Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/D1523062C98611ED8D5AE04CC4F9AE02.roa
File:                     D1523062C98611ED8D5AE04CC4F9AE02.roa (raw, json)
Hash identifier:          y4xUP4E8pz1Pb/GNDyTt4BDi1gT19yd6x7fyl0UVd8E=
Subject key identifier:   25:52:3D:5B:0D:54:A9:97:31:A0:F2:8C:1F:DA:A5:CC:C5:2D:5A:23
Certificate issuer:       /CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Certificate serial:       0AA6
Authority key identifier: A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/D1523062C98611ED8D5AE04CC4F9AE02.roa
Signing time:             Tue 02 May 2023 20:57:35 +0000
ROA not before:           Tue 02 May 2023 20:57:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138622
IP address blocks:        103.137.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 15:08:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2726 (0xaa6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
        Validity
            Not Before: May  2 20:57:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6451793e-16bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a4:ed:f4:7a:34:cf:ea:f5:52:77:50:38:87:
                    2a:b4:18:ee:69:ec:fb:4b:e4:6c:fb:aa:4d:20:eb:
                    a8:4e:bf:95:3a:39:5e:47:25:5e:62:bc:7d:90:a9:
                    3b:c2:c4:90:95:f6:e8:ad:3b:c9:05:2c:e9:19:f7:
                    4e:37:80:37:7f:83:a2:8d:a9:10:9a:8d:02:6c:47:
                    59:be:68:3e:50:e6:84:e7:e0:38:7a:15:20:e3:ff:
                    ff:af:f8:31:52:45:76:b5:09:ad:92:1d:f6:5a:f7:
                    a7:ba:a4:44:59:b0:be:2b:e7:8d:77:7e:e3:ec:89:
                    04:3c:04:a9:be:00:dd:74:0f:12:73:35:85:21:3a:
                    b0:32:2d:54:3f:26:0b:41:35:11:88:d9:ef:b4:f5:
                    e3:4c:33:43:1d:60:ee:9b:46:20:83:b0:d0:eb:f7:
                    85:e4:7d:12:c3:0e:d4:cd:0a:f6:6a:67:2f:91:3b:
                    e3:a2:49:62:66:02:59:d6:e0:8a:19:ca:70:3d:c7:
                    92:71:6f:2b:c6:43:7a:b7:63:a5:8f:04:73:85:37:
                    9a:7a:ba:11:0a:da:d6:2c:fb:ac:6a:7b:39:bf:71:
                    34:30:02:71:ee:28:6a:a1:f0:d2:ca:82:03:45:6b:
                    b3:16:33:2e:0a:fd:df:60:e3:ff:cc:5c:57:d3:79:
                    ad:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:52:3D:5B:0D:54:A9:97:31:A0:F2:8C:1F:DA:A5:CC:C5:2D:5A:23
            X509v3 Authority Key Identifier:
                keyid:A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/pslhETDFFnRVE26Fq_I2qqqTe60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/D1523062C98611ED8D5AE04CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.137.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:f8:19:9e:1a:e5:2a:c3:82:25:81:90:e1:1f:b3:43:4d:d0:
         ab:f4:bc:d5:74:3e:c7:82:7b:c8:90:fd:e5:1a:af:57:93:1e:
         fa:38:c7:89:0a:50:8b:91:cb:9b:15:b4:e2:b7:e1:9c:a5:d9:
         91:fd:f8:76:ed:d7:ab:a8:0c:30:e9:b4:f4:01:f0:10:97:74:
         cc:39:ef:e5:c1:cc:eb:24:5a:81:74:ea:82:6f:db:d1:a8:7d:
         b1:6b:42:41:aa:77:55:8c:b8:6a:dd:eb:ec:37:f4:b5:02:be:
         ec:03:38:db:f7:e1:f9:b9:5a:5a:69:d5:09:12:fa:8a:d6:70:
         9d:1c:c4:01:01:ed:03:fd:93:a1:5e:98:6a:bd:47:96:6f:8e:
         3f:4c:30:03:1b:75:95:3a:33:f9:7a:0e:0c:7a:e5:e3:1b:44:
         f5:8f:c6:52:be:0c:a1:6d:da:0a:73:7a:ce:4c:b3:40:a1:d4:
         b9:5e:90:89:a7:be:fa:da:07:e6:6f:16:f9:8e:14:07:0a:a9:
         7b:d6:3c:bc:e4:43:8a:53:be:2e:0b:56:31:71:80:50:b9:f8:
         e4:77:e3:87:64:0b:40:63:fc:4b:1f:2e:3e:ca:fc:d1:ec:70:
         21:c8:e9:21:8a:ba:8c:c9:80:fc:de:e0:85:5e:2d:7f:47:e5:
         13:57:b6:24
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNEQzgxMTAvBgNVBAUTKEE2Qzk2MTExMzBDNTE2NzQ1NTEzNkU4NUFCRjIzNkFB
QUE5MzdCQUQwHhcNMjMwNTAyMjA1NzM1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxNzkzZS0xNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6Tt9Ho0z+r1UndQOIcqtBjuaez7S+Rs+6pNIOuoTr+VOjleRyVeYrx9kKk7
wsSQlfborTvJBSzpGfdON4A3f4OijakQmo0CbEdZvmg+UOaE5+A4ehUg4///r/gx
UkV2tQmtkh32WvenuqREWbC+K+eNd37j7IkEPASpvgDddA8SczWFITqwMi1UPyYL
QTURiNnvtPXjTDNDHWDum0Ygg7DQ6/eF5H0Sww7UzQr2amcvkTvjokliZgJZ1uCK
GcpwPceScW8rxkN6t2OljwRzhTeaeroRCtrWLPusans5v3E0MAJx7ihqofDSyoID
RWuzFjMuCv3fYOP/zFxX03mtmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCVSPVsN
VKmXMaDyjB/apczFLVojMB8GA1UdIwQYMBaAFKbJYREwxRZ0VRNuhavyNqqqk3ut
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0RDOC9FNUNBRjkzRTEx
RDgxMUVBQjcxNjdDNEZDNEY5QUUwMi9wc2xoRVRERkZuUlZFMjZGcV9JMnFxcVRl
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BzbGhFVERGRm5SVkUyNkZxX0kycXFxVGU2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNEQzgvRTVDQUY5M0UxMUQ4MTFFQUI3MTY3QzRGQzRGOUFFMDIvRDE1MjMwNjJD
OTg2MTFFRDhENUFFMDRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniUIwDQYJKoZIhvcNAQELBQADggEBAC/4GZ4a5SrDgiWB
kOEfs0NN0Kv0vNV0PseCe8iQ/eUar1eTHvo4x4kKUIuRy5sVtOK34Zyl2ZH9+Hbt
16uoDDDptPQB8BCXdMw57+XBzOskWoF06oJv29GofbFrQkGqd1WMuGrd6+w39LUC
vuwDONv34fm5Wlpp1QkS+orWcJ0cxAEB7QP9k6FemGq9R5Zvjj9MMAMbdZU6M/l6
Dgx65eMbRPWPxlK+DKFt2gpzes5Ms0Ch1LlekImnvvraB+ZvFvmOFAcKqXvWPLzk
Q4pTvi4LVjFxgFC5+OR344dkC0Bj/EsfLj7K/NHscCHI6SGKuozJgPze4IVeLX9H
5RNXtiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org