Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8AF8C10A960D11ED942B5D62C4F9AE02.roa
File:                     8AF8C10A960D11ED942B5D62C4F9AE02.roa (raw, json)
Hash identifier:          MUIbSC4kKSVrWxUi46U2EY5tgswSA8i+k+kgsP1p2OI=
Subject key identifier:   0A:30:A5:F7:D1:EA:17:21:E6:49:85:85:94:59:2A:F0:17:7E:0A:33
Certificate issuer:       /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial:       3356
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8AF8C10A960D11ED942B5D62C4F9AE02.roa
Signing time:             Mon 26 Jun 2023 15:10:57 +0000
ROA not before:           Mon 26 Jun 2023 15:10:57 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     60725
IP address blocks:        103.112.36.0/22 maxlen: 22
                          180.189.160.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 07:35:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13142 (0x3356)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
        Validity
            Not Before: Jun 26 15:10:57 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6499aa81-77b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f4:f8:3e:9d:46:0a:69:8b:c2:1a:f9:ca:de:
                    99:ff:9f:f5:e9:d8:60:9f:61:33:e6:03:2d:25:72:
                    71:18:cb:97:c1:1b:6b:c7:9d:c6:a7:48:9f:ed:03:
                    1c:82:7c:48:93:aa:c6:bf:84:40:99:e4:53:1c:07:
                    71:67:d3:49:0c:87:99:bf:68:b8:d9:07:ca:ea:ba:
                    29:73:ec:58:6c:44:65:64:cf:76:ff:da:c8:c4:9a:
                    4d:a0:ab:04:ea:88:0f:0e:5a:74:be:e8:f6:37:3d:
                    56:96:8e:85:b1:59:9d:14:b1:16:f4:fa:cb:16:9c:
                    90:f4:84:ed:7c:b1:32:4d:6f:5a:d2:e0:e2:dd:da:
                    ac:bb:fd:6b:a3:c8:a4:54:03:40:79:08:e4:0f:de:
                    1b:68:fb:32:6f:b1:92:03:f0:e5:0b:f7:dd:c0:e1:
                    98:35:0e:70:98:bb:f4:b3:22:a4:1e:20:ef:41:7d:
                    18:8a:83:b9:74:eb:de:8e:47:b5:43:97:d0:ba:37:
                    13:7f:a6:1f:c0:66:26:af:a2:dc:dc:2b:9b:c1:8c:
                    c2:86:1e:d0:e6:21:9d:4e:ed:04:24:70:89:38:2a:
                    eb:55:df:6b:d6:81:e3:5f:0f:31:d2:95:12:72:a4:
                    dd:9e:f7:10:80:2f:98:0e:1e:36:e6:80:2b:a9:26:
                    75:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:30:A5:F7:D1:EA:17:21:E6:49:85:85:94:59:2A:F0:17:7E:0A:33
            X509v3 Authority Key Identifier:
                keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/8AF8C10A960D11ED942B5D62C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.36.0/22
                  180.189.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2b:6b:db:30:d8:48:f9:57:be:14:b4:af:8e:56:df:a2:a2:66:
         75:39:5f:db:66:55:b4:18:bd:e7:9f:e5:f8:cd:d0:7f:a6:e0:
         6b:d3:a3:d5:d3:db:e7:ff:0d:c3:a0:ef:98:7e:cb:27:bb:fa:
         a5:53:08:6d:15:b5:e9:7f:1a:f2:bc:94:9e:9a:e7:17:1d:50:
         76:64:10:cd:3e:7d:d8:fe:ff:d1:36:c0:32:fd:3e:86:68:d2:
         6f:af:e8:6b:12:11:7f:5d:fe:73:1c:1d:95:49:a0:39:82:7a:
         a2:c0:f9:08:de:0f:fc:42:4d:72:12:90:d1:ce:6a:29:74:8a:
         64:52:eb:77:ca:82:d9:8b:0d:6f:5f:b1:af:97:3d:2f:f6:9a:
         36:b0:c2:22:8f:6b:de:b2:2b:8f:e7:69:57:e9:63:16:ed:28:
         07:35:a2:bc:f8:2e:c1:a4:56:a5:70:72:81:12:31:18:5a:10:
         e6:f9:8b:6d:0c:58:14:d1:25:ef:3e:a0:47:a9:c4:ce:2f:0d:
         65:01:58:8b:e4:72:9f:f7:74:94:0c:de:e7:56:52:71:6a:9d:
         af:df:f5:26:ad:9f:34:fe:8c:c3:99:34:58:50:0f:c5:89:7b:
         4b:b3:d0:f3:a2:8c:bf:0b:da:59:02:52:3d:9b:b8:c2:73:00:
         fa:7e:1b:d3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICM1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjMwNjI2MTUxMDU3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk5YWE4MS03N2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfT4Pp1GCmmLwhr5yt6Z/5/16dhgn2Ez5gMtJXJxGMuXwRtrx53Gp0if7QMc
gnxIk6rGv4RAmeRTHAdxZ9NJDIeZv2i42QfK6ropc+xYbERlZM92/9rIxJpNoKsE
6ogPDlp0vuj2Nz1Wlo6FsVmdFLEW9PrLFpyQ9ITtfLEyTW9a0uDi3dqsu/1ro8ik
VANAeQjkD94baPsyb7GSA/DlC/fdwOGYNQ5wmLv0syKkHiDvQX0YioO5dOvejke1
Q5fQujcTf6YfwGYmr6Lc3CubwYzChh7Q5iGdTu0EJHCJOCrrVd9r1oHjXw8x0pUS
cqTdnvcQgC+YDh425oArqSZ1UQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAowpffR
6hch5kmFhZRZKvAXfgozMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvOEFGOEMxMEE5
NjBEMTFFRDk0MkI1RDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJncCQDBAS0vaAwDQYJKoZIhvcNAQELBQADggEBACtr2zDY
SPlXvhS0r45W36KiZnU5X9tmVbQYveef5fjN0H+m4GvTo9XT2+f/DcOg75h+yye7
+qVTCG0Vtel/GvK8lJ6a5xcdUHZkEM0+fdj+/9E2wDL9PoZo0m+v6GsSEX9d/nMc
HZVJoDmCeqLA+QjeD/xCTXISkNHOail0imRS63fKgtmLDW9fsa+XPS/2mjawwiKP
a96yK4/naVfpYxbtKAc1orz4LsGkVqVwcoESMRhaEOb5i20MWBTRJe8+oEepxM4v
DWUBWIvkcp/3dJQM3udWUnFqna/f9SatnzT+jMOZNFhQD8WJe0uz0POijL8L2lkC
Uj2buMJzAPp+G9M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org