Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
File:                     6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa (raw, json)
Hash identifier:          RuNZx60wu7+9fpCLyduc0LsdUcXzajMyu8cG1fJ7LVs=
Subject key identifier:   43:77:2C:22:0E:E2:BA:A2:38:84:D3:37:4A:D8:B3:AD:37:32:9A:8F
Certificate issuer:       /CN=A91A93B6/serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40
Certificate serial:       C8
Authority key identifier: ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
Signing time:             Fri 05 Jan 2024 05:06:21 +0000
ROA not before:           Fri 05 Jan 2024 05:06:21 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     58955
IP address blocks:        103.52.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 12:10:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 200 (0xc8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A93B6/serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40
        Validity
            Not Before: Jan  5 05:06:21 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65978e4d-2554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:09:e8:12:76:68:a8:df:35:7b:83:0a:f1:72:
                    b2:68:a4:e2:dd:93:01:4a:db:8d:55:00:25:eb:b0:
                    ef:e2:7d:1e:16:ec:5c:8a:74:b6:70:a7:5d:4a:bf:
                    51:92:78:c5:e7:3a:24:a6:86:6a:ca:35:53:53:42:
                    06:77:38:4d:ee:61:65:3f:49:f6:98:81:de:96:e2:
                    f3:d0:6d:fd:17:bf:cf:bb:de:22:96:43:a3:fe:8a:
                    61:08:1b:a2:d0:28:cc:1a:88:1a:5b:a9:31:0a:d6:
                    a9:db:e7:0a:b2:43:7d:2a:57:f1:aa:b6:7e:fd:a1:
                    eb:61:32:03:68:69:6c:d5:6a:52:ad:be:1e:21:d3:
                    c9:20:d7:d3:61:0b:7f:95:9a:39:53:6e:61:29:7f:
                    b1:b9:7e:b9:ba:f7:ee:34:c2:fe:98:ee:fb:4f:27:
                    0f:6c:28:dc:ba:b1:6c:c0:65:c4:8d:fa:fe:96:02:
                    b4:56:c2:0f:94:de:4c:b8:2b:0e:12:1b:ba:c5:ef:
                    2d:9d:df:95:5c:92:8f:62:b7:5b:9a:77:86:f3:94:
                    a2:85:0b:88:c8:89:ca:18:ce:d0:a6:51:b7:5f:d3:
                    6d:65:ef:ea:85:35:da:c8:db:82:a0:1c:09:f2:ca:
                    40:75:83:12:60:34:b8:9f:04:84:35:1b:fe:91:80:
                    c8:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:77:2C:22:0E:E2:BA:A2:38:84:D3:37:4A:D8:B3:AD:37:32:9A:8F
            X509v3 Authority Key Identifier:
                keyid:ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/6634C6EC7C5A11EDB5D8DA67C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.52.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:c4:a1:5a:fa:1c:7f:18:b2:46:20:86:c4:d2:14:63:85:1f:
         00:45:53:da:11:c1:57:d9:8a:c9:5c:72:e1:bb:77:f2:86:23:
         2e:2b:2d:2d:7b:19:8b:2c:e5:09:cf:48:c6:5a:d1:28:68:b0:
         8c:4e:11:0e:87:3d:96:8d:a7:0f:58:21:b8:71:4d:7b:4a:6d:
         8a:40:f9:ce:a9:56:74:b4:ca:b7:fa:66:7e:96:a0:da:77:88:
         3c:ad:4d:a3:67:41:e8:66:53:68:4e:07:30:af:3f:cb:8e:de:
         e4:b5:57:e2:cb:31:74:c6:d6:14:3e:51:c8:c6:0f:41:87:bf:
         9d:81:8f:04:7b:a4:16:67:4a:f7:d9:97:8e:a6:b0:77:38:8e:
         d3:f9:bc:b3:29:fd:c5:83:94:27:23:6f:e3:39:03:5f:f4:22:
         95:90:c7:b9:2f:32:5c:96:26:a8:c5:af:10:34:f7:b3:94:eb:
         a3:09:cc:52:3a:15:47:f5:22:45:b4:6e:3e:03:30:ef:24:86:
         ba:90:c3:fd:68:0d:7a:49:21:44:8b:8a:92:30:60:ce:83:84:
         15:2e:cd:a9:52:a9:53:92:ec:c5:8b:72:43:70:c5:6a:64:df:
         0d:22:f0:a2:78:26:da:d8:de:77:ff:56:30:e8:b9:5e:d7:39:
         49:f2:f3:72
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTkzQjYxMTAvBgNVBAUTKEVERkQxNERCNkZEM0IwMkE3OTM1REFBRDQ3RkMwMjlG
M0E3MDRDNDAwHhcNMjQwMTA1MDUwNjIxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3OGU0ZC0yNTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugnoEnZoqN81e4MK8XKyaKTi3ZMBStuNVQAl67Dv4n0eFuxcinS2cKddSr9R
knjF5zokpoZqyjVTU0IGdzhN7mFlP0n2mIHeluLz0G39F7/Pu94ilkOj/ophCBui
0CjMGogaW6kxCtap2+cKskN9KlfxqrZ+/aHrYTIDaGls1WpSrb4eIdPJINfTYQt/
lZo5U25hKX+xuX65uvfuNML+mO77TycPbCjcurFswGXEjfr+lgK0VsIPlN5MuCsO
Ehu6xe8tnd+VXJKPYrdbmneG85SihQuIyInKGM7QplG3X9NtZe/qhTXayNuCoBwJ
8spAdYMSYDS4nwSENRv+kYDI/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEN3LCIO
4rqiOITTN0rYs603MpqPMB8GA1UdIwQYMBaAFO39FNtv07AqeTXarUf8Ap86cExA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTNCNi83MEJDRkNFMDdD
NTcxMUVEQTgxMDc4NjZDNEY5QUUwMi83ZjBVMjJfVHNDcDVOZHF0Ul93Q256cHdU
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdmMFUyMl9Uc0NwNU5kcXRSX3dDbnpwd1RFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTkzQjYvNzBCQ0ZDRTA3QzU3MTFFREE4MTA3ODY2QzRGOUFFMDIvNjYzNEM2RUM3
QzVBMTFFREI1RDhEQTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNGwwDQYJKoZIhvcNAQELBQADggEBAADEoVr6HH8YskYg
hsTSFGOFHwBFU9oRwVfZislccuG7d/KGIy4rLS17GYss5QnPSMZa0ShosIxOEQ6H
PZaNpw9YIbhxTXtKbYpA+c6pVnS0yrf6Zn6WoNp3iDytTaNnQehmU2hOBzCvP8uO
3uS1V+LLMXTG1hQ+UcjGD0GHv52BjwR7pBZnSvfZl46msHc4jtP5vLMp/cWDlCcj
b+M5A1/0IpWQx7kvMlyWJqjFrxA097OU66MJzFI6FUf1IkW0bj4DMO8khrqQw/1o
DXpJIUSLipIwYM6DhBUuzalSqVOS7MWLckNwxWpk3w0i8KJ4JtrY3nf/VjDouV7X
OUny83I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org