Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/00B718B8012111EFBF4B6D77C4F9AE02.roa
File:                     00B718B8012111EFBF4B6D77C4F9AE02.roa (raw, json)
Hash identifier:          3a+Q95hzx2BYcCV0o3SzVn824l9WKdGJx1H9g+0vbGg=
Subject key identifier:   A7:D7:05:E2:A6:1D:89:8A:73:32:46:B0:28:A6:2A:91:1A:07:F6:33
Certificate issuer:       /CN=A91CAE04/serialNumber=B362437AB67D290C5CDFEF2F62B77EDD8A9FFA44
Certificate serial:       6C
Authority key identifier: B3:62:43:7A:B6:7D:29:0C:5C:DF:EF:2F:62:B7:7E:DD:8A:9F:FA:44
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/00B718B8012111EFBF4B6D77C4F9AE02.roa
Signing time:             Tue 23 Apr 2024 03:24:33 +0000
ROA not before:           Tue 23 Apr 2024 03:24:33 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     151350
IP address blocks:        103.209.74.0/23 maxlen: 24
                          2401:2a0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 14:25:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108 (0x6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CAE04/serialNumber=B362437AB67D290C5CDFEF2F62B77EDD8A9FFA44
        Validity
            Not Before: Apr 23 03:24:33 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=662729f1-be45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7d:fe:60:02:13:df:a5:f8:b4:b5:28:d8:3f:
                    86:39:32:be:da:ea:23:c2:9b:1f:02:1f:31:bc:8f:
                    7a:0f:43:02:ec:44:cb:18:5e:e3:ad:5a:4e:e7:da:
                    2f:14:25:15:ca:9f:25:58:7f:48:e4:0a:69:a8:a3:
                    ab:68:7e:59:9c:d3:58:9d:54:51:23:13:7e:32:e0:
                    e9:f3:1d:6e:83:02:b8:7b:a7:df:4c:4e:b8:70:01:
                    e2:ce:c4:bf:61:c7:6d:da:5a:ba:18:db:27:08:26:
                    6b:bc:bf:e5:79:30:bd:93:b5:08:f3:2a:ed:e7:10:
                    ae:6a:6d:51:2e:cb:74:18:07:df:a4:d3:31:1c:f9:
                    84:d6:2d:4b:1b:70:db:94:77:8b:81:08:c9:95:4b:
                    48:bb:ce:a1:e3:b3:a0:3b:c1:60:64:92:fb:d6:bc:
                    90:dc:00:6e:b1:40:d7:a5:a0:6e:c6:a7:3d:26:c5:
                    4b:5a:50:00:bf:26:70:d3:23:79:a4:75:c8:99:6e:
                    12:d6:a5:92:7c:84:ea:c8:30:fc:f9:0f:46:42:e9:
                    70:30:e2:3a:f7:11:9b:a9:77:53:ff:2b:17:5d:cc:
                    fc:5d:11:77:c5:13:c3:0a:7c:87:14:ba:d6:80:df:
                    b8:0a:f4:93:81:15:f4:4c:8d:c7:8a:80:17:e2:ef:
                    10:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D7:05:E2:A6:1D:89:8A:73:32:46:B0:28:A6:2A:91:1A:07:F6:33
            X509v3 Authority Key Identifier:
                keyid:B3:62:43:7A:B6:7D:29:0C:5C:DF:EF:2F:62:B7:7E:DD:8A:9F:FA:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/00B718B8012111EFBF4B6D77C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.209.74.0/23
                IPv6:
                  2401:2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a7:47:7f:33:e3:36:82:71:40:9a:80:e0:33:fb:ab:61:8c:8c:
         1c:de:92:fd:b4:64:9e:fa:f9:e2:47:b5:83:f5:52:fb:9e:cc:
         38:22:de:39:00:50:bd:9f:60:89:95:10:68:4d:12:e9:33:06:
         03:2a:40:89:83:21:64:f2:14:6a:48:ea:c4:a8:7c:d8:56:77:
         8f:69:ca:16:f9:f6:f5:d1:e4:e0:ac:77:6a:69:8e:47:5d:fe:
         57:1a:b4:2b:45:99:aa:32:bb:92:bb:9b:f9:4b:74:1d:5f:a5:
         a4:ee:29:f2:a9:b0:ce:29:12:3b:76:ff:81:12:c1:1e:ae:f3:
         40:17:c7:a6:2c:4a:65:ae:b1:8a:e9:b7:6b:e0:aa:7e:b0:99:
         06:da:d0:91:9f:87:6d:ab:69:cb:73:c3:14:f3:cb:ea:d5:67:
         9f:25:c4:92:26:f1:d7:48:9d:0e:c7:bd:1d:00:8a:a9:49:91:
         cc:77:e6:6c:60:47:0e:d0:17:6b:4e:9e:c2:ec:73:41:96:2e:
         33:a5:a1:9d:23:b5:6d:04:b9:73:c6:b0:4e:06:f1:6d:95:ad:
         70:54:34:ff:d7:61:61:8b:a8:79:69:55:63:ca:9b:0c:d9:7d:
         c9:ff:4b:0c:4a:b5:39:02:fd:e7:3c:c0:6f:52:f9:4d:61:8b:
         b5:1f:52:c5
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBbDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QUUwNDExMC8GA1UEBRMoQjM2MjQzN0FCNjdEMjkwQzVDREZFRjJGNjJCNzdFREQ4
QTlGRkE0NDAeFw0yNDA0MjMwMzI0MzNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MjcyOWYxLWJlNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/ff5gAhPfpfi0tSjYP4Y5Mr7a6iPCmx8CHzG8j3oPQwLsRMsYXuOtWk7n2i8U
JRXKnyVYf0jkCmmoo6toflmc01idVFEjE34y4OnzHW6DArh7p99MTrhwAeLOxL9h
x23aWroY2ycIJmu8v+V5ML2TtQjzKu3nEK5qbVEuy3QYB9+k0zEc+YTWLUsbcNuU
d4uBCMmVS0i7zqHjs6A7wWBkkvvWvJDcAG6xQNeloG7Gpz0mxUtaUAC/JnDTI3mk
dciZbhLWpZJ8hOrIMPz5D0ZC6XAw4jr3EZupd1P/KxddzPxdEXfFE8MKfIcUutaA
37gK9JOBFfRMjceKgBfi7xCHAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUp9cF4qYd
iYpzMkawKKYqkRoH9jMwHwYDVR0jBBgwFoAUs2JDerZ9KQxc3+8vYrd+3Yqf+kQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNBRTA0LzlEOEY3NzJBNUY5
NjExRUU4MzYzOEYzRUM0RjlBRTAyL3MySkRlclo5S1F4YzMtOHZZcmQtM1lxZi1r
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvczJKRGVyWjlLUXhjMy04dllyZC0zWXFmLWtRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QUUwNC85RDhGNzcyQTVGOTYxMUVFODM2MzhGM0VDNEY5QUUwMi8wMEI3MThCODAx
MjExMUVGQkY0QjZENzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfRSjANBAIAAjAHAwUAJAECoDANBgkqhkiG9w0BAQsFAAOC
AQEAp0d/M+M2gnFAmoDgM/urYYyMHN6S/bRknvr54ke1g/VS+57MOCLeOQBQvZ9g
iZUQaE0S6TMGAypAiYMhZPIUakjqxKh82FZ3j2nKFvn29dHk4Kx3ammOR13+Vxq0
K0WZqjK7krub+Ut0HV+lpO4p8qmwzikSO3b/gRLBHq7zQBfHpixKZa6xium3a+Cq
frCZBtrQkZ+Hbatpy3PDFPPL6tVnnyXEkibx10idDse9HQCKqUmRzHfmbGBHDtAX
a06ewuxzQZYuM6WhnSO1bQS5c8awTgbxbZWtcFQ0/9dhYYuoeWlVY8qbDNl9yf9L
DEq1OQL95zzAb1L5TWGLtR9SxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org