Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/2054DF0A907311ECA7CBD81CC4F9AE02.roa
File:                     2054DF0A907311ECA7CBD81CC4F9AE02.roa (raw, json)
Hash identifier:          j8aVkzAujDn4bakzLMscb8SK44ukhEnDbRzvfIksCsU=
Subject key identifier:   41:E4:11:15:47:AC:64:A4:BB:2E:7F:45:82:34:A5:74:5E:A2:58:BA
Certificate issuer:       /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial:       0A77
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/2054DF0A907311ECA7CBD81CC4F9AE02.roa
Signing time:             Sat 02 Mar 2024 20:28:46 +0000
ROA not before:           Sat 02 Mar 2024 20:28:46 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     17408
IP address blocks:        43.230.52.0/24 maxlen: 24
                          43.230.53.0/24 maxlen: 24
                          43.230.54.0/24 maxlen: 24
                          43.230.55.0/24 maxlen: 24
                          43.231.189.0/24 maxlen: 24
                          43.231.191.0/24 maxlen: 24
                          43.246.129.0/24 maxlen: 24
                          43.246.131.0/24 maxlen: 24
                          43.246.197.0/24 maxlen: 24
                          43.246.199.0/24 maxlen: 24
                          43.251.185.0/24 maxlen: 24
                          43.251.187.0/24 maxlen: 24
                          45.115.33.0/24 maxlen: 24
                          45.115.35.0/24 maxlen: 24
                          45.124.60.0/24 maxlen: 24
                          45.124.61.0/24 maxlen: 24
                          45.124.62.0/24 maxlen: 24
                          45.124.63.0/24 maxlen: 24
                          103.7.116.0/22 maxlen: 22
                          103.8.87.0/24 maxlen: 24
                          103.12.53.0/24 maxlen: 24
                          103.12.55.0/24 maxlen: 24
                          103.13.17.0/24 maxlen: 24
                          103.13.19.0/24 maxlen: 24
                          103.15.33.0/24 maxlen: 24
                          103.15.34.0/24 maxlen: 24
                          103.15.35.0/24 maxlen: 24
                          103.15.76.0/24 maxlen: 24
                          103.15.77.0/24 maxlen: 24
                          103.15.78.0/24 maxlen: 24
                          103.21.105.0/24 maxlen: 24
                          103.21.107.0/24 maxlen: 24
                          103.24.160.0/24 maxlen: 24
                          103.244.208.0/22 maxlen: 22
                          103.248.148.0/24 maxlen: 24
                          103.248.149.0/24 maxlen: 24
                          103.248.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 May 2024 00:53:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2679 (0xa77)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
        Validity
            Not Before: Mar  2 20:28:46 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=65e38bfd-14b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d8:f8:b6:10:34:5b:bf:16:f0:3e:6b:fb:21:
                    b6:2c:7a:e8:f4:55:23:81:dc:59:0b:d1:f6:9c:3e:
                    b5:2a:a5:42:ed:b5:3f:47:0f:cb:37:86:dd:d0:f9:
                    85:7b:ef:07:ec:ba:d3:f3:75:e0:59:be:aa:d6:3b:
                    5d:9f:65:35:ca:d5:19:65:7e:70:11:3b:b4:36:16:
                    2f:31:b8:5c:5a:14:a0:9e:16:65:b3:14:d5:4c:cf:
                    e5:38:e1:7b:02:54:4d:d9:ab:e0:6c:dd:ca:8f:2c:
                    7c:7b:75:85:a2:bd:89:1a:32:87:6c:58:fd:46:12:
                    9f:9a:a9:fc:5e:06:ea:be:6d:e0:93:3b:32:d9:e1:
                    05:4f:42:e5:a8:d3:c7:92:95:47:f2:73:46:6d:8f:
                    96:1b:dd:e6:69:e6:ea:4c:55:56:2f:f9:02:68:82:
                    81:a8:26:82:a3:d7:d7:07:a1:15:f0:c1:36:27:a2:
                    5b:cb:bb:2a:ca:42:af:3f:a7:df:d3:ec:8c:40:01:
                    f7:8b:ce:81:d9:f8:09:28:15:10:9d:65:12:9c:ab:
                    b8:33:3e:44:62:7d:84:bd:4a:ff:6b:40:fb:7a:9d:
                    e6:9b:35:75:27:70:b8:82:30:25:10:e7:5f:0e:ff:
                    19:a2:66:95:82:f1:87:00:8d:57:1c:07:a0:fc:f9:
                    92:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E4:11:15:47:AC:64:A4:BB:2E:7F:45:82:34:A5:74:5E:A2:58:BA
            X509v3 Authority Key Identifier:
                keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/2054DF0A907311ECA7CBD81CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.52.0/22
                  43.231.189.0/24
                  43.231.191.0/24
                  43.246.129.0/24
                  43.246.131.0/24
                  43.246.197.0/24
                  43.246.199.0/24
                  43.251.185.0/24
                  43.251.187.0/24
                  45.115.33.0/24
                  45.115.35.0/24
                  45.124.60.0/22
                  103.7.116.0/22
                  103.8.87.0/24
                  103.12.53.0/24
                  103.12.55.0/24
                  103.13.17.0/24
                  103.13.19.0/24
                  103.15.33.0-103.15.35.255
                  103.15.76.0-103.15.78.255
                  103.21.105.0/24
                  103.21.107.0/24
                  103.24.160.0/24
                  103.244.208.0/22
                  103.248.148.0/23
                  103.248.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:4d:61:44:d8:88:be:8a:e2:52:03:22:48:ac:3e:98:89:cf:
         f4:fe:4d:0a:6c:0e:28:8b:29:0f:80:65:67:ed:f6:aa:df:0b:
         98:86:13:7f:a3:a2:73:3f:fa:24:5b:3b:99:d0:f4:b1:45:49:
         52:fb:c4:0e:6e:20:b2:ed:a2:c7:5b:4d:25:c6:5a:c3:e2:b2:
         d0:75:0b:06:62:5b:88:25:37:5e:93:bf:27:fc:c8:b8:6d:9d:
         c3:bd:97:33:73:8e:83:5f:9f:6d:8c:d0:74:3b:b6:2a:2b:c7:
         2a:fe:d4:98:f5:a8:9b:1c:6a:fa:ce:c9:e1:50:7d:42:38:9b:
         88:7c:08:89:4f:19:07:55:9c:5b:a3:24:06:01:fa:68:cc:88:
         13:65:2f:85:b9:9a:d4:49:85:3f:e5:3d:06:57:16:a4:ad:4e:
         27:db:ca:69:d2:72:d2:4d:2d:da:6f:a3:de:b0:9a:37:1d:76:
         4a:7e:ec:c6:5a:87:a1:fe:a7:39:c7:fb:cc:a7:df:e6:21:ec:
         a4:75:e4:57:e7:3a:1c:31:4f:f3:6a:b5:56:e8:e2:8f:0d:a2:
         49:f4:ee:0a:1a:30:95:20:9c:a5:c1:b6:4d:97:37:93:72:a1:
         3e:65:fb:4d:0e:7c:79:2d:35:ec:a8:73:9f:d1:0d:fd:18:17:
         9f:23:bb:cf
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgICCncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjQwMzAyMjAyODQ2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzOGJmZC0xNGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs9j4thA0W78W8D5r+yG2LHro9FUjgdxZC9H2nD61KqVC7bU/Rw/LN4bd0PmF
e+8H7LrT83XgWb6q1jtdn2U1ytUZZX5wETu0NhYvMbhcWhSgnhZlsxTVTM/lOOF7
AlRN2avgbN3Kjyx8e3WFor2JGjKHbFj9RhKfmqn8Xgbqvm3gkzsy2eEFT0LlqNPH
kpVH8nNGbY+WG93maebqTFVWL/kCaIKBqCaCo9fXB6EV8ME2J6Jby7sqykKvP6ff
0+yMQAH3i86B2fgJKBUQnWUSnKu4Mz5EYn2EvUr/a0D7ep3mmzV1J3C4gjAlEOdf
Dv8ZomaVgvGHAI1XHAeg/PmSswIDAQABo4IDQDCCAzwwHQYDVR0OBBYEFEHkERVH
rGSkuy5/RYI0pXReoli6MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvMjA1NERGMEE5
MDczMTFFQ0E3Q0JEODFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgckGCCsGAQUFBwEHAQH/
BIG5MIG2MIGzBAIAATCBrAMEAivmNAMEACvnvQMEACvnvwMEACv2gQMEACv2gwME
ACv2xQMEACv2xwMEACv7uQMEACv7uwMEAC1zIQMEAC1zIwMEAi18PAMEAmcHdAME
AGcIVwMEAGcMNQMEAGcMNwMEAGcNEQMEAGcNEzAMAwQAZw8hAwQCZw8gMAwDBAJn
D0wDBABnD04DBABnFWkDBABnFWsDBABnGKADBAJn9NADBAFn+JQDBABn+JcwDQYJ
KoZIhvcNAQELBQADggEBALxNYUTYiL6K4lIDIkisPpiJz/T+TQpsDiiLKQ+AZWft
9qrfC5iGE3+jonM/+iRbO5nQ9LFFSVL7xA5uILLtosdbTSXGWsPistB1CwZiW4gl
N16Tvyf8yLhtncO9lzNzjoNfn22M0HQ7tiorxyr+1Jj1qJscavrOyeFQfUI4m4h8
CIlPGQdVnFujJAYB+mjMiBNlL4W5mtRJhT/lPQZXFqStTifbymnSctJNLdpvo96w
mjcddkp+7MZah6H+pznH+8yn3+Yh7KR15FfnOhwxT/NqtVbo4o8Nokn07goaMJUg
nKXBtk2XN5NyoT5l+00OfHktNeyoc5/RDf0YF58ju88=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org