Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/AEC1FFECAEC211EE971F3657C4F9AE02.roa
File:                     AEC1FFECAEC211EE971F3657C4F9AE02.roa (raw, json)
Hash identifier:          T7PECmXhTvqA0e3Bp4CZewYTeoYtYNwVyx5ylzfMWvk=
Subject key identifier:   4B:0A:A6:F6:D6:93:B7:8F:96:F1:33:CE:EE:D1:C2:AF:30:75:12:5A
Certificate issuer:       /CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
Certificate serial:       B1
Authority key identifier: E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/AEC1FFECAEC211EE971F3657C4F9AE02.roa
Signing time:             Tue 16 Apr 2024 06:19:13 +0000
ROA not before:           Tue 16 Apr 2024 06:19:13 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     134475
IP address blocks:        103.58.41.0/24 maxlen: 24
                          103.237.112.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 Apr 2024 05:59:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177 (0xb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B59E5/serialNumber=E47BF70254532697D20D0D3110F625370D65FA83
        Validity
            Not Before: Apr 16 06:19:13 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=661e1861-f491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:90:e5:92:67:39:ad:c2:a2:2b:60:fa:e2:d7:
                    2e:8e:cd:29:af:33:13:58:b6:97:b9:b9:d8:e2:5b:
                    42:28:3e:f9:1b:47:28:ba:81:7d:f6:bc:89:79:5c:
                    1d:03:76:a5:35:d7:1a:c5:dc:4d:27:d9:66:fb:e8:
                    1d:8c:da:f1:75:85:e4:b8:ed:e5:67:65:36:00:7f:
                    44:ec:0c:6a:7b:6f:53:cf:b3:fe:c4:82:f3:40:96:
                    54:bc:7a:84:19:a0:d1:04:74:f5:e1:fa:3f:36:f9:
                    e3:20:9f:42:bc:a1:6f:c3:f0:92:fa:c5:f5:21:eb:
                    32:af:1b:42:c1:6c:c3:dd:02:a3:59:ed:ba:f7:4a:
                    6a:28:99:5e:13:96:03:64:18:53:83:aa:b0:38:57:
                    31:5d:bf:da:dd:17:61:1c:60:6c:48:1b:35:3b:a6:
                    8e:30:0e:2e:49:5c:42:d0:09:dd:36:1e:d7:60:1f:
                    33:ab:dd:a2:64:9c:99:d7:4b:48:02:54:fa:b0:8f:
                    da:23:a3:3d:d4:34:a7:b0:0d:d3:a5:fb:02:6e:b5:
                    25:1b:4c:6d:8a:94:a0:02:29:aa:54:1c:76:c6:0f:
                    ef:1c:85:30:db:a1:53:82:1e:d4:a0:c2:81:29:24:
                    1e:ac:9b:d1:f0:b6:49:83:33:42:18:41:bc:09:06:
                    7e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0A:A6:F6:D6:93:B7:8F:96:F1:33:CE:EE:D1:C2:AF:30:75:12:5A
            X509v3 Authority Key Identifier:
                keyid:E4:7B:F7:02:54:53:26:97:D2:0D:0D:31:10:F6:25:37:0D:65:FA:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Hv3AlRTJpfSDQ0xEPYlNw1l-oM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B59E5/DD9F1F7C3C0111EE91CBE157C4F9AE02/AEC1FFECAEC211EE971F3657C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.58.41.0/24
                  103.237.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:d6:46:cd:09:f0:c5:ee:6b:a8:5b:40:0b:5d:4f:77:57:be:
         4f:a9:63:30:7f:b7:94:85:bc:cb:61:28:20:e7:5d:10:78:3a:
         4e:fe:dc:1d:19:3a:71:f2:43:8a:34:4a:9e:1b:e9:2b:ab:65:
         f2:df:6d:92:0f:5e:68:9b:4f:11:3f:e8:84:70:56:55:43:57:
         0b:62:44:20:9c:f5:9a:f7:69:0a:41:8e:63:e6:62:69:c4:a7:
         1b:5e:65:24:80:76:e5:28:80:e4:11:f2:84:a1:0c:e0:3b:00:
         9a:09:59:f0:56:b5:8b:c9:c9:ec:96:28:62:69:bb:13:c0:1f:
         56:51:99:06:36:14:eb:76:fa:c7:6b:74:29:f1:de:f6:1f:09:
         5a:ba:d3:bc:a0:bb:3e:1c:40:36:ac:d5:69:93:2e:e8:be:65:
         1e:74:6d:a6:c7:7c:0a:03:81:26:33:f1:f6:dc:3c:de:f2:a8:
         60:3f:b5:ed:63:3f:6c:c3:ed:ee:d2:d0:81:e1:c4:d8:99:13:
         16:41:4b:7c:d0:54:f5:95:0c:1f:46:d2:d3:c8:ec:ee:ec:57:
         a9:d0:cf:a8:9b:29:f7:56:92:4a:94:0f:cc:55:02:bb:a1:e9:
         c6:ff:9d:56:13:13:d4:3d:36:e5:1c:63:48:60:c7:8d:24:e1:
         f5:ec:46:89
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICALEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU5RTUxMTAvBgNVBAUTKEU0N0JGNzAyNTQ1MzI2OTdEMjBEMEQzMTEwRjYyNTM3
MEQ2NUZBODMwHhcNMjQwNDE2MDYxOTEzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFlMTg2MS1mNDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAupDlkmc5rcKiK2D64tcujs0przMTWLaXubnY4ltCKD75G0couoF99ryJeVwd
A3alNdcaxdxNJ9lm++gdjNrxdYXkuO3lZ2U2AH9E7Axqe29Tz7P+xILzQJZUvHqE
GaDRBHT14fo/NvnjIJ9CvKFvw/CS+sX1IesyrxtCwWzD3QKjWe2690pqKJleE5YD
ZBhTg6qwOFcxXb/a3RdhHGBsSBs1O6aOMA4uSVxC0AndNh7XYB8zq92iZJyZ10tI
AlT6sI/aI6M91DSnsA3TpfsCbrUlG0xtipSgAimqVBx2xg/vHIUw26FTgh7UoMKB
KSQerJvR8LZJgzNCGEG8CQZ+XQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEsKpvbW
k7ePlvEzzu7Rwq8wdRJaMB8GA1UdIwQYMBaAFOR79wJUUyaX0g0NMRD2JTcNZfqD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTlFNS9ERDlGMUY3QzND
MDExMUVFOTFDQkUxNTdDNEY5QUUwMi81SHYzQWxSVEpwZlNEUTB4RVBZbE53MWwt
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVIdjNBbFJUSnBmU0RRMHhFUFlsTncxbC1vTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU5RTUvREQ5RjFGN0MzQzAxMTFFRTkxQ0JFMTU3QzRGOUFFMDIvQUVDMUZGRUNB
RUMyMTFFRTk3MUYzNjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnOikDBABn7XAwDQYJKoZIhvcNAQELBQADggEBAJHWRs0J
8MXua6hbQAtdT3dXvk+pYzB/t5SFvMthKCDnXRB4Ok7+3B0ZOnHyQ4o0Sp4b6Sur
ZfLfbZIPXmibTxE/6IRwVlVDVwtiRCCc9Zr3aQpBjmPmYmnEpxteZSSAduUogOQR
8oShDOA7AJoJWfBWtYvJyeyWKGJpuxPAH1ZRmQY2FOt2+sdrdCnx3vYfCVq607yg
uz4cQDas1WmTLui+ZR50babHfAoDgSYz8fbcPN7yqGA/te1jP2zD7e7S0IHhxNiZ
ExZBS3zQVPWVDB9G0tPI7O7sV6nQz6ibKfdWkkqUD8xVAruh6cb/nVYTE9Q9NuUc
Y0hgx40k4fXsRok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org