Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/11C8288CF0FE11EE8FF7747EC4F9AE02.roa
File:                     11C8288CF0FE11EE8FF7747EC4F9AE02.roa (raw, json)
Hash identifier:          Y/a9QecpOAh8N49Z4TojJIVmZNKrDNvLGmoT85lbS8s=
Subject key identifier:   80:DC:97:B1:95:60:A4:DC:5D:1B:47:95:E7:E7:C8:36:5B:89:1B:21
Certificate issuer:       /CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1
Certificate serial:       293D
Authority key identifier: E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/11C8288CF0FE11EE8FF7747EC4F9AE02.roa
Signing time:             Tue 02 Apr 2024 14:34:11 +0000
ROA not before:           Tue 02 Apr 2024 14:34:11 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     58601
IP address blocks:        43.245.192.0/22 maxlen: 22
                          43.245.192.0/24 maxlen: 24
                          43.245.195.0/24 maxlen: 24
                          103.9.112.0/22 maxlen: 22
                          103.9.112.0/24 maxlen: 24
                          103.9.113.0/24 maxlen: 24
                          103.9.114.0/24 maxlen: 24
                          103.9.115.0/24 maxlen: 24
                          2403:e100::/32 maxlen: 32
                          2403:e100:1000::/48 maxlen: 48
                          2403:e100:1000:4::/64 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 15:32:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10557 (0x293d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1
        Validity
            Not Before: Apr  2 14:34:11 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=660c1762-b7d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:57:c4:1b:46:6a:0c:d8:39:8e:dd:4e:aa:c3:
                    eb:a8:00:c9:07:9f:8d:04:8a:12:bb:32:3f:2a:32:
                    7d:46:62:14:52:fa:73:a4:9c:58:76:0e:e7:a7:21:
                    8b:6c:16:0e:5b:92:2f:e4:a7:5e:c7:92:13:94:e4:
                    c0:52:6e:be:43:82:05:bf:0d:0c:8e:97:fe:ec:c2:
                    89:22:ca:02:a1:a5:de:86:99:5e:3c:c9:0c:42:d4:
                    40:d7:d5:66:88:75:df:53:6d:c1:20:5f:5d:df:71:
                    9f:98:b1:a8:94:ee:9a:16:4e:a2:db:45:23:1b:1c:
                    5c:dc:00:a9:6e:04:b4:5e:61:74:75:5c:2a:9f:8b:
                    8e:9a:ac:5e:4f:5c:08:6c:03:b2:eb:8f:c6:ab:bf:
                    d0:d8:72:6c:74:bd:b2:a7:be:97:31:a5:01:3c:5f:
                    70:86:7c:99:8d:02:b8:b9:d0:f9:94:ab:a5:f2:04:
                    64:2d:bd:f1:30:7f:04:7f:7a:ed:12:86:4f:fc:15:
                    ca:25:14:bb:05:ac:3f:36:af:ab:21:48:5e:c0:25:
                    c1:6c:08:02:ac:a8:86:1a:27:17:ee:0a:07:77:90:
                    4c:89:f9:33:8f:67:34:fc:ba:d4:1a:92:e6:95:58:
                    00:fe:74:56:7b:49:c9:f2:37:53:ab:d3:e5:e3:c2:
                    04:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:DC:97:B1:95:60:A4:DC:5D:1B:47:95:E7:E7:C8:36:5B:89:1B:21
            X509v3 Authority Key Identifier:
                keyid:E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/11C8288CF0FE11EE8FF7747EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.245.192.0/22
                  103.9.112.0/22
                IPv6:
                  2403:e100::/32

    Signature Algorithm: sha256WithRSAEncryption
         a1:8e:14:5b:c1:1b:44:14:b7:d0:51:86:01:d8:8e:b9:38:44:
         b3:2c:55:88:6a:aa:e4:c2:23:f6:73:f1:0a:d5:64:e0:66:a1:
         67:f8:12:88:c2:b6:4b:dc:e2:54:02:14:f9:d7:91:6a:61:6d:
         11:d3:81:98:c2:8f:4f:fd:1b:ca:a5:b8:ab:9e:b4:9d:ef:0e:
         0b:aa:f1:dd:24:47:d2:8d:ff:00:eb:f8:d7:ba:fd:cd:8d:a6:
         47:35:bd:4a:b7:9a:90:83:44:cd:f0:44:06:27:01:f3:b9:f2:
         5d:ac:a8:81:c4:2a:cf:66:4e:cd:4f:b4:34:b1:3b:5c:86:e6:
         88:db:8b:6a:94:d0:cc:d9:d9:f3:be:aa:32:0a:4f:7f:d4:df:
         e1:4d:b5:26:c8:21:e6:54:3d:f4:1e:bd:36:15:e2:fa:bf:e3:
         ed:5c:9f:01:8c:16:5d:6b:e6:fb:ac:fc:b8:62:de:ed:0f:ca:
         af:65:84:06:dc:aa:3e:19:7d:8f:ce:cc:f3:e0:db:39:a4:fe:
         ad:f5:71:bb:1f:62:3f:11:88:db:ad:ba:b5:60:a8:8f:90:b4:
         ef:a8:d1:b7:ae:09:de:15:2d:6f:96:17:19:7f:69:9b:9f:8a:
         2d:3d:7c:64:08:f6:5b:81:ae:e5:69:b4:b1:76:33:6d:81:4d:
         a5:49:ce:5a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICKT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAxQzcxMTAvBgNVBAUTKEU4REY4RDVFNEM4NERBODdENzI5QTczQzFDNEU4NjEx
MzgxQUIyQzEwHhcNMjQwNDAyMTQzNDExWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjMTc2Mi1iN2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxFfEG0ZqDNg5jt1OqsPrqADJB5+NBIoSuzI/KjJ9RmIUUvpzpJxYdg7npyGL
bBYOW5Iv5Kdex5ITlOTAUm6+Q4IFvw0Mjpf+7MKJIsoCoaXehplePMkMQtRA19Vm
iHXfU23BIF9d33GfmLGolO6aFk6i20UjGxxc3ACpbgS0XmF0dVwqn4uOmqxeT1wI
bAOy64/Gq7/Q2HJsdL2yp76XMaUBPF9whnyZjQK4udD5lKul8gRkLb3xMH8Ef3rt
EoZP/BXKJRS7Baw/Nq+rIUhewCXBbAgCrKiGGicX7goHd5BMifkzj2c0/LrUGpLm
lVgA/nRWe0nJ8jdTq9Pl48IEswIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIDcl7GV
YKTcXRtHlefnyDZbiRshMB8GA1UdIwQYMBaAFOjfjV5MhNqH1ymnPBxOhhE4GrLB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFDNy85N0NGMjBGQTMz
MjMxMUU0QTZFNzQ5MTFDNEY5QUUwMi82Ti1OWGt5RTJvZlhLYWM4SEU2R0VUZ2Fz
c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZOLU5Ya3lFMm9mWEthYzhIRTZHRVRnYXNzRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAxQzcvOTdDRjIwRkEzMzIzMTFFNEE2RTc0OTExQzRGOUFFMDIvMTFDODI4OENG
MEZFMTFFRThGRjc3NDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr9cADBAJnCXAwDQQCAAIwBwMFACQD4QAwDQYJKoZIhvcN
AQELBQADggEBAKGOFFvBG0QUt9BRhgHYjrk4RLMsVYhqquTCI/Zz8QrVZOBmoWf4
EojCtkvc4lQCFPnXkWphbRHTgZjCj0/9G8qluKuetJ3vDguq8d0kR9KN/wDr+Ne6
/c2Npkc1vUq3mpCDRM3wRAYnAfO58l2sqIHEKs9mTs1PtDSxO1yG5ojbi2qU0MzZ
2fO+qjIKT3/U3+FNtSbIIeZUPfQevTYV4vq/4+1cnwGMFl1r5vus/Lhi3u0Pyq9l
hAbcqj4ZfY/OzPPg2zmk/q31cbsfYj8RiNuturVgqI+QtO+o0beuCd4VLW+WFxl/
aZufii09fGQI9luBruVptLF2M22BTaVJzlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org