Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
File:                     7F574824A93711EEAD42EF0AC4F9AE02.roa (raw, json)
Hash identifier:          fuygPKOV84AmvT48UlWf4mObJHgdC9DkfPGx+mkRTag=
Subject key identifier:   DB:AC:1D:9D:59:A2:0F:13:E4:11:4B:00:4D:75:B8:0A:D3:C9:C8:DD
Certificate issuer:       /CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Certificate serial:       2A
Authority key identifier: AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
Signing time:             Tue 05 Mar 2024 07:49:26 +0000
ROA not before:           Tue 05 Mar 2024 07:49:26 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     134078
IP address blocks:        45.112.76.0/22 maxlen: 22
                          61.13.2.0/24 maxlen: 24
                          61.13.16.0/20 maxlen: 21
                          61.13.32.0/21 maxlen: 21
                          61.13.128.0/22 maxlen: 22
                          61.13.128.0/24 maxlen: 24
                          61.13.136.0/23 maxlen: 23
                          61.13.138.0/23 maxlen: 23
                          61.14.64.0/19 maxlen: 19
                          61.14.90.0/24 maxlen: 24
                          61.14.91.0/24 maxlen: 24
                          61.14.95.0/24 maxlen: 24
                          61.16.0.0/22 maxlen: 22
                          61.16.4.0/22 maxlen: 22
                          61.16.8.0/22 maxlen: 22
                          61.16.12.0/22 maxlen: 22
                          61.16.16.0/22 maxlen: 22
                          61.16.32.0/22 maxlen: 22
                          103.51.160.0/22 maxlen: 22
                          103.51.160.0/24 maxlen: 24
                          103.51.163.0/24 maxlen: 24
                          103.227.88.0/22 maxlen: 22
                          103.250.56.0/22 maxlen: 22
                          103.250.58.0/24 maxlen: 24
                          202.52.64.0/23 maxlen: 23
                          202.52.72.0/21 maxlen: 21
                          202.52.80.0/21 maxlen: 21
                          202.52.96.0/19 maxlen: 19
                          202.52.112.0/20 maxlen: 20
                          202.136.16.0/20 maxlen: 20
                          202.148.160.0/20 maxlen: 20
                          203.31.234.0/24 maxlen: 24
                          203.149.128.0/24 maxlen: 24
                          203.149.140.0/22 maxlen: 22
                          203.149.168.0/22 maxlen: 22
                          203.149.184.0/21 maxlen: 21
                          203.149.240.0/22 maxlen: 22
                          203.149.254.0/23 maxlen: 23
                          2404:1100::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 27 Jun 2024 02:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 42 (0x2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
        Validity
            Not Before: Mar  5 07:49:26 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e6ce86-d94a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d0:44:75:fa:77:82:d3:84:62:7a:b4:a4:b4:
                    92:e9:d2:bd:65:f3:2a:40:3d:7e:fc:d7:ed:91:d1:
                    76:63:ac:48:96:dc:00:d0:30:bb:79:cc:e2:4d:62:
                    8a:07:0f:1a:de:e4:6c:0f:88:3c:cd:af:f7:23:8d:
                    0b:6b:97:31:a4:ea:d8:a6:3b:d9:47:9a:47:aa:0e:
                    8e:5d:7d:d5:f6:9e:ce:c7:c4:e8:ce:0b:a6:ef:92:
                    50:5d:22:4f:dd:a5:27:3d:f7:3c:32:33:d0:be:9d:
                    e7:ce:c6:9a:55:47:a9:9e:3b:9b:45:d7:83:2b:0c:
                    31:90:d9:1f:63:b7:70:c7:67:76:9e:8a:9c:e5:2e:
                    86:28:a6:41:b4:9b:3f:23:7b:79:da:c1:9f:bc:d0:
                    c2:29:09:17:78:5b:87:92:6a:d4:48:33:f2:74:a8:
                    f5:e9:f7:b9:31:eb:38:17:95:2e:7d:cf:e8:0e:a8:
                    cf:d5:96:d2:8c:d2:3b:00:ad:2b:07:7b:b9:b8:b6:
                    90:ab:d4:96:e5:21:68:ed:c5:df:e1:58:ad:53:a9:
                    76:46:dd:11:3e:6f:ca:5c:0c:de:91:4c:37:f1:ec:
                    13:79:a6:51:48:c6:3b:a1:ef:dd:78:92:02:6f:dd:
                    a1:ee:ce:f4:f6:65:f1:d5:00:57:c9:83:0d:b4:71:
                    87:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:AC:1D:9D:59:A2:0F:13:E4:11:4B:00:4D:75:B8:0A:D3:C9:C8:DD
            X509v3 Authority Key Identifier:
                keyid:AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/7F574824A93711EEAD42EF0AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.112.76.0/22
                  61.13.2.0/24
                  61.13.16.0-61.13.39.255
                  61.13.128.0/22
                  61.13.136.0/22
                  61.14.64.0/19
                  61.16.0.0-61.16.19.255
                  61.16.32.0/22
                  103.51.160.0/22
                  103.227.88.0/22
                  103.250.56.0/22
                  202.52.64.0/23
                  202.52.72.0-202.52.87.255
                  202.52.96.0/19
                  202.136.16.0/20
                  202.148.160.0/20
                  203.31.234.0/24
                  203.149.128.0/24
                  203.149.140.0/22
                  203.149.168.0/22
                  203.149.184.0/21
                  203.149.240.0/22
                  203.149.254.0/23
                IPv6:
                  2404:1100::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:74:91:24:cb:68:c2:88:16:ed:48:52:b7:ca:f4:75:c3:cb:
         f1:6a:28:ea:c6:ef:23:89:d6:43:dc:10:67:9f:2a:2f:02:a7:
         e1:7f:5c:d8:5e:58:48:54:99:8f:47:7b:18:3b:a4:d6:b0:2d:
         bd:10:60:fa:8c:6a:3a:1e:9c:4c:39:4f:48:22:6b:60:cb:9c:
         3c:d3:75:09:13:b5:ae:67:78:80:39:be:25:f6:99:f9:ad:ab:
         80:0a:05:62:ce:00:d8:be:a1:ac:3a:59:2c:b9:d2:8a:17:d2:
         6e:64:20:84:1c:02:21:d5:15:e5:30:27:41:8d:1d:e3:0f:d5:
         4c:70:14:3f:3a:3e:7f:51:83:2e:42:bb:9b:d1:da:79:fd:ca:
         73:cb:37:76:ae:61:2b:96:40:3c:21:f1:f2:4a:9f:ee:d4:8d:
         a8:88:cc:63:7c:4d:a1:13:66:ab:a4:35:28:1e:a5:1a:55:cb:
         a3:92:36:1d:08:7a:0b:79:8a:68:2c:43:66:db:95:1f:22:8b:
         34:ba:c2:22:99:fa:35:e8:74:ab:73:00:8a:15:06:78:8a:99:
         a9:84:08:26:ed:43:65:3b:47:fb:53:53:7d:ee:1b:ae:9a:30:
         91:47:3b:73:48:2e:58:5f:3b:51:06:b9:bc:2b:b1:77:ea:46:
         f4:29:ff:24
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTc2RDExMC8GA1UEBRMoQUEwMTc4RUE3ODUxMUExNUIxNDcwRUJGQzBDNTcyMUE3
MEUyNzY5RjAeFw0yNDAzMDUwNzQ5MjZaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTZjZTg2LWQ5NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ0ER1+neC04RierSktJLp0r1l8ypAPX781+2R0XZjrEiW3ADQMLt5zOJNYooH
Dxre5GwPiDzNr/cjjQtrlzGk6timO9lHmkeqDo5dfdX2ns7HxOjOC6bvklBdIk/d
pSc99zwyM9C+nefOxppVR6meO5tF14MrDDGQ2R9jt3DHZ3aeipzlLoYopkG0mz8j
e3nawZ+80MIpCRd4W4eSatRIM/J0qPXp97kx6zgXlS59z+gOqM/VltKM0jsArSsH
e7m4tpCr1JblIWjtxd/hWK1TqXZG3RE+b8pcDN6RTDfx7BN5plFIxjuh7914kgJv
3aHuzvT2ZfHVAFfJgw20cYcbAgMBAAGjggNEMIIDQDAdBgNVHQ4EFgQU26wdnVmi
DxPkEUsATXW4CtPJyN0wHwYDVR0jBBgwFoAUqgF46nhRGhWxRw6/wMVyGnDidp8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNzZEL0YwMkEzNUU4QTkx
NDExRUVCMjcxMkQzRkM0RjlBRTAyL3FnRjQ2bmhSR2hXeFJ3Nl93TVZ5R25EaWRw
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcWdGNDZuaFJHaFd4Unc2X3dNVnlHbkRpZHA4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTc2RC9GMDJBMzVFOEE5MTQxMUVFQjI3MTJEM0ZDNEY5QUUwMi83RjU3NDgyNEE5
MzcxMUVFQUQ0MkVGMEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBzQYIKwYBBQUHAQcBAf8E
gb0wgbowgagEAgABMIGhAwQCLXBMAwQAPQ0CMAwDBAQ9DRADBAM9DSADBAI9DYAD
BAI9DYgDBAU9DkAwCwMDBD0QAwQCPRAQAwQCPRAgAwQCZzOgAwQCZ+NYAwQCZ/o4
AwQByjRAMAwDBAPKNEgDBAPKNFADBAXKNGADBATKiBADBATKlKADBADLH+oDBADL
lYADBALLlYwDBALLlagDBAPLlbgDBALLlfADBAHLlf4wDQQCAAIwBwMFACQEEQAw
DQYJKoZIhvcNAQELBQADggEBAD90kSTLaMKIFu1IUrfK9HXDy/FqKOrG7yOJ1kPc
EGefKi8Cp+F/XNheWEhUmY9Hexg7pNawLb0QYPqMajoenEw5T0gia2DLnDzTdQkT
ta5neIA5viX2mfmtq4AKBWLOANi+oaw6WSy50ooX0m5kIIQcAiHVFeUwJ0GNHeMP
1UxwFD86Pn9Rgy5Cu5vR2nn9ynPLN3auYSuWQDwh8fJKn+7UjaiIzGN8TaETZquk
NSgepRpVy6OSNh0Iegt5imgsQ2bblR8iizS6wiKZ+jXodKtzAIoVBniKmamECCbt
Q2U7R/tTU33uG66aMJFHO3NILlhfO1EGubwrsXfqRvQp/yQ=
-----END CERTIFICATE-----
Generated at Thu Jun 27 05:39:34 2024 by rpki-client on console-ams.rpki-client.org