Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
File:                     61EF68BA323111EFBE1C7F57C4F9AE02.roa (raw, json)
Hash identifier:          mKn6o38uuSUTVWev0nzQbEw/RxFWooVgcynEK7kJ8Pc=
Subject key identifier:   0E:C4:2F:E4:28:5F:A9:13:28:1A:8A:0E:B9:8B:2E:CA:57:70:CA:9A
Certificate issuer:       /CN=A91A2E6A/serialNumber=823100B75E5DD41A1E7C3281C35713F44BE86C98
Certificate serial:       02
Authority key identifier: 82:31:00:B7:5E:5D:D4:1A:1E:7C:32:81:C3:57:13:F4:4B:E8:6C:98
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gjEAt15d1BoefDKBw1cT9EvobJg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
Signing time:             Mon 24 Jun 2024 13:55:15 +0000
ROA not before:           Mon 24 Jun 2024 13:55:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     150806
IP address blocks:        103.109.184.0/24 maxlen: 24
                          103.109.185.0/24 maxlen: 24
                          2001:df2:1840::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 18:21:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A2E6A/serialNumber=823100B75E5DD41A1E7C3281C35713F44BE86C98
        Validity
            Not Before: Jun 24 13:55:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=66797ac3-3523
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5b:93:99:b4:98:b4:20:8a:8d:76:ff:0b:85:
                    1c:8b:d3:fb:e5:07:6d:75:60:b5:1f:6b:1d:c1:46:
                    9d:05:dd:59:c4:bb:52:f1:1d:72:7a:48:8b:f9:62:
                    8c:f3:38:c8:d6:58:02:84:51:78:9b:35:e8:26:36:
                    a5:8c:a6:2b:a8:a3:02:21:ae:13:83:6c:51:72:ca:
                    83:64:11:0a:2b:3c:e0:df:fd:00:f2:44:1a:e9:21:
                    7e:c2:8b:aa:c0:38:06:50:30:ce:2c:b9:d3:ce:29:
                    ca:aa:7a:1c:d9:6a:06:73:13:88:63:12:98:88:0d:
                    23:d3:1b:a2:0e:94:91:93:64:6f:f8:8c:02:3c:b6:
                    06:64:37:ea:32:1e:55:7c:6e:66:d5:37:fd:83:99:
                    6e:d7:46:1e:99:a9:f7:ed:18:ed:cb:47:17:68:a0:
                    cf:44:d3:5f:6b:6f:2d:2c:83:96:ae:22:15:0f:01:
                    0a:44:1c:04:81:84:25:a9:75:67:fd:9c:8c:d4:da:
                    fc:f0:c8:db:df:62:cc:ec:42:4a:f7:88:7a:01:f0:
                    c2:a0:66:d9:3e:d9:11:3a:67:cd:5c:df:ce:41:c0:
                    35:4f:0f:9e:5b:72:86:43:11:50:ff:92:55:7d:c1:
                    37:c1:85:82:0e:35:05:ce:41:23:47:4d:1b:78:da:
                    11:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C4:2F:E4:28:5F:A9:13:28:1A:8A:0E:B9:8B:2E:CA:57:70:CA:9A
            X509v3 Authority Key Identifier:
                keyid:82:31:00:B7:5E:5D:D4:1A:1E:7C:32:81:C3:57:13:F4:4B:E8:6C:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/gjEAt15d1BoefDKBw1cT9EvobJg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gjEAt15d1BoefDKBw1cT9EvobJg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2E6A/AE373D84323011EF9E532156C4F9AE02/61EF68BA323111EFBE1C7F57C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.109.184.0/23
                IPv6:
                  2001:df2:1840::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:f3:5b:b8:75:21:ea:4f:56:f6:3b:3b:c7:91:f9:98:97:86:
         99:8b:f4:20:ee:f8:b7:5d:fa:e0:01:fc:6c:37:c8:f7:8e:62:
         c3:2c:cd:28:41:f1:a8:4e:fa:66:f7:fe:b6:f7:fe:8b:1e:70:
         5a:48:3f:48:7c:79:5a:db:53:5c:2f:24:76:16:2f:b4:b3:62:
         57:e3:9e:55:58:55:2b:d9:3d:ec:e9:0e:33:3a:b0:3c:c9:4d:
         a4:ff:07:40:e0:e9:fb:5c:ec:02:d7:c7:c0:ff:ea:ce:88:f7:
         4b:6d:ea:7a:6c:ac:ac:35:a5:ff:25:16:50:b7:b9:87:79:79:
         14:ce:df:73:5c:9c:f6:39:c9:a4:2f:d7:24:3b:60:2a:0e:b8:
         07:eb:3c:67:c8:f2:26:51:7a:20:b7:b0:43:97:2b:6e:e2:97:
         fc:1e:a2:a3:dc:3a:c1:07:93:50:5d:eb:15:56:8b:6c:fe:93:
         d7:99:f7:04:b2:61:e5:6b:10:ac:54:98:b9:61:b5:2c:c5:eb:
         20:52:c0:c6:17:be:a5:a1:82:86:3e:aa:ff:12:32:92:c4:06:
         81:6f:60:e5:c5:18:d3:98:be:53:d2:fd:32:84:28:9d:1f:d1:
         fb:55:81:45:f7:ec:12:a6:80:80:6e:db:34:1d:78:c0:95:c9:
         6c:22:1b:80
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MkU2QTExMC8GA1UEBRMoODIzMTAwQjc1RTVERDQxQTFFN0MzMjgxQzM1NzEzRjQ0
QkU4NkM5ODAeFw0yNDA2MjQxMzU1MTVaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Nzk3YWMzLTM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYW5OZtJi0IIqNdv8LhRyL0/vlB211YLUfax3BRp0F3VnEu1LxHXJ6SIv5Yozz
OMjWWAKEUXibNegmNqWMpiuoowIhrhODbFFyyoNkEQorPODf/QDyRBrpIX7Ci6rA
OAZQMM4sudPOKcqqehzZagZzE4hjEpiIDSPTG6IOlJGTZG/4jAI8tgZkN+oyHlV8
bmbVN/2DmW7XRh6ZqfftGO3LRxdooM9E019rby0sg5auIhUPAQpEHASBhCWpdWf9
nIzU2vzwyNvfYszsQkr3iHoB8MKgZtk+2RE6Z81c385BwDVPD55bcoZDEVD/klV9
wTfBhYIONQXOQSNHTRt42hHNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUDsQv5Chf
qRMoGooOuYsuyldwypowHwYDVR0jBBgwFoAUgjEAt15d1BoefDKBw1cT9EvobJgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyRTZBL0FFMzczRDg0MzIz
MDExRUY5RTUzMjE1NkM0RjlBRTAyL2dqRUF0MTVkMUJvZWZES0J3MWNUOUV2b2JK
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ2pFQXQxNWQxQm9lZkRLQncxY1Q5RXZvYkpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MkU2QS9BRTM3M0Q4NDMyMzAxMUVGOUU1MzIxNTZDNEY5QUUwMi82MUVGNjhCQTMy
MzExMUVGQkUxQzdGNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdtuDAPBAIAAjAJAwcAIAEN8hhAMA0GCSqGSIb3DQEBCwUA
A4IBAQA581u4dSHqT1b2OzvHkfmYl4aZi/Qg7vi3XfrgAfxsN8j3jmLDLM0oQfGo
Tvpm9/629/6LHnBaSD9IfHla21NcLyR2Fi+0s2JX455VWFUr2T3s6Q4zOrA8yU2k
/wdA4On7XOwC18fA/+rOiPdLbep6bKysNaX/JRZQt7mHeXkUzt9zXJz2OcmkL9ck
O2AqDrgH6zxnyPImUXogt7BDlytu4pf8HqKj3DrBB5NQXesVVots/pPXmfcEsmHl
axCsVJi5YbUsxesgUsDGF76loYKGPqr/EjKSxAaBb2DlxRjTmL5T0v0yhCidH9H7
VYFF9+wSpoCAbts0HXjAlclsIhuA
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:01:20 2024 by rpki-client on console-fra.rpki-client.org