Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
File:                     33FB1B84DD5D11EA9D6FE136C4F9AE02.roa (raw, json)
Hash identifier:          4C4EimxQxgCely6Gl5cfIRtGUFjxHO5qztgZM23ujCA=
Subject key identifier:   3E:15:1A:0B:39:1D:47:8B:CD:75:00:75:41:64:E8:28:97:42:65:ED
Certificate issuer:       /CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
Certificate serial:       0825
Authority key identifier: A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
Signing time:             Fri 02 Jun 2023 22:34:45 +0000
ROA not before:           Fri 02 Jun 2023 22:34:45 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     140607
IP address blocks:        103.150.242.0/24 maxlen: 24
                          103.150.243.0/24 maxlen: 24
                          2400:d860::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 10 Dec 2023 09:21:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2085 (0x825)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D7C1D/serialNumber=A8AEA9B2930A614D5CA31AB9F7E84379361A2F43
        Validity
            Not Before: Jun  2 22:34:45 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=647a6e85-7e5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:35:6d:32:af:e4:9a:9c:6a:58:38:33:4d:2d:
                    7e:39:0f:a8:50:1f:6c:1b:74:b8:6a:32:12:52:1a:
                    d7:a0:85:d4:f6:b9:bd:21:6f:f9:85:8c:1f:14:66:
                    f7:9a:ae:f5:2d:2d:68:16:72:fd:46:75:d6:05:35:
                    4b:5d:49:1d:cb:f6:4c:8d:1d:a1:fd:47:9d:a0:0d:
                    04:8d:e5:7b:31:35:d5:52:2a:4e:d8:92:bd:58:de:
                    a3:af:64:77:91:83:84:83:6a:7b:a0:bf:9a:34:5d:
                    f6:df:e4:c9:7c:fb:12:c1:26:54:26:a0:50:b7:76:
                    36:b3:bb:57:ec:ff:7f:71:c1:be:2e:b4:26:94:f5:
                    8c:13:d7:76:0b:c9:ec:dc:dd:bb:ba:22:ca:44:b9:
                    c4:68:a2:91:aa:85:06:e1:1b:50:c1:5f:f5:6d:4d:
                    33:0f:e5:cd:1a:02:84:55:70:ab:1b:d4:c2:a0:e8:
                    33:ff:ce:44:9b:aa:29:96:f6:77:02:2d:41:d2:33:
                    3f:17:d9:5c:5a:0d:2e:aa:76:20:4d:54:03:eb:be:
                    b0:5f:22:6e:97:16:df:00:4f:8f:41:cf:fc:ea:94:
                    fa:a4:c6:7c:64:bf:ea:37:27:d7:61:e3:f3:bb:14:
                    a4:23:20:c2:5b:7e:78:19:3a:1c:05:74:25:97:5c:
                    e7:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:15:1A:0B:39:1D:47:8B:CD:75:00:75:41:64:E8:28:97:42:65:ED
            X509v3 Authority Key Identifier:
                keyid:A8:AE:A9:B2:93:0A:61:4D:5C:A3:1A:B9:F7:E8:43:79:36:1A:2F:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/qK6pspMKYU1coxq59-hDeTYaL0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qK6pspMKYU1coxq59-hDeTYaL0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7C1D/A8070AF28AF011EAA9528309C4F9AE02/33FB1B84DD5D11EA9D6FE136C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.242.0/23
                IPv6:
                  2400:d860::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:90:90:38:e1:4c:0f:8a:b9:38:df:c5:85:2e:df:7c:64:c1:
         d1:d5:69:82:a5:e1:02:26:20:d9:f8:d7:58:7c:ba:b0:c0:93:
         a6:69:3c:a3:20:15:41:7d:5e:16:b0:05:23:65:09:dc:2f:c7:
         7f:0d:62:31:3d:84:7c:57:4a:0b:27:4c:81:f1:c4:02:3d:ab:
         40:88:cc:6f:2d:7d:fc:87:d6:ae:71:6d:b3:f3:0e:6c:87:22:
         24:9e:94:e1:23:47:fd:4d:8f:a4:a1:55:b2:62:be:d9:ab:a6:
         46:7f:33:70:b5:8a:12:17:63:8e:88:41:b9:0f:cf:41:20:63:
         5c:ff:35:80:0a:39:e1:41:b6:f0:7f:a3:32:68:94:3f:e4:f2:
         9a:d1:87:97:99:82:cd:38:d3:c0:2a:21:cd:75:6f:65:62:f5:
         10:8f:5b:ae:df:16:e8:cf:5c:5a:a7:b7:61:e5:91:80:ed:55:
         26:14:52:fa:5c:6d:63:fc:f8:dc:49:ca:4a:0a:2a:ef:d6:c3:
         53:c8:ca:8d:6f:aa:34:33:d9:06:0e:92:8f:42:84:5d:66:d7:
         97:83:f4:68:fa:7a:af:98:85:36:89:cd:2f:1e:1c:61:3f:7a:
         25:23:ce:1d:6d:0b:e8:e9:72:fc:f8:ad:73:4e:22:cb:e3:cc:
         3d:94:12:c9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDdDMUQxMTAvBgNVBAUTKEE4QUVBOUIyOTMwQTYxNEQ1Q0EzMUFCOUY3RTg0Mzc5
MzYxQTJGNDMwHhcNMjMwNjAyMjIzNDQ1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhNmU4NS03ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjVtMq/kmpxqWDgzTS1+OQ+oUB9sG3S4ajISUhrXoIXU9rm9IW/5hYwfFGb3
mq71LS1oFnL9RnXWBTVLXUkdy/ZMjR2h/UedoA0EjeV7MTXVUipO2JK9WN6jr2R3
kYOEg2p7oL+aNF323+TJfPsSwSZUJqBQt3Y2s7tX7P9/ccG+LrQmlPWME9d2C8ns
3N27uiLKRLnEaKKRqoUG4RtQwV/1bU0zD+XNGgKEVXCrG9TCoOgz/85Em6oplvZ3
Ai1B0jM/F9lcWg0uqnYgTVQD676wXyJulxbfAE+PQc/86pT6pMZ8ZL/qNyfXYePz
uxSkIyDCW354GTocBXQll1zn5QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD4VGgs5
HUeLzXUAdUFk6CiXQmXtMB8GA1UdIwQYMBaAFKiuqbKTCmFNXKMauffoQ3k2Gi9D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEN0MxRC9BODA3MEFGMjhB
RjAxMUVBQTk1MjgzMDlDNEY5QUUwMi9xSzZwc3BNS1lVMWNveHE1OS1oRGVUWWFM
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FLNnBzcE1LWVUxY294cTU5LWhEZVRZYUwwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDdDMUQvQTgwNzBBRjI4QUYwMTFFQUE5NTI4MzA5QzRGOUFFMDIvMzNGQjFCODRE
RDVEMTFFQTlENkZFMTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlvIwDQQCAAIwBwMFACQA2GAwDQYJKoZIhvcNAQELBQAD
ggEBAD+QkDjhTA+KuTjfxYUu33xkwdHVaYKl4QImINn411h8urDAk6ZpPKMgFUF9
XhawBSNlCdwvx38NYjE9hHxXSgsnTIHxxAI9q0CIzG8tffyH1q5xbbPzDmyHIiSe
lOEjR/1Nj6ShVbJivtmrpkZ/M3C1ihIXY46IQbkPz0EgY1z/NYAKOeFBtvB/ozJo
lD/k8prRh5eZgs0408AqIc11b2Vi9RCPW67fFujPXFqnt2HlkYDtVSYUUvpcbWP8
+NxJykoKKu/Ww1PIyo1vqjQz2QYOko9ChF1m15eD9Gj6eq+YhTaJzS8eHGE/eiUj
zh1tC+jpcvz4rXNOIsvjzD2UEsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org