Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/3F7721DA6C4A11EFA0F6E64DC4F9AE02.roa
File:                     3F7721DA6C4A11EFA0F6E64DC4F9AE02.roa (raw, json)
Hash identifier:          n1/5C9rfNmpJk6AUOY+WhJwcZrtsSkaHwtFs+PgYoRo=
Subject key identifier:   4B:E2:B6:80:3E:10:C4:57:A9:93:E1:B4:02:7F:9B:D9:60:88:3B:AF
Certificate issuer:       /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial:       017F
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/3F7721DA6C4A11EFA0F6E64DC4F9AE02.roa
Signing time:             Fri 06 Sep 2024 12:21:30 +0000
ROA not before:           Fri 06 Sep 2024 12:21:30 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        103.85.200.0/24 maxlen: 24
                          103.85.201.0/24 maxlen: 24
                          103.85.202.0/24 maxlen: 24
                          103.85.203.0/24 maxlen: 24
                          110.44.108.0/24 maxlen: 24
                          110.44.109.0/24 maxlen: 24
                          110.44.110.0/24 maxlen: 24
                          110.44.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 07 Sep 2024 17:23:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 383 (0x17f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
        Validity
            Not Before: Sep  6 12:21:30 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66daf3ca-3438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5a:fa:49:74:63:05:fe:de:92:5c:5f:99:17:
                    ee:02:d7:cf:83:2c:6b:f2:28:be:a3:f6:8e:a0:01:
                    5a:0a:95:df:5e:38:2c:db:55:77:13:f4:e6:18:4d:
                    7e:75:56:c6:0e:2a:bd:54:39:16:4a:61:4b:d4:d1:
                    a6:f3:5b:8f:b5:da:76:88:11:80:54:9c:01:0b:fe:
                    88:fe:6e:fd:ac:b5:81:64:db:83:ee:b2:14:26:9b:
                    0b:b7:f2:25:dc:7a:ac:87:8c:f2:37:ed:b3:81:b9:
                    8b:98:d5:1b:9f:7e:3d:d1:4e:92:30:0d:88:33:28:
                    bb:a9:66:74:af:83:bc:51:0d:ff:71:d0:46:37:93:
                    a1:bf:1e:dd:97:7b:19:40:a9:5f:1d:10:cb:e4:2f:
                    15:a9:6c:b1:99:eb:cb:42:32:e8:8a:d1:c6:ec:a9:
                    f1:3e:80:3e:c3:80:5e:bd:d1:4c:18:8c:bc:48:53:
                    89:8e:39:62:86:c1:b0:8a:aa:76:62:af:38:f6:c1:
                    70:2a:47:70:0d:99:29:bc:8c:7b:0c:54:f2:9d:88:
                    f3:92:89:3e:93:08:f5:cb:a1:66:e0:db:04:5b:30:
                    0c:71:e8:c7:e7:d4:bd:cb:61:10:5a:f4:a0:11:f5:
                    ec:c9:aa:0f:1f:22:4f:1b:63:bf:9c:b3:97:99:a6:
                    93:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:E2:B6:80:3E:10:C4:57:A9:93:E1:B4:02:7F:9B:D9:60:88:3B:AF
            X509v3 Authority Key Identifier:
                keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/3F7721DA6C4A11EFA0F6E64DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.200.0/22
                  110.44.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:66:67:52:71:fc:94:da:67:2e:7b:05:3d:8c:32:c1:1b:27:
         ac:c8:7e:c8:d7:22:09:26:78:ab:9e:2f:59:85:04:04:84:ef:
         bf:5e:5f:d9:cf:ab:45:42:2b:01:59:56:d9:59:37:91:e5:a5:
         cd:4e:08:d4:da:19:32:35:6e:6c:ba:94:4b:5d:42:c6:78:b3:
         63:08:94:a5:43:23:26:3f:21:f3:c9:e4:17:4b:c8:8d:e0:6c:
         7c:6e:b9:c1:9d:f2:dc:e8:45:ba:a0:b5:16:cc:93:3a:fe:17:
         30:02:06:3a:44:9c:64:5b:af:20:ee:b4:f7:42:71:d7:2f:56:
         f8:c9:d7:c9:3a:a7:7a:45:c9:27:cb:79:cb:3d:9a:82:6c:f2:
         a2:cd:86:fd:c0:c6:e5:9e:fb:9d:7e:06:83:77:87:25:9b:36:
         5b:b1:7c:dc:ec:77:69:72:7f:7c:ad:ea:ae:62:98:e2:36:d8:
         13:59:15:1d:28:dd:91:fa:f5:c4:b8:ed:6b:34:5e:8f:35:4d:
         1e:3f:50:65:6f:22:05:2c:b5:b3:17:c1:33:b1:d8:8d:1e:d4:
         1d:3d:da:b0:31:11:c4:16:65:71:44:13:68:95:c8:42:e5:3e:
         aa:9e:d3:94:a2:21:24:c4:ca:91:29:7e:74:e0:4a:08:5b:e7:
         07:e8:8b:f9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQwOTA2MTIyMTMwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRhZjNjYS0zNDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs1r6SXRjBf7eklxfmRfuAtfPgyxr8ii+o/aOoAFaCpXfXjgs21V3E/TmGE1+
dVbGDiq9VDkWSmFL1NGm81uPtdp2iBGAVJwBC/6I/m79rLWBZNuD7rIUJpsLt/Il
3Hqsh4zyN+2zgbmLmNUbn3490U6SMA2IMyi7qWZ0r4O8UQ3/cdBGN5Ohvx7dl3sZ
QKlfHRDL5C8VqWyxmevLQjLoitHG7KnxPoA+w4BevdFMGIy8SFOJjjlihsGwiqp2
Yq849sFwKkdwDZkpvIx7DFTynYjzkok+kwj1y6Fm4NsEWzAMcejH59S9y2EQWvSg
EfXsyaoPHyJPG2O/nLOXmaaThQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEvitoA+
EMRXqZPhtAJ/m9lgiDuvMB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvM0Y3NzIxREE2
QzRBMTFFRkEwRjZFNjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBAJuLGwwDQYJKoZIhvcNAQELBQADggEBAKVmZ1Jx
/JTaZy57BT2MMsEbJ6zIfsjXIgkmeKueL1mFBASE779eX9nPq0VCKwFZVtlZN5Hl
pc1OCNTaGTI1bmy6lEtdQsZ4s2MIlKVDIyY/IfPJ5BdLyI3gbHxuucGd8tzoRbqg
tRbMkzr+FzACBjpEnGRbryDutPdCcdcvVvjJ18k6p3pFySfLecs9moJs8qLNhv3A
xuWe+51+BoN3hyWbNluxfNzsd2lyf3yt6q5imOI22BNZFR0o3ZH69cS47Ws0Xo81
TR4/UGVvIgUstbMXwTOx2I0e1B092rAxEcQWZXFEE2iVyELlPqqe05SiISTEypEp
fnTgSghb5wfoi/k=
-----END CERTIFICATE-----