Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
File:                     8A375E2A960D11ED942B5D62C4F9AE02.roa (raw, json)
Hash identifier:          rOy5Kt1JooFCty94F5nKGVymlNhwBsSPxLr9wrgURrI=
Subject key identifier:   6A:B4:6B:01:72:8A:4B:C5:1F:4F:00:F0:43:45:87:BF:A0:C4:CF:A4
Certificate issuer:       /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial:       3355
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
Signing time:             Mon 26 Jun 2023 15:10:56 +0000
ROA not before:           Mon 26 Jun 2023 15:10:56 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     58731
IP address blocks:        103.112.36.0/22 maxlen: 22
                          180.189.160.0/20 maxlen: 20
                          180.189.164.0/22 maxlen: 22
                          180.189.169.0/24 maxlen: 24
                          2405:1f00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 00:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13141 (0x3355)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
        Validity
            Not Before: Jun 26 15:10:56 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6499aa80-77d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:6e:22:0e:ad:eb:30:ad:ca:82:1e:22:e2:a4:
                    a8:e4:07:7d:fc:e3:11:66:58:ec:62:6c:c0:a6:cf:
                    a3:1f:12:cd:61:d8:8a:2b:f4:bd:a1:b4:f8:4a:56:
                    b1:e8:97:69:f0:67:c0:8a:d0:6e:81:54:c6:89:08:
                    1f:81:20:98:4f:47:cb:0b:44:a6:49:7b:bc:29:ca:
                    50:4c:b9:96:43:2e:e7:ce:aa:b8:81:18:e5:48:4a:
                    1d:fa:f0:f5:d4:59:8e:89:f2:27:26:07:e1:c5:e6:
                    3a:7b:8f:99:2b:3a:11:0f:34:45:85:43:65:43:42:
                    9d:00:e2:36:40:57:9f:5b:4c:1e:71:81:24:3e:da:
                    fa:6f:13:92:26:74:14:4e:b8:68:9e:e7:2f:bb:dd:
                    7a:93:44:ea:f0:bf:7c:c3:e9:55:e8:6a:c5:66:ab:
                    2f:78:d9:18:89:f9:87:2b:af:0b:c0:e6:8e:cb:c1:
                    0b:2f:6c:3c:cf:e8:c8:c3:23:8c:b6:1d:a6:66:6a:
                    a9:de:7e:27:52:1b:34:78:65:e2:0d:8d:f8:fb:78:
                    f4:25:88:e4:58:3f:91:78:c3:42:6c:48:a7:d7:8c:
                    fc:85:7a:aa:8a:dc:d9:62:5e:70:f6:a7:c8:83:e9:
                    92:01:04:1d:47:2a:80:18:f1:70:01:86:ce:7f:0e:
                    35:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:B4:6B:01:72:8A:4B:C5:1F:4F:00:F0:43:45:87:BF:A0:C4:CF:A4
            X509v3 Authority Key Identifier:
                keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8A375E2A960D11ED942B5D62C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.36.0/22
                  180.189.160.0/20
                IPv6:
                  2405:1f00::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:e6:c1:2f:78:5e:52:f7:87:77:f2:91:f2:a0:77:8f:b3:85:
         f9:06:46:1c:27:0b:53:77:ca:c1:ba:cc:8f:cd:1d:47:83:0b:
         36:9a:e9:5a:83:93:86:1b:0e:ba:55:31:b3:cc:d7:8f:df:c7:
         d3:72:c5:a9:58:e6:be:71:86:3a:4c:1b:d2:a3:d6:67:2a:1b:
         e8:62:ef:24:39:ac:86:61:67:83:81:78:3b:3d:98:e8:37:4e:
         20:52:9c:c4:c1:57:b7:14:81:2b:0f:84:fd:48:a7:6b:7b:2b:
         c7:45:87:c0:9d:8d:79:cc:5a:ca:9c:33:3e:d4:4f:7b:05:ad:
         6a:43:4c:d3:45:dc:9d:d0:07:d2:d3:44:74:74:0d:bf:cf:3d:
         c4:4f:cb:0f:e4:27:12:41:fb:fa:9d:f0:82:6b:6a:2e:b4:74:
         7b:db:86:dd:36:81:3c:df:a6:71:b8:5c:4c:d4:4b:24:c9:f8:
         6c:3c:ed:40:d1:ad:e0:97:35:57:d4:b0:79:b5:1b:19:ca:2d:
         ec:ee:b3:fd:0b:98:cd:03:e0:82:bf:40:fc:7e:14:70:b2:cb:
         e6:17:5b:00:25:9d:90:91:11:da:ac:9d:ce:9a:f1:0b:ac:d6:
         72:a0:10:67:06:66:2f:aa:a3:ac:40:63:b1:0c:f5:e5:29:b4:
         0e:e3:51:be
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICM1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjMwNjI2MTUxMDU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk5YWE4MC03N2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz24iDq3rMK3Kgh4i4qSo5Ad9/OMRZljsYmzAps+jHxLNYdiKK/S9obT4Slax
6Jdp8GfAitBugVTGiQgfgSCYT0fLC0SmSXu8KcpQTLmWQy7nzqq4gRjlSEod+vD1
1FmOifInJgfhxeY6e4+ZKzoRDzRFhUNlQ0KdAOI2QFefW0wecYEkPtr6bxOSJnQU
Trhonucvu916k0Tq8L98w+lV6GrFZqsveNkYifmHK68LwOaOy8ELL2w8z+jIwyOM
th2mZmqp3n4nUhs0eGXiDY34+3j0JYjkWD+ReMNCbEin14z8hXqqitzZYl5w9qfI
g+mSAQQdRyqAGPFwAYbOfw41QQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGq0awFy
ikvFH08A8ENFh7+gxM+kMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvOEEzNzVFMkE5
NjBEMTFFRDk0MkI1RDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJncCQDBAS0vaAwDQQCAAIwBwMFACQFHwAwDQYJKoZIhvcN
AQELBQADggEBAKnmwS94XlL3h3fykfKgd4+zhfkGRhwnC1N3ysG6zI/NHUeDCzaa
6VqDk4YbDrpVMbPM14/fx9NyxalY5r5xhjpMG9Kj1mcqG+hi7yQ5rIZhZ4OBeDs9
mOg3TiBSnMTBV7cUgSsPhP1Ip2t7K8dFh8CdjXnMWsqcMz7UT3sFrWpDTNNF3J3Q
B9LTRHR0Db/PPcRPyw/kJxJB+/qd8IJrai60dHvbht02gTzfpnG4XEzUSyTJ+Gw8
7UDRreCXNVfUsHm1GxnKLezus/0LmM0D4IK/QPx+FHCyy+YXWwAlnZCREdqsnc6a
8Qus1nKgEGcGZi+qo6xAY7EM9eUptA7jUb4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org