Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/F8A432C0DDCF11ED855EAF77C4F9AE02.roa
File:                     F8A432C0DDCF11ED855EAF77C4F9AE02.roa (raw, json)
Hash identifier:          bTicRRpxUPWV/m0pY+3veW9VX+01HxjTcbB3sLo5+7c=
Subject key identifier:   4F:58:47:A5:95:AC:8A:90:64:7C:3D:4C:DC:56:B4:12:B1:BA:61:7F
Certificate issuer:       /CN=A91CD98D/serialNumber=BFE461375DC223D4F7B27055E2B34745FE6101D4
Certificate serial:       061C
Authority key identifier: BF:E4:61:37:5D:C2:23:D4:F7:B2:70:55:E2:B3:47:45:FE:61:01:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v-RhN13CI9T3snBV4rNHRf5hAdQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/F8A432C0DDCF11ED855EAF77C4F9AE02.roa
Signing time:             Tue 12 Mar 2024 23:22:16 +0000
ROA not before:           Tue 12 Mar 2024 23:22:16 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     141696
IP address blocks:        103.161.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 May 2024 10:23:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1564 (0x61c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD98D/serialNumber=BFE461375DC223D4F7B27055E2B34745FE6101D4
        Validity
            Not Before: Mar 12 23:22:16 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65f0e3a8-c0b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:32:93:e3:a0:ff:91:f2:16:f7:28:fb:57:b6:
                    ef:da:22:e1:19:92:5e:ae:fe:02:b5:45:99:85:48:
                    c5:05:66:fd:63:1b:dc:89:ce:a4:d1:5b:33:4a:47:
                    58:3f:f7:f1:7e:ba:c6:fc:1b:fd:24:5f:3a:c5:b7:
                    9d:88:a4:ce:e0:b6:00:7e:33:27:fe:90:90:ab:c1:
                    e1:c6:e9:04:ec:97:c3:37:b2:5b:c3:de:4d:f5:10:
                    ad:34:bf:b5:08:2a:90:1a:72:fd:80:b9:d4:11:6d:
                    37:db:63:05:0b:ca:8b:4b:7f:63:97:74:e4:10:77:
                    a1:44:b0:55:05:85:a8:86:de:22:8b:1a:8c:b4:39:
                    3f:15:7b:53:6d:b6:6f:39:25:bb:59:ab:f4:34:60:
                    2c:0e:e4:f7:5a:b0:f8:ff:40:e0:c1:12:d6:f7:27:
                    44:88:a4:21:c9:e8:1c:2b:41:5d:09:0c:84:c5:c0:
                    a6:37:a1:bf:ee:69:84:e3:33:ff:11:1e:25:33:97:
                    fd:02:35:2b:a6:99:7d:25:86:6d:41:b4:2c:52:e4:
                    d6:a3:6f:9f:aa:96:7a:4d:64:2f:58:4f:4c:f6:cd:
                    47:44:a9:05:3b:70:11:61:e5:e7:05:91:40:59:03:
                    36:f3:de:fc:b0:ec:90:16:8c:bc:c2:fa:34:11:eb:
                    8b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:58:47:A5:95:AC:8A:90:64:7C:3D:4C:DC:56:B4:12:B1:BA:61:7F
            X509v3 Authority Key Identifier:
                keyid:BF:E4:61:37:5D:C2:23:D4:F7:B2:70:55:E2:B3:47:45:FE:61:01:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/v-RhN13CI9T3snBV4rNHRf5hAdQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v-RhN13CI9T3snBV4rNHRf5hAdQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/F8A432C0DDCF11ED855EAF77C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:fa:1a:a4:2d:78:7f:59:57:52:be:6b:06:09:9e:92:77:37:
         38:a8:ad:6e:87:5d:50:48:83:6e:3a:0c:83:81:ba:ca:67:71:
         fa:81:51:e8:73:00:92:5b:1f:b1:10:81:33:6f:18:9e:8f:dd:
         99:f3:de:29:79:32:00:7b:47:44:0d:9c:91:7a:4c:42:cd:d1:
         ba:3c:5f:3f:ec:6b:57:99:6b:91:34:4c:97:f1:39:41:e3:7a:
         4b:50:ea:db:16:7f:08:a3:3d:c2:89:ba:97:dd:41:b6:9a:6c:
         b2:bc:0f:1c:21:d4:1b:9c:1e:68:68:42:55:62:a7:b2:c6:e6:
         86:ed:f2:d5:b6:f2:ad:5f:c9:71:46:23:7b:b0:66:2d:85:12:
         82:ee:6d:91:34:b5:40:9b:fe:2c:37:0d:6f:f3:f4:76:e6:3b:
         26:46:fc:5f:f8:e5:30:24:22:44:93:40:40:2f:70:ec:5e:81:
         95:7c:3f:8a:10:18:ec:c4:e4:fc:7d:e6:f9:4e:a1:07:4b:f5:
         c2:81:c9:07:c8:12:c5:3e:48:3e:f0:31:bb:e5:f6:34:be:f3:
         bd:05:71:77:d0:96:db:da:a0:5c:c9:8b:e6:dd:3e:f0:9b:31:
         f4:ba:a8:81:37:8f:8f:4d:5c:4d:41:4a:73:0a:75:18:f3:f0:
         6f:b7:4c:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q5OEQxMTAvBgNVBAUTKEJGRTQ2MTM3NURDMjIzRDRGN0IyNzA1NUUyQjM0NzQ1
RkU2MTAxRDQwHhcNMjQwMzEyMjMyMjE2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYwZTNhOC1jMGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8DKT46D/kfIW9yj7V7bv2iLhGZJerv4CtUWZhUjFBWb9Yxvcic6k0VszSkdY
P/fxfrrG/Bv9JF86xbediKTO4LYAfjMn/pCQq8HhxukE7JfDN7Jbw95N9RCtNL+1
CCqQGnL9gLnUEW0322MFC8qLS39jl3TkEHehRLBVBYWoht4iixqMtDk/FXtTbbZv
OSW7Wav0NGAsDuT3WrD4/0DgwRLW9ydEiKQhyegcK0FdCQyExcCmN6G/7mmE4zP/
ER4lM5f9AjUrppl9JYZtQbQsUuTWo2+fqpZ6TWQvWE9M9s1HRKkFO3ARYeXnBZFA
WQM28978sOyQFoy8wvo0EeuLlwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE9YR6WV
rIqQZHw9TNxWtBKxumF/MB8GA1UdIwQYMBaAFL/kYTddwiPU97JwVeKzR0X+YQHU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDk4RC80NjE0NTdCNDUw
MEMxMUVCQTcyREJFMjRDNEY5QUUwMi92LVJoTjEzQ0k5VDNzbkJWNHJOSFJmNWhB
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YtUmhOMTNDSTlUM3NuQlY0ck5IUmY1aEFkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q5OEQvNDYxNDU3QjQ1MDBDMTFFQkE3MkRCRTI0QzRGOUFFMDIvRjhBNDMyQzBE
RENGMTFFRDg1NUVBRjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoWswDQYJKoZIhvcNAQELBQADggEBAA/6GqQteH9ZV1K+
awYJnpJ3NziorW6HXVBIg246DIOBuspncfqBUehzAJJbH7EQgTNvGJ6P3Znz3il5
MgB7R0QNnJF6TELN0bo8Xz/sa1eZa5E0TJfxOUHjektQ6tsWfwijPcKJupfdQbaa
bLK8Dxwh1BucHmhoQlVip7LG5obt8tW28q1fyXFGI3uwZi2FEoLubZE0tUCb/iw3
DW/z9HbmOyZG/F/45TAkIkSTQEAvcOxegZV8P4oQGOzE5Px95vlOoQdL9cKByQfI
EsU+SD7wMbvl9jS+870FcXfQltvaoFzJi+bdPvCbMfS6qIE3j49NXE1BSnMKdRjz
8G+3TEg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org