Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa
File:                     CC410D6461AC11EEBFE3B41AC4F9AE02.roa (raw, json)
Hash identifier:          xz7+1DeBQWjckVJvQZKwNZWeGHOnO8ig32UfOfQKRhc=
Subject key identifier:   3D:37:D2:FE:07:55:18:26:80:12:82:59:11:2C:93:EE:0D:18:8C:9A
Certificate issuer:       /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60
Certificate serial:       02C6
Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa
Signing time:             Tue 07 May 2024 03:36:27 +0000
ROA not before:           Tue 07 May 2024 03:36:27 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     140599
IP address blocks:        45.115.224.0/22 maxlen: 22
                          45.115.224.0/24 maxlen: 24
                          45.115.225.0/24 maxlen: 24
                          45.115.226.0/24 maxlen: 24
                          45.115.227.0/24 maxlen: 24
                          103.56.4.0/22 maxlen: 22
                          103.150.220.0/24 maxlen: 24
                          103.150.221.0/24 maxlen: 24
                          2001:df3:8e80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 13 Aug 2024 13:09:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 710 (0x2c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60
        Validity
            Not Before: May  7 03:36:27 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6639a1bb-a47b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8e:df:1b:1c:78:6b:ab:8f:d7:8c:79:35:50:
                    72:fb:af:95:b2:71:10:f4:c4:62:d6:a7:b3:a4:06:
                    bc:2a:6c:ee:53:49:49:a0:4a:32:2c:ba:bd:00:18:
                    26:c2:f4:ea:fe:e3:5c:3d:d3:fa:fc:6a:ac:dd:9d:
                    95:4e:56:ee:93:a5:07:aa:02:7d:15:bc:00:67:02:
                    6c:80:cf:8b:5f:5a:d7:ad:28:15:47:e1:ef:9a:0c:
                    ff:9b:0a:10:f1:73:7b:3e:8b:79:b4:e4:a1:73:e3:
                    8e:75:01:88:d3:3e:45:12:2e:b7:4a:62:c2:1e:ae:
                    a1:3d:46:8f:45:28:b0:1c:7f:23:ba:58:8d:8a:bd:
                    01:b5:73:f6:43:b7:95:c3:59:26:ac:1d:77:a9:e0:
                    e5:15:61:cf:74:9d:ef:71:77:a2:71:52:0e:5b:90:
                    8c:2b:1b:e5:42:a9:ca:8b:c0:3b:40:ef:cd:f1:29:
                    f6:99:08:d0:f0:56:cc:7a:72:1f:19:62:98:5e:ad:
                    7a:7f:46:fe:54:9c:09:49:7a:60:27:cf:5d:8b:62:
                    4e:19:ce:e3:17:43:6d:4a:95:39:2b:fa:71:a4:74:
                    53:32:aa:3e:85:ca:27:8c:8a:81:97:a0:41:fc:e3:
                    0c:dd:60:3f:26:ca:8e:a5:45:42:97:4b:89:db:09:
                    fa:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:37:D2:FE:07:55:18:26:80:12:82:59:11:2C:93:EE:0D:18:8C:9A
            X509v3 Authority Key Identifier:
                keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.115.224.0/22
                  103.56.4.0/22
                  103.150.220.0/23
                IPv6:
                  2001:df3:8e80::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:2c:a6:08:92:8d:52:92:55:59:c2:a1:b1:82:94:75:ae:31:
         f6:6f:40:c3:3f:b8:1e:da:9c:2d:a6:8f:9e:f0:d4:8f:c2:58:
         0a:4f:5e:be:43:41:71:d8:76:d1:3a:5f:13:a6:11:f6:24:57:
         1d:be:31:d6:84:bb:e4:6b:b4:07:91:6f:91:4a:3a:64:62:9b:
         a5:e5:35:a6:f3:cf:7f:33:fa:ab:14:00:59:90:10:cf:00:46:
         25:88:2e:2d:7f:c9:09:a3:91:54:a8:18:0c:10:83:58:a0:39:
         1c:f6:b5:16:f5:90:39:bc:ea:04:4d:e9:74:54:f6:b0:21:e4:
         7b:ea:83:a7:05:c2:22:2e:cf:18:19:59:e7:4a:7d:07:2b:de:
         57:0f:1a:31:f0:1d:43:3f:8b:cd:86:a4:0e:ab:d2:df:68:95:
         4b:25:d7:92:5d:b5:5b:a6:a7:90:78:1d:c5:be:b2:62:61:16:
         b8:3a:bf:ad:e6:5e:a5:f7:1f:b6:87:a1:83:bc:37:78:f2:96:
         26:85:c4:b9:7e:1d:cc:62:4f:62:aa:11:44:e9:40:d1:c1:a3:
         f3:60:06:89:5c:81:aa:54:12:71:28:f5:5a:30:33:91:12:52:
         8e:5a:45:65:f2:ca:65:54:95:ce:ce:3f:e6:75:83:da:2e:be:
         84:42:c1:f5
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICAsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky
QzJBQzlGNjAwHhcNMjQwNTA3MDMzNjI3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5YTFiYi1hNDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxo7fGxx4a6uP14x5NVBy+6+VsnEQ9MRi1qezpAa8KmzuU0lJoEoyLLq9ABgm
wvTq/uNcPdP6/Gqs3Z2VTlbuk6UHqgJ9FbwAZwJsgM+LX1rXrSgVR+Hvmgz/mwoQ
8XN7Pot5tOShc+OOdQGI0z5FEi63SmLCHq6hPUaPRSiwHH8juliNir0BtXP2Q7eV
w1kmrB13qeDlFWHPdJ3vcXeicVIOW5CMKxvlQqnKi8A7QO/N8Sn2mQjQ8FbMenIf
GWKYXq16f0b+VJwJSXpgJ89di2JOGc7jF0NtSpU5K/pxpHRTMqo+hconjIqBl6BB
/OMM3WA/JsqOpUVCl0uJ2wn6vQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFD030v4H
VRgmgBKCWREsk+4NGIyaMB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0
Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA0MzIvRjVCRjY5OUNBNENBMTFFQ0FDNEU1NzQ0QzRGOUFFMDIvQ0M0MTBENjQ2
MUFDMTFFRUJGRTNCNDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAItc+ADBAJnOAQDBAFnltwwDwQCAAIwCQMHACABDfOOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAdyymCJKNUpJVWcKhsYKUda4x9m9Awz+4HtqcLaaP
nvDUj8JYCk9evkNBcdh20TpfE6YR9iRXHb4x1oS75Gu0B5FvkUo6ZGKbpeU1pvPP
fzP6qxQAWZAQzwBGJYguLX/JCaORVKgYDBCDWKA5HPa1FvWQObzqBE3pdFT2sCHk
e+qDpwXCIi7PGBlZ50p9ByveVw8aMfAdQz+LzYakDqvS32iVSyXXkl21W6ankHgd
xb6yYmEWuDq/reZepfcftoehg7w3ePKWJoXEuX4dzGJPYqoRROlA0cGj82AGiVyB
qlQScSj1WjAzkRJSjlpFZfLKZVSVzs4/5nWD2i6+hELB9Q==
-----END CERTIFICATE-----
Generated at Tue Aug 13 17:33:06 2024 by rpki-client on console-ams.rpki-client.org