Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/E99BBB345A7D11ED870D4726C4F9AE02.roa
File:                     E99BBB345A7D11ED870D4726C4F9AE02.roa (raw, json)
Hash identifier:          1XwKSY+eq+Y1++qgKdmdm33pEAhM2jfrsMnSz0IF6PM=
Subject key identifier:   E2:A9:E1:40:E7:F4:65:37:C8:D0:5B:2F:B4:F8:F5:6A:AF:B2:F0:61
Certificate issuer:       /CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
Certificate serial:       017A
Authority key identifier: 59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/E99BBB345A7D11ED870D4726C4F9AE02.roa
Signing time:             Tue 01 Aug 2023 03:43:36 +0000
ROA not before:           Tue 01 Aug 2023 03:43:36 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     9304
IP address blocks:        103.189.140.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 25 Jun 2024 11:04:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 378 (0x17a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
        Validity
            Not Before: Aug  1 03:43:36 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64c87f67-ece4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:32:c1:e3:e6:90:e0:0d:9a:24:3b:09:03:9a:
                    52:34:25:57:64:21:82:77:30:89:38:14:2f:34:fe:
                    8e:c3:42:ee:cc:9d:12:bb:a4:40:c3:01:c7:0b:cd:
                    d3:3d:06:39:c0:4e:2c:e4:92:9d:df:5d:c8:11:01:
                    e0:16:12:aa:89:76:73:14:ad:99:ef:69:98:fe:54:
                    6f:72:9d:b7:9e:f3:5e:b2:b4:eb:8a:58:8b:f9:db:
                    e2:ae:b3:5d:19:bf:a1:0c:16:a9:c0:a6:83:3b:dc:
                    2a:f1:54:e4:c3:7c:8f:60:c1:58:17:75:b6:bc:ab:
                    ed:58:83:4d:60:a3:f4:e2:32:48:8c:7b:40:14:8b:
                    7c:e8:12:5d:b5:8b:22:d4:03:4f:dd:21:20:68:08:
                    3b:16:c6:a6:f7:cc:d6:41:de:09:ef:86:9e:5d:70:
                    4b:88:c3:f6:ce:f1:9f:af:22:e9:9d:61:cd:c8:fc:
                    65:d5:17:cf:74:4a:eb:5d:fe:ea:31:82:53:d3:6a:
                    e8:fb:69:d1:61:0c:ff:a8:6a:6b:cc:b0:ae:d4:f2:
                    c3:60:2f:ba:59:94:95:99:b5:96:07:39:2b:ff:74:
                    da:0d:06:fc:7d:d8:1d:ed:8c:90:9e:08:e7:82:2f:
                    8e:66:cf:a1:a8:d4:3e:7b:46:a8:08:9e:36:02:45:
                    a1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A9:E1:40:E7:F4:65:37:C8:D0:5B:2F:B4:F8:F5:6A:AF:B2:F0:61
            X509v3 Authority Key Identifier:
                keyid:59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/WRGN11PwUw7cK4w74mO-2wzOvA4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/E99BBB345A7D11ED870D4726C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:f6:ec:4d:1a:50:e2:92:40:53:1e:c3:46:b3:33:e5:ac:3f:
         91:59:aa:73:58:0c:be:1d:d1:ea:95:94:9b:54:ff:32:6d:2a:
         1b:42:d8:3a:ea:9e:d4:02:30:08:4e:1f:95:af:19:f1:9c:0c:
         4e:c3:67:a4:a2:69:2b:bd:c7:a1:1d:6d:14:d5:f7:62:a4:98:
         18:b6:3f:6d:29:79:8c:e0:eb:24:90:30:2e:d6:ac:a5:f4:43:
         73:2c:77:fe:2b:4b:48:10:5e:48:b1:cd:22:d5:9b:78:b6:08:
         b8:f7:40:04:1e:61:07:5b:51:7b:2f:26:f9:d2:7d:e6:d0:5c:
         99:a1:de:65:f2:3a:bb:72:44:5c:33:23:2e:e0:17:6a:bb:a6:
         73:bd:91:f1:3f:ff:6e:10:77:19:f0:c2:12:ca:af:1c:66:7b:
         25:d0:ef:9d:48:e6:4f:bf:07:e6:8b:9e:67:76:50:bf:e5:dc:
         a9:5c:70:9f:aa:53:98:7d:81:95:c8:26:bb:b1:8d:ea:ba:44:
         34:14:59:48:f3:a0:d6:e9:f7:b1:99:78:69:18:fc:e3:af:00:
         10:11:e4:8f:0b:18:b0:1a:f4:1b:4d:ab:bf:97:17:76:a9:9c:
         0f:26:5e:cf:5a:d1:61:c0:04:ea:13:e3:eb:83:11:7d:b2:89:
         44:53:ef:23
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjEyRkIxMTAvBgNVBAUTKDU5MTE4REQ3NTNGMDUzMEVEQzJCOEMzQkUyNjNCRURC
MENDRUJDMEUwHhcNMjMwODAxMDM0MzM2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4N2Y2Ny1lY2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3jLB4+aQ4A2aJDsJA5pSNCVXZCGCdzCJOBQvNP6Ow0LuzJ0Su6RAwwHHC83T
PQY5wE4s5JKd313IEQHgFhKqiXZzFK2Z72mY/lRvcp23nvNesrTriliL+dvirrNd
Gb+hDBapwKaDO9wq8VTkw3yPYMFYF3W2vKvtWINNYKP04jJIjHtAFIt86BJdtYsi
1ANP3SEgaAg7Fsam98zWQd4J74aeXXBLiMP2zvGfryLpnWHNyPxl1RfPdErrXf7q
MYJT02ro+2nRYQz/qGprzLCu1PLDYC+6WZSVmbWWBzkr/3TaDQb8fdgd7YyQngjn
gi+OZs+hqNQ+e0aoCJ42AkWhywIDAQABo4IClTCCApEwHQYDVR0OBBYEFOKp4UDn
9GU3yNBbL7T49WqvsvBhMB8GA1UdIwQYMBaAFFkRjddT8FMO3CuMO+JjvtsMzrwO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTJGQi9FMEQ2NDUxNEVE
MUQxMUVDQjVGRjJCMjRDNEY5QUUwMi9XUkdOMTFQd1V3N2NLNHc3NG1PLTJ3ek92
QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dSR04xMVB3VXc3Y0s0dzc0bU8tMnd6T3ZBNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjEyRkIvRTBENjQ1MTRFRDFEMTFFQ0I1RkYyQjI0QzRGOUFFMDIvRTk5QkJCMzQ1
QTdEMTFFRDg3MEQ0NzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvYwwDQYJKoZIhvcNAQELBQADggEBAEn27E0aUOKSQFMe
w0azM+WsP5FZqnNYDL4d0eqVlJtU/zJtKhtC2DrqntQCMAhOH5WvGfGcDE7DZ6Si
aSu9x6EdbRTV92KkmBi2P20peYzg6ySQMC7WrKX0Q3Msd/4rS0gQXkixzSLVm3i2
CLj3QAQeYQdbUXsvJvnSfebQXJmh3mXyOrtyRFwzIy7gF2q7pnO9kfE//24Qdxnw
whLKrxxmeyXQ751I5k+/B+aLnmd2UL/l3KlccJ+qU5h9gZXIJruxjeq6RDQUWUjz
oNbp97GZeGkY/OOvABAR5I8LGLAa9BtNq7+XF3apnA8mXs9a0WHABOoT4+uDEX2y
iURT7yM=
-----END CERTIFICATE-----
Generated at Tue Jun 25 16:30:41 2024 by rpki-client on console-ams.rpki-client.org