Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/E287E968EB7B11EEA61D4D51C4F9AE02.roa
File:                     E287E968EB7B11EEA61D4D51C4F9AE02.roa (raw, json)
Hash identifier:          pV4eL63ob7dlWHdYcsMDLELlizVw497NSO84kQ5UZMY=
Subject key identifier:   75:21:1A:9F:E1:53:2C:45:0E:52:40:43:BE:81:83:E4:B5:1D:92:49
Certificate issuer:       /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Certificate serial:       04
Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/E287E968EB7B11EEA61D4D51C4F9AE02.roa
Signing time:             Tue 26 Mar 2024 14:19:41 +0000
ROA not before:           Tue 26 Mar 2024 14:19:41 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     150113
IP address blocks:        103.190.232.0/24 maxlen: 24
                          2400:9320::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 16:52:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
        Validity
            Not Before: Mar 26 14:19:41 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=6602d97d-830a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:de:9c:c0:d0:ec:30:ff:5b:f1:7b:8f:7b:0f:
                    e2:80:79:f6:63:58:9e:d8:d9:c3:db:bc:f2:77:89:
                    5f:55:8b:79:25:2e:ee:02:d3:38:3c:18:65:b8:40:
                    22:b6:ce:ef:a1:2f:6d:9d:57:dd:86:37:87:8a:ef:
                    4c:74:ce:8c:5d:9f:3b:5e:af:48:22:68:d5:63:d9:
                    4f:24:e7:a7:3c:49:97:84:e0:01:80:3d:ae:76:0e:
                    20:7b:1e:08:cd:d8:b0:44:3a:05:74:53:37:23:33:
                    f9:42:5e:1b:b8:bf:18:d5:c9:3b:6e:24:8b:ba:5b:
                    28:22:39:5d:09:0d:36:f8:7a:fa:71:ed:3b:a2:fe:
                    6f:30:81:7f:7b:74:40:10:78:d1:66:13:dc:77:d6:
                    33:23:1a:02:d4:21:be:be:1c:33:ce:b3:e8:17:ad:
                    c8:95:ad:23:14:ac:f2:7b:87:13:b8:96:f0:51:3d:
                    67:b1:e6:fc:06:75:1b:80:b8:1b:d6:b6:92:4e:47:
                    ed:96:ac:6b:8a:71:08:5c:cb:5e:37:9a:c2:e5:dc:
                    32:a3:01:c7:77:7d:66:02:21:2e:18:2d:e0:a0:fa:
                    a1:4c:c6:22:6a:ec:12:f4:e2:22:2c:93:9c:51:3c:
                    f4:8d:5f:c3:7e:fc:eb:5f:4b:88:46:f9:bd:ab:7a:
                    32:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:21:1A:9F:E1:53:2C:45:0E:52:40:43:BE:81:83:E4:B5:1D:92:49
            X509v3 Authority Key Identifier:
                keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/E287E968EB7B11EEA61D4D51C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.232.0/24
                IPv6:
                  2400:9320::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:87:16:cd:66:f2:ef:38:fb:67:9c:4c:72:9e:ba:2d:44:0c:
         07:41:67:dd:d9:3e:49:0f:21:c0:df:c9:a5:26:ef:d4:c7:46:
         cf:d7:d8:46:c0:81:ff:61:a7:ea:a2:9c:65:67:63:10:ce:7a:
         0f:21:ae:08:10:94:e1:98:5f:ba:e3:a2:eb:7d:07:f8:14:f0:
         0f:8f:fb:67:66:53:c4:b8:df:d8:85:3f:0c:13:33:19:ca:5c:
         23:d0:24:96:05:4a:bf:ac:21:f0:aa:a7:66:70:8c:26:00:f0:
         e2:a9:85:6e:87:ff:13:a5:2c:c8:61:e8:4d:3f:33:a7:52:64:
         7b:c1:f9:4e:38:de:02:c3:a3:8b:07:56:ba:79:b1:8d:49:9f:
         8f:79:9e:b5:9f:5c:3b:58:9c:d6:d3:68:c7:b5:ad:3e:9a:5c:
         82:bd:b5:c7:41:a3:a4:d5:c7:67:cc:f8:df:9e:a2:b0:dd:a1:
         bb:a3:bb:c3:8f:87:05:30:69:02:bb:b0:e9:56:1c:b6:5d:94:
         14:2e:b1:95:79:c5:84:9b:45:0b:dc:b0:6f:fb:a4:3c:e5:f2:
         9f:ee:3f:d0:20:f4:85:0a:8e:2e:2e:90:81:e0:49:91:35:25:
         02:c6:8b:41:39:1e:18:08:e9:82:86:3b:41:c7:ae:bf:38:40:
         80:9f:63:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1
RDA2QTQ0QjAeFw0yNDAzMjYxNDE5NDFaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDJkOTdkLTgzMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCj3pzA0Oww/1vxe497D+KAefZjWJ7Y2cPbvPJ3iV9Vi3klLu4C0zg8GGW4QCK2
zu+hL22dV92GN4eK70x0zoxdnzter0giaNVj2U8k56c8SZeE4AGAPa52DiB7HgjN
2LBEOgV0UzcjM/lCXhu4vxjVyTtuJIu6WygiOV0JDTb4evpx7Tui/m8wgX97dEAQ
eNFmE9x31jMjGgLUIb6+HDPOs+gXrciVrSMUrPJ7hxO4lvBRPWex5vwGdRuAuBvW
tpJOR+2WrGuKcQhcy143msLl3DKjAcd3fWYCIS4YLeCg+qFMxiJq7BL04iIsk5xR
PPSNX8N+/OtfS4hG+b2rejIBAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUdSEan+FT
LEUOUkBDvoGD5LUdkkkwHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2
QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi9FMjg3RTk2OEVC
N0IxMUVFQTYxRDRENTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGe+6DAPBAIAAjAJAwcAJACTIAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAChxbNZvLvOPtnnExynrotRAwHQWfd2T5JDyHA38mlJu/Ux0bP19hGwIH/
YafqopxlZ2MQznoPIa4IEJThmF+646LrfQf4FPAPj/tnZlPEuN/YhT8MEzMZylwj
0CSWBUq/rCHwqqdmcIwmAPDiqYVuh/8TpSzIYehNPzOnUmR7wflOON4Cw6OLB1a6
ebGNSZ+PeZ61n1w7WJzW02jHta0+mlyCvbXHQaOk1cdnzPjfnqKw3aG7o7vDj4cF
MGkCu7DpVhy2XZQULrGVecWEm0UL3LBv+6Q85fKf7j/QIPSFCo4uLpCB4EmRNSUC
xotBOR4YCOmChjtBx66/OECAn2M7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org