Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/D80917805F9611EE8E7ED641C4F9AE02.roa
File:                     D80917805F9611EE8E7ED641C4F9AE02.roa (raw, json)
Hash identifier:          cYMEulXW7KzZ4iKSfCwrLTDJOW+8DTuNItu45qDkWQs=
Subject key identifier:   47:C6:9C:C1:1A:1D:58:A6:60:4C:78:37:C7:71:D4:C7:55:D4:BF:07
Certificate issuer:       /CN=A91CAE04/serialNumber=B362437AB67D290C5CDFEF2F62B77EDD8A9FFA44
Certificate serial:       02
Authority key identifier: B3:62:43:7A:B6:7D:29:0C:5C:DF:EF:2F:62:B7:7E:DD:8A:9F:FA:44
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/D80917805F9611EE8E7ED641C4F9AE02.roa
Signing time:             Sat 30 Sep 2023 13:39:57 +0000
ROA not before:           Sat 30 Sep 2023 13:39:57 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     151350
IP address blocks:        103.209.74.0/23 maxlen: 23
                          2401:2a0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 23 Apr 2024 03:24:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CAE04/serialNumber=B362437AB67D290C5CDFEF2F62B77EDD8A9FFA44
        Validity
            Not Before: Sep 30 13:39:57 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6518252d-bb72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:ff:9e:bb:fd:b2:4f:b4:de:31:7c:9b:ef:
                    a3:68:52:ce:b3:cf:48:c1:4b:cc:d2:d6:65:df:3c:
                    3b:5c:44:6f:83:e0:90:8e:60:07:6c:51:a5:b0:1f:
                    8f:3d:9e:20:5c:5e:69:04:b4:81:10:d3:02:03:bf:
                    72:ed:dc:9e:c7:5d:f6:5e:a0:e2:4d:7f:31:a2:e6:
                    98:cf:95:45:72:1d:3a:e3:f7:1f:09:38:3c:c7:e3:
                    e8:67:71:32:4e:fe:b8:60:d9:27:26:b4:1b:5c:22:
                    56:98:7e:7d:d8:b4:ef:0e:00:87:46:b4:12:e2:ea:
                    bd:1d:ed:8e:ed:39:bf:ac:bb:7d:7c:58:a9:9c:15:
                    f6:31:35:92:1c:39:41:7d:fe:de:37:cc:f8:60:40:
                    d2:a9:6d:44:6a:c9:96:71:35:b9:5b:0f:59:fb:61:
                    fd:c7:06:98:09:63:cf:25:c2:28:3e:b3:23:d7:14:
                    b2:c8:ed:9a:8e:b0:90:66:14:50:81:b9:3b:c9:e0:
                    c6:51:fe:ae:ac:b7:20:36:38:c0:cd:8f:7c:e6:95:
                    3d:8c:61:1c:df:ae:e1:25:9f:fd:56:7c:11:ee:59:
                    96:5c:42:55:c6:6f:4e:93:db:58:03:14:03:3e:5f:
                    8b:8a:42:c5:fe:50:ac:aa:47:e4:a6:8e:4f:2d:9a:
                    70:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:C6:9C:C1:1A:1D:58:A6:60:4C:78:37:C7:71:D4:C7:55:D4:BF:07
            X509v3 Authority Key Identifier:
                keyid:B3:62:43:7A:B6:7D:29:0C:5C:DF:EF:2F:62:B7:7E:DD:8A:9F:FA:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2JDerZ9KQxc3-8vYrd-3Yqf-kQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAE04/9D8F772A5F9611EE83638F3EC4F9AE02/D80917805F9611EE8E7ED641C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.209.74.0/23
                IPv6:
                  2401:2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:12:79:28:49:2e:34:81:fa:c3:33:3e:4b:56:09:6d:3b:ce:
         7d:03:6a:c0:44:4c:5b:30:b9:22:31:52:9f:b9:88:72:6d:a4:
         b9:f0:27:c1:74:9f:9a:68:ef:bf:ff:bb:c3:94:52:aa:b8:2f:
         e1:1e:82:61:cf:e1:69:d9:30:d4:5a:23:86:c3:9f:19:a1:cb:
         0e:be:54:72:3b:f9:0c:9e:44:9f:8d:07:d4:a9:17:ef:60:d3:
         ac:ed:cf:0c:3a:d4:36:1d:bb:6b:3d:7a:5b:bb:a7:25:00:26:
         a0:0d:70:6b:77:ae:d5:41:0c:db:30:22:d0:5d:a1:5f:95:72:
         27:3f:4b:25:94:70:ae:de:12:ca:20:df:31:47:22:5c:9b:1a:
         09:38:89:51:42:0c:3f:d3:9f:80:4d:5f:13:e3:36:0d:10:79:
         90:af:b3:d4:52:6c:c1:64:7f:61:b9:35:38:d9:02:a9:5d:27:
         a8:65:48:43:53:d2:8b:a2:bd:59:a8:82:0f:f3:38:54:ad:46:
         a8:89:ad:e9:72:fb:c8:e7:0b:15:b3:df:e8:39:d4:de:63:b3:
         e2:91:1c:12:be:a2:51:49:d0:d3:05:f3:80:4c:f1:b8:df:d1:
         ee:29:37:31:1e:f5:c8:ff:24:71:d3:09:2b:10:61:72:8d:ac:
         f6:d4:a9:93
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QUUwNDExMC8GA1UEBRMoQjM2MjQzN0FCNjdEMjkwQzVDREZFRjJGNjJCNzdFREQ4
QTlGRkE0NDAeFw0yMzA5MzAxMzM5NTdaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTgyNTJkLWJiNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1KP+eu/2yT7TeMXyb76NoUs6zz0jBS8zS1mXfPDtcRG+D4JCOYAdsUaWwH489
niBcXmkEtIEQ0wIDv3Lt3J7HXfZeoOJNfzGi5pjPlUVyHTrj9x8JODzH4+hncTJO
/rhg2ScmtBtcIlaYfn3YtO8OAIdGtBLi6r0d7Y7tOb+su318WKmcFfYxNZIcOUF9
/t43zPhgQNKpbURqyZZxNblbD1n7Yf3HBpgJY88lwig+syPXFLLI7ZqOsJBmFFCB
uTvJ4MZR/q6styA2OMDNj3zmlT2MYRzfruEln/1WfBHuWZZcQlXGb06T21gDFAM+
X4uKQsX+UKyqR+Smjk8tmnCBAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUR8acwRod
WKZgTHg3x3HUx1XUvwcwHwYDVR0jBBgwFoAUs2JDerZ9KQxc3+8vYrd+3Yqf+kQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNBRTA0LzlEOEY3NzJBNUY5
NjExRUU4MzYzOEYzRUM0RjlBRTAyL3MySkRlclo5S1F4YzMtOHZZcmQtM1lxZi1r
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvczJKRGVyWjlLUXhjMy04dllyZC0zWXFmLWtRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QUUwNC85RDhGNzcyQTVGOTYxMUVFODM2MzhGM0VDNEY5QUUwMi9EODA5MTc4MDVG
OTYxMUVFOEU3RUQ2NDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWfRSjANBAIAAjAHAwUAJAECoDANBgkqhkiG9w0BAQsFAAOC
AQEAFhJ5KEkuNIH6wzM+S1YJbTvOfQNqwERMWzC5IjFSn7mIcm2kufAnwXSfmmjv
v/+7w5RSqrgv4R6CYc/hadkw1FojhsOfGaHLDr5Ucjv5DJ5En40H1KkX72DTrO3P
DDrUNh27az16W7unJQAmoA1wa3eu1UEM2zAi0F2hX5VyJz9LJZRwrt4SyiDfMUci
XJsaCTiJUUIMP9OfgE1fE+M2DRB5kK+z1FJswWR/Ybk1ONkCqV0nqGVIQ1PSi6K9
WaiCD/M4VK1GqImt6XL7yOcLFbPf6DnU3mOz4pEcEr6iUUnQ0wXzgEzxuN/R7ik3
MR71yP8kcdMJKxBhco2s9tSpkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org