Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/B951FF28D9E511ED8F6F1111C4F9AE02.roa
File:                     B951FF28D9E511ED8F6F1111C4F9AE02.roa (raw, json)
Hash identifier:          1qRluaJbnG2KdJv4DVMyWnzgLAP2EqFJrB9N9zK6bVE=
Subject key identifier:   40:35:31:90:FF:6B:9C:34:5B:33:F5:CC:48:07:3B:32:34:20:5E:5B
Certificate issuer:       /CN=A91B43EE/serialNumber=02BA63B5862E2709B90D16B7DC2EB5CFC8A2E684
Certificate serial:       0F
Authority key identifier: 02:BA:63:B5:86:2E:27:09:B9:0D:16:B7:DC:2E:B5:CF:C8:A2:E6:84
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ArpjtYYuJwm5DRa33C61z8ii5oQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/B951FF28D9E511ED8F6F1111C4F9AE02.roa
Signing time:             Thu 13 Apr 2023 10:27:00 +0000
ROA not before:           Thu 13 Apr 2023 10:27:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139009
IP address blocks:        103.224.55.0/24 maxlen: 24
                          103.244.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jul 2023 19:53:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B43EE/serialNumber=02BA63B5862E2709B90D16B7DC2EB5CFC8A2E684
        Validity
            Not Before: Apr 13 10:27:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6437d8f4-4ce1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:86:84:5f:fa:87:78:3f:a1:0a:85:8d:9a:7c:
                    bb:53:2a:e8:b1:09:7a:f1:ca:da:91:5a:31:73:35:
                    df:ba:e1:a4:38:1f:9d:ea:af:1e:d1:1c:83:aa:7f:
                    5c:e5:a9:66:7b:a5:1f:f6:8f:14:4d:eb:11:fe:33:
                    d0:38:84:0e:69:a2:28:83:e1:dc:35:47:9f:07:b4:
                    7f:c2:68:46:b6:fd:f6:9f:94:d8:99:8c:d0:6b:9b:
                    08:05:45:88:d8:ea:cb:59:39:11:24:a4:b0:7d:7e:
                    7d:5a:eb:5a:86:69:6c:50:98:93:4e:58:d0:19:2b:
                    80:25:62:b4:74:f2:09:67:e8:73:1e:46:89:a1:ce:
                    42:c1:03:69:97:5d:6c:03:51:26:d5:0f:e7:12:62:
                    59:23:61:7d:cc:3b:20:83:52:4a:9d:25:d8:df:3b:
                    e1:93:81:54:ed:1f:b0:c6:cb:a6:c6:b7:8b:bf:8e:
                    96:45:da:e7:93:fe:78:de:64:8f:4c:da:e1:cd:9d:
                    ec:99:b0:a9:20:d2:e4:7e:92:98:b9:af:f2:56:63:
                    50:42:3e:8d:d1:8d:34:ec:1a:d4:52:8c:8a:2d:67:
                    fc:33:4b:ba:98:5e:b6:19:fa:ee:7e:76:71:31:6c:
                    9d:42:6f:5e:a6:38:fe:fc:c5:b6:d0:78:78:41:8e:
                    59:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:35:31:90:FF:6B:9C:34:5B:33:F5:CC:48:07:3B:32:34:20:5E:5B
            X509v3 Authority Key Identifier:
                keyid:02:BA:63:B5:86:2E:27:09:B9:0D:16:B7:DC:2E:B5:CF:C8:A2:E6:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/ArpjtYYuJwm5DRa33C61z8ii5oQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ArpjtYYuJwm5DRa33C61z8ii5oQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/B951FF28D9E511ED8F6F1111C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.224.55.0/24
                  103.244.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:6d:c1:a2:a8:3d:59:52:97:1e:a9:77:68:64:0d:12:6a:f3:
         59:38:fe:e8:d6:ba:ef:5d:1b:0a:16:db:a7:84:b3:04:fd:a1:
         3a:ab:04:97:e5:8e:94:4a:40:b2:0f:e4:b5:d5:9f:8b:3f:0d:
         bd:62:18:d4:77:6e:8b:43:41:9e:eb:e6:91:67:a6:0b:88:f2:
         db:77:22:9e:be:45:b5:c9:63:2a:98:ac:e2:2f:01:e7:93:18:
         09:f0:76:35:98:d7:31:18:29:16:ba:07:da:e4:16:eb:f9:07:
         ad:c6:2c:12:e0:57:da:6e:69:e2:2b:94:4d:e5:ed:2d:10:e6:
         c4:33:8a:44:a9:b6:23:06:5a:40:d5:96:c5:66:7a:13:60:f7:
         89:2c:7f:cc:4e:f4:6b:16:cb:5b:b3:f3:04:2c:c9:fd:0e:9b:
         a4:cc:d7:71:5a:d8:0d:0c:af:a6:a6:e1:c3:3e:a6:a6:2b:3b:
         0e:0d:79:60:97:8f:a5:7a:b9:ba:6d:a8:56:96:d1:a8:73:47:
         c5:03:12:fe:e8:8c:11:46:df:93:37:39:4e:eb:e5:ab:a0:3b:
         85:64:c1:04:dc:d9:62:cb:a7:d4:fc:d5:3e:0f:d6:72:2a:e4:
         17:54:33:86:48:7c:60:b4:9a:52:57:f1:32:78:39:9c:30:ea:
         15:fd:f2:3c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NDNFRTExMC8GA1UEBRMoMDJCQTYzQjU4NjJFMjcwOUI5MEQxNkI3REMyRUI1Q0ZD
OEEyRTY4NDAeFw0yMzA0MTMxMDI3MDBaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MzdkOGY0LTRjZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIhoRf+od4P6EKhY2afLtTKuixCXrxytqRWjFzNd+64aQ4H53qrx7RHIOqf1zl
qWZ7pR/2jxRN6xH+M9A4hA5poiiD4dw1R58HtH/CaEa2/faflNiZjNBrmwgFRYjY
6stZOREkpLB9fn1a61qGaWxQmJNOWNAZK4AlYrR08gln6HMeRomhzkLBA2mXXWwD
USbVD+cSYlkjYX3MOyCDUkqdJdjfO+GTgVTtH7DGy6bGt4u/jpZF2ueT/njeZI9M
2uHNneyZsKkg0uR+kpi5r/JWY1BCPo3RjTTsGtRSjIotZ/wzS7qYXrYZ+u5+dnEx
bJ1Cb16mOP78xbbQeHhBjlkhAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUQDUxkP9r
nDRbM/XMSAc7MjQgXlswHwYDVR0jBBgwFoAUArpjtYYuJwm5DRa33C61z8ii5oQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0M0VFLzRBOEFEQUMwQ0Q0
NjExRURCNDVDQ0Q2NkM0RjlBRTAyL0FycGp0WVl1SndtNURSYTMzQzYxejhpaTVv
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQXJwanRZWXVKd201RFJhMzNDNjF6OGlpNW9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NDNFRS80QThBREFDMENENDYxMUVEQjQ1Q0NENjZDNEY5QUUwMi9COTUxRkYyOEQ5
RTUxMUVEOEY2RjExMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGfgNwMEAGf0MTANBgkqhkiG9w0BAQsFAAOCAQEAVG3Boqg9
WVKXHql3aGQNEmrzWTj+6Na6710bChbbp4SzBP2hOqsEl+WOlEpAsg/ktdWfiz8N
vWIY1Hdui0NBnuvmkWemC4jy23cinr5FtcljKpis4i8B55MYCfB2NZjXMRgpFroH
2uQW6/kHrcYsEuBX2m5p4iuUTeXtLRDmxDOKRKm2IwZaQNWWxWZ6E2D3iSx/zE70
axbLW7PzBCzJ/Q6bpMzXcVrYDQyvpqbhwz6mpis7Dg15YJePpXq5um2oVpbRqHNH
xQMS/uiMEUbfkzc5Tuvlq6A7hWTBBNzZYsun1PzVPg/WcirkF1Qzhkh8YLSaUlfx
Mng5nDDqFf3yPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org