Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9A6D/A21E71D2DB8E11E9A3526224C4F9AE02/5BEE4FD6DB9611E99F3F673EC4F9AE02.roa
File:                     5BEE4FD6DB9611E99F3F673EC4F9AE02.roa (raw, json)
Hash identifier:          A2S5p1bGOI6Jh1UbddW6rQO3SJm/pOgziyInQvtma+Q=
Subject key identifier:   FE:13:04:4E:1A:63:73:B7:F9:3D:E6:35:FE:31:0F:10:97:02:97:D5
Certificate issuer:       /CN=A91D9A6D/serialNumber=C6FA3ECFBE29CD3630690762EB3288103A6D08A0
Certificate serial:       0BF9
Authority key identifier: C6:FA:3E:CF:BE:29:CD:36:30:69:07:62:EB:32:88:10:3A:6D:08:A0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvo-z74pzTYwaQdi6zKIEDptCKA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D9A6D/A21E71D2DB8E11E9A3526224C4F9AE02/5BEE4FD6DB9611E99F3F673EC4F9AE02.roa
Signing time:             Fri 10 Nov 2023 18:46:20 +0000
ROA not before:           Fri 10 Nov 2023 18:46:20 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     58726
IP address blocks:        103.20.152.0/22 maxlen: 22
                          103.20.152.0/24 maxlen: 24
                          103.20.153.0/24 maxlen: 24
                          103.20.154.0/24 maxlen: 24
                          103.20.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 03:50:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3065 (0xbf9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D9A6D/serialNumber=C6FA3ECFBE29CD3630690762EB3288103A6D08A0
        Validity
            Not Before: Nov 10 18:46:20 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=654e7a7c-b369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6b:85:96:8e:e9:d8:3f:2a:fb:2d:66:0d:7c:
                    5f:f7:f1:24:81:90:78:16:c7:bc:1e:1c:93:f3:1d:
                    db:e3:91:1f:01:b4:83:b0:dd:89:c3:f9:10:97:b3:
                    45:c1:20:58:8f:40:29:fe:14:f0:55:c9:a6:80:0c:
                    92:6a:09:d2:e8:30:13:c5:3b:14:41:0f:33:9f:11:
                    24:97:cb:36:04:79:9a:49:3a:52:a0:70:e0:26:97:
                    64:b8:e7:20:39:bd:84:19:c8:51:aa:ad:28:b3:c8:
                    04:e5:70:33:87:a2:a1:ad:5c:7e:00:c6:71:d3:b7:
                    47:1e:4f:64:90:e8:ec:09:94:29:98:03:8a:d3:73:
                    0e:04:96:d7:7d:94:b9:56:1c:37:90:0a:04:a1:38:
                    55:42:1a:bf:45:02:aa:05:4f:42:0c:67:8b:97:6c:
                    18:35:4b:4d:05:68:4b:42:95:6d:5c:93:20:a6:b5:
                    9e:b3:a7:63:f7:96:ef:32:21:4d:8c:8a:20:af:b0:
                    e2:6d:e2:0c:01:fe:69:8c:f5:fc:43:50:1a:b7:43:
                    0b:44:e4:bf:36:29:bf:e2:ee:cc:c7:70:47:07:1d:
                    a3:13:55:63:e5:7b:76:ea:d0:15:ff:75:c9:a3:1b:
                    ea:e2:1f:69:a6:ef:8f:8a:39:76:cf:09:af:04:09:
                    c5:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:13:04:4E:1A:63:73:B7:F9:3D:E6:35:FE:31:0F:10:97:02:97:D5
            X509v3 Authority Key Identifier:
                keyid:C6:FA:3E:CF:BE:29:CD:36:30:69:07:62:EB:32:88:10:3A:6D:08:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D9A6D/A21E71D2DB8E11E9A3526224C4F9AE02/xvo-z74pzTYwaQdi6zKIEDptCKA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvo-z74pzTYwaQdi6zKIEDptCKA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9A6D/A21E71D2DB8E11E9A3526224C4F9AE02/5BEE4FD6DB9611E99F3F673EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.20.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:be:00:2a:75:67:bb:dd:8c:27:ae:16:cb:7f:7b:92:d1:7d:
         ea:e8:ed:f9:00:0c:66:f4:a9:4a:67:6c:81:00:3a:c9:ee:04:
         cf:1b:3f:bf:03:17:6c:cc:d7:2e:fd:e0:7c:ad:ab:ca:76:3f:
         a7:ab:00:e7:55:7a:f6:33:d4:5e:4c:ec:11:e0:17:33:73:f6:
         fc:f2:3e:10:d2:ba:87:02:2f:da:95:23:68:a1:91:14:9b:c5:
         d9:26:5b:2c:e7:6d:3b:94:f7:b2:af:d3:c5:e5:70:52:6a:ec:
         c7:0e:5d:e4:01:06:af:5a:39:8c:33:be:40:44:c9:1b:22:d0:
         21:28:e0:04:6c:d9:41:4f:81:8b:f8:87:0b:45:d3:08:e9:6a:
         b4:99:8d:96:b3:77:54:e6:87:91:03:c6:bd:46:f8:b7:1b:be:
         b6:4b:1d:68:14:6f:8d:7a:70:91:80:f3:23:23:3b:38:a9:f5:
         cb:59:11:0f:37:17:f1:6c:72:cc:34:b9:72:5c:b7:11:5b:7c:
         27:f7:0d:2e:31:18:bc:5b:55:25:ef:73:47:cb:ce:a0:59:8d:
         f3:5d:41:62:f0:0b:12:5d:54:9c:ed:11:b9:25:6c:af:68:8b:
         64:91:16:28:15:22:b3:6f:da:4c:16:18:ca:86:25:97:b5:33:
         00:e8:6d:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDlBNkQxMTAvBgNVBAUTKEM2RkEzRUNGQkUyOUNEMzYzMDY5MDc2MkVCMzI4ODEw
M0E2RDA4QTAwHhcNMjMxMTEwMTg0NjIwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlN2E3Yy1iMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzWuFlo7p2D8q+y1mDXxf9/EkgZB4Fse8HhyT8x3b45EfAbSDsN2Jw/kQl7NF
wSBYj0Ap/hTwVcmmgAySagnS6DATxTsUQQ8znxEkl8s2BHmaSTpSoHDgJpdkuOcg
Ob2EGchRqq0os8gE5XAzh6KhrVx+AMZx07dHHk9kkOjsCZQpmAOK03MOBJbXfZS5
Vhw3kAoEoThVQhq/RQKqBU9CDGeLl2wYNUtNBWhLQpVtXJMgprWes6dj95bvMiFN
jIogr7DibeIMAf5pjPX8Q1Aat0MLROS/Nim/4u7Mx3BHBx2jE1Vj5Xt26tAV/3XJ
oxvq4h9ppu+Pijl2zwmvBAnFqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP4TBE4a
Y3O3+T3mNf4xDxCXApfVMB8GA1UdIwQYMBaAFMb6Ps++Kc02MGkHYusyiBA6bQig
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUE2RC9BMjFFNzFEMkRC
OEUxMUU5QTM1MjYyMjRDNEY5QUUwMi94dm8tejc0cHpUWXdhUWRpNnpLSUVEcHRD
S0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h2by16NzRwelRZd2FRZGk2ektJRURwdENLQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDlBNkQvQTIxRTcxRDJEQjhFMTFFOUEzNTI2MjI0QzRGOUFFMDIvNUJFRTRGRDZE
Qjk2MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnFJgwDQYJKoZIhvcNAQELBQADggEBAFq+ACp1Z7vdjCeu
Fst/e5LRfero7fkADGb0qUpnbIEAOsnuBM8bP78DF2zM1y794Hytq8p2P6erAOdV
evYz1F5M7BHgFzNz9vzyPhDSuocCL9qVI2ihkRSbxdkmWyznbTuU97Kv08XlcFJq
7McOXeQBBq9aOYwzvkBEyRsi0CEo4ARs2UFPgYv4hwtF0wjparSZjZazd1Tmh5ED
xr1G+LcbvrZLHWgUb416cJGA8yMjOzip9ctZEQ83F/Fscsw0uXJctxFbfCf3DS4x
GLxbVSXvc0fLzqBZjfNdQWLwCxJdVJztEbklbK9oi2SRFigVIrNv2kwWGMqGJZe1
MwDobZ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org