f5:20:20:a1:fd:5f:d0:
                    ac:1f:4c:fb:5c:09:de:00:4d:12:02:43:37:eb:c4:
                    0f:c1:7b:63:40:cd:39:b8:ad:60:75:0f:57:e2:ff:
                    58:a8:99:8f:7d:ed:f6:e9:8d:11:3e:1d:0f:09:94:
                    8d:08:b2:62:a7:1f:67:4a:c8:d9:fd:30:3f:c1:25:
                    81:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:47:C3:4E:3B:91:23:29:A9:A5:3A:A0:66:ED:7F:40:37:B6:79:A6
            X509v3 Authority Key Identifier:
                keyid:87:A1:2E:75:14:9B:3D:8A:4D:27:2A:13:09:3E:F6:AC:9B:25:2C:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/h6EudRSbPYpNJyoTCT72rJslLPM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6EudRSbPYpNJyoTCT72rJslLPM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BC76/F1AD3E3EE8BB11ED8538DA1FC4F9AE02/4BA1C33ED09111EEBE6FC469C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ad:cd:1a:9a:80:65:0a:1f:8d:e8:08:58:dd:04:1c:17:ae:7a:
         d2:4e:76:7c:8d:89:52:2d:b2:a8:ce:20:ab:69:89:e4:8f:b3:
         ed:79:ce:5a:d9:ba:4b:12:75:16:08:5d:70:6c:ef:16:0f:4e:
         9e:f4:8a:d9:18:3c:29:ed:fb:2e:09:44:fb:19:27:d4:63:26:
         e1:b4:ca:e8:22:0a:4d:8d:ad:4d:12:5b:d3:94:3d:74:90:4c:
         7b:8b:52:29:59:eb:1b:01:60:1f:7c:1e:b8:18:46:aa:a3:f5:
         71:42:7a:e4:7a:50:13:35:69:86:ec:99:17:8c:61:f9:d1:88:
         51:23:9e:a1:52:9c:18:ef:2c:8c:dc:5f:fd:10:24:87:33:55:
         c9:7a:79:31:24:3e:74:42:3b:05:41:e5:b4:1e:75:26:dd:cd:
         90:cf:65:8a:4f:2a:5c:34:8b:8f:f7:d0:0b:0d:86:9f:a5:fd:
         d9:17:a9:0b:82:2f:92:86:da:19:60:c9:90:e6:cd:7d:44:08:
         17:25:83:e1:2e:d3:25:0e:bf:64:6c:f0:f6:20:48:9a:49:90:
         f7:91:1c:6c:f9:20:9f:24:10:bd:77:38:7f:b8:84:fb:7d:01:
         22:bd:45:3a:c0:81:df:55:aa:bc:3e:82:35:e6:b6:19:e6:6b:
         0e:0c:69:41
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUJDNzYxMTAvBgNVBAUTKDg3QTEyRTc1MTQ5QjNEOEE0RDI3MkExMzA5M0VGNkFD
OUIyNTJDRjMwHhcNMjQwMjIxMDgxNDU1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ1YjBmZi1jZTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvbLPxGTeqfGCT31Obh0qf8/IbWVdxi/u8fz+Y/FVMeGF5frxqp8flOqUE5Oo
G40grBe6iuRFPY7rxyN7cjae8ytjCo176V+OCS4+QN3XH5LmDo6voF01eRzJ0OCS
aOeHDJsJqHl9dx/nvIM22D252Su9X6MtRoc27wY385WwPQIyESKma+8eHapqXxFB
+ZVUtb1CgG1w4TsIjF6FlzDsBpOR94SK05K9T2684c+RzMFqzuBCSkf8OCY9tPUg
IKH9X9CsH0z7XAneAE0SAkM368QPwXtjQM05uK1gdQ9X4v9YqJmPfe326Y0RPh0P
CZSNCLJipx9nSsjZ/TA/wSWBywIDAQABo4IClTCCApEwHQYDVR0OBBYEFPFHw047
kSMpqaU6oGbtf0A3tnmmMB8GA1UdIwQYMBaAFIehLnUUmz2KTScqEwk+9qybJSzz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkM3Ni9GMUFEM0UzRUU4
QkIxMUVEODUzOERBMUZDNEY5QUUwMi9oNkV1ZFJTYlBZcE5KeW9UQ1Q3MnJKc2xM
UE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g2RXVkUlNiUFlwTkp5b1RDVDcyckpzbExQTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUJDNzYvRjFBRDNFM0VFOEJCMTFFRDg1MzhEQTFGQzRGOUFFMDIvNEJBMUMzM0VE
MDkxMTFFRUJFNkZDNDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnRUwwDQYJKoZIhvcNAQELBQADggEBAK3NGpqAZQofjegI
WN0EHBeuetJOdnyNiVItsqjOIKtpieSPs+15zlrZuksSdRYIXXBs7xYPTp70itkY
PCnt+y4JRPsZJ9RjJuG0yugiCk2NrU0SW9OUPXSQTHuLUilZ6xsBYB98HrgYRqqj
9XFCeuR6UBM1aYbsmReMYfnRiFEjnqFSnBjvLIzcX/0QJIczVcl6eTEkPnRCOwVB
5bQedSbdzZDPZYpPKlw0i4/30AsNhp+l/dkXqQuCL5KG2hlgyZDmzX1ECBclg+Eu
0yUOv2Rs8PYgSJpJkPeRHGz5IJ8kEL13OH+4hPt9ASK9RTrAgd9Vqrw+gjXmthnm
aw4MaUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org