Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/D60FE7CCB95F11EBB6721219C4F9AE02.roa
File:                     D60FE7CCB95F11EBB6721219C4F9AE02.roa (raw, json)
Hash identifier:          t3UW4IQPfB9T87aRJZX26lpZR8ku2SdLyI8KpyrNQwI=
Subject key identifier:   CE:A2:58:6B:95:84:88:AC:DB:13:C5:E6:70:18:76:97:DC:45:4F:1F
Certificate issuer:       /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902
Certificate serial:       0628
Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/D60FE7CCB95F11EBB6721219C4F9AE02.roa
Signing time:             Tue 16 Jan 2024 23:21:28 +0000
ROA not before:           Tue 16 Jan 2024 23:21:28 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     63969
IP address blocks:        103.106.166.0/23 maxlen: 23
                          103.106.166.0/24 maxlen: 24
                          103.106.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 10:32:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1576 (0x628)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902
        Validity
            Not Before: Jan 16 23:21:28 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65a70f78-1cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1d:2c:19:e3:13:fb:4b:cb:80:a0:04:48:d6:
                    bb:c5:80:fb:49:3c:f8:86:00:24:19:f0:30:67:be:
                    1e:47:44:64:02:bd:6c:c8:8c:79:7e:c3:c9:2f:17:
                    9c:bd:1a:fa:bc:9e:19:58:91:a3:ad:5a:98:93:20:
                    57:6a:f5:2d:c8:36:98:c2:6d:43:6a:01:db:b5:6d:
                    97:64:43:26:ee:af:fd:97:58:ab:8c:dc:ac:48:4e:
                    e9:ee:0f:38:f9:96:6c:ac:2e:8e:94:51:7e:c3:3a:
                    08:55:6d:f7:6c:33:3a:4b:24:6d:14:4e:c5:2e:e0:
                    f9:50:f5:1d:fd:cb:28:b0:2a:26:13:90:5b:07:a2:
                    64:bf:bc:42:61:58:4f:27:a4:49:bc:5a:d0:59:2b:
                    3b:91:98:bd:fd:ae:f3:4c:48:7a:3f:98:7c:c6:1f:
                    66:01:fe:5c:b2:73:9b:7b:06:58:3d:3a:fa:3e:83:
                    37:14:b5:0a:5a:06:24:aa:95:11:1f:cd:29:39:60:
                    e8:69:bc:c5:02:8c:8b:2d:72:c7:94:f5:7f:8e:3b:
                    b6:7e:25:23:7e:5f:85:f4:7e:15:6a:e3:dc:9d:21:
                    56:c4:16:46:56:04:c2:4b:d3:d2:ab:36:b8:85:7b:
                    4d:1d:a1:4b:23:24:f3:ce:2a:4b:9d:e7:60:b4:7b:
                    bb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A2:58:6B:95:84:88:AC:DB:13:C5:E6:70:18:76:97:DC:45:4F:1F
            X509v3 Authority Key Identifier:
                keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/D60FE7CCB95F11EBB6721219C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.106.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:af:1b:6e:cf:6b:83:22:e1:2c:f3:af:00:fa:55:b1:c2:71:
         b9:3a:42:f4:ff:39:37:84:ee:41:35:cb:bc:34:71:5e:87:a1:
         87:93:ac:b4:af:99:58:a4:d0:4d:13:d3:13:3e:de:ef:a7:a8:
         75:01:b5:0b:74:d4:bf:35:cb:c3:a3:df:e5:f8:e0:6d:00:81:
         e9:00:51:db:10:69:7f:00:49:c0:ea:ca:fc:2a:8a:c7:e2:3f:
         96:d4:9d:29:8b:48:b8:aa:de:f2:7f:91:0f:cf:bf:bd:cd:0e:
         a8:de:d1:f3:aa:43:08:0c:02:ce:cd:8f:df:25:95:7d:aa:96:
         59:60:96:57:25:d1:1e:ad:f3:58:47:a2:20:4d:63:55:a8:88:
         e7:ee:0d:ee:74:15:48:fe:bc:03:23:a3:72:7f:b3:ea:20:80:
         76:2c:9c:74:c1:86:4f:d5:86:3f:78:ea:66:ab:c2:b2:4d:b7:
         71:97:6d:4a:cc:31:27:e7:69:27:64:d0:aa:af:54:fe:cd:35:
         30:e5:90:2d:58:91:8e:67:db:ba:7c:b9:84:20:fc:c7:63:4c:
         29:e1:f9:e3:68:6f:0a:7f:52:7c:74:61:02:2d:19:61:d9:0f:
         88:8f:aa:42:ce:cd:73:8d:b6:4f:c7:bb:9b:45:3c:c6:80:6b:
         ec:6f:1c:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF
QjdEM0U5MDIwHhcNMjQwMTE2MjMyMTI4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE3MGY3OC0xY2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0x0sGeMT+0vLgKAESNa7xYD7STz4hgAkGfAwZ74eR0RkAr1syIx5fsPJLxec
vRr6vJ4ZWJGjrVqYkyBXavUtyDaYwm1DagHbtW2XZEMm7q/9l1irjNysSE7p7g84
+ZZsrC6OlFF+wzoIVW33bDM6SyRtFE7FLuD5UPUd/csosComE5BbB6Jkv7xCYVhP
J6RJvFrQWSs7kZi9/a7zTEh6P5h8xh9mAf5csnObewZYPTr6PoM3FLUKWgYkqpUR
H80pOWDoabzFAoyLLXLHlPV/jju2fiUjfl+F9H4VauPcnSFWxBZGVgTCS9PSqza4
hXtNHaFLIyTzzipLnedgtHu7iwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM6iWGuV
hIis2xPF5nAYdpfcRU8fMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC
QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2
UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzUwMjEvOUFGRDQ4NkMzQkJDMTFFQkE3NzZGMTYxQzRGOUFFMDIvRDYwRkU3Q0NC
OTVGMTFFQkI2NzIxMjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnaqYwDQYJKoZIhvcNAQELBQADggEBAEGvG27Pa4Mi4Szz
rwD6VbHCcbk6QvT/OTeE7kE1y7w0cV6HoYeTrLSvmVik0E0T0xM+3u+nqHUBtQt0
1L81y8Oj3+X44G0AgekAUdsQaX8AScDqyvwqisfiP5bUnSmLSLiq3vJ/kQ/Pv73N
Dqje0fOqQwgMAs7Nj98llX2qlllgllcl0R6t81hHoiBNY1WoiOfuDe50FUj+vAMj
o3J/s+oggHYsnHTBhk/Vhj946marwrJNt3GXbUrMMSfnaSdk0KqvVP7NNTDlkC1Y
kY5n27p8uYQg/MdjTCnh+eNobwp/Unx0YQItGWHZD4iPqkLOzXONtk/Hu5tFPMaA
a+xvHH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org