Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E15AD/B8B91C467E1211EE9CB11F3EC4F9AE02/9BFF089AD0B511EE9C8E6885C4F9AE02.roa
File:                     9BFF089AD0B511EE9C8E6885C4F9AE02.roa (raw, json)
Hash identifier:          P00/wBXxpZAxVmMEQShGNeLCJuhKQb2Pvy1tzAoS0xQ=
Subject key identifier:   FE:0F:F9:C1:7F:73:2E:1F:07:91:9F:7F:F2:CD:09:92:83:F4:67:99
Certificate issuer:       /CN=A91E15AD/serialNumber=7F352A76956D7702FC77AF60FCC129E61FDBEA32
Certificate serial:       41
Authority key identifier: 7F:35:2A:76:95:6D:77:02:FC:77:AF:60:FC:C1:29:E6:1F:DB:EA:32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fzUqdpVtdwL8d69g_MEp5h_b6jI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E15AD/B8B91C467E1211EE9CB11F3EC4F9AE02/9BFF089AD0B511EE9C8E6885C4F9AE02.roa
Signing time:             Wed 21 Feb 2024 12:35:21 +0000
ROA not before:           Wed 21 Feb 2024 12:35:21 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     138346
IP address blocks:        115.84.168.0/24 maxlen: 24
                          115.84.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Jun 2024 13:15:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65 (0x41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E15AD/serialNumber=7F352A76956D7702FC77AF60FCC129E61FDBEA32
        Validity
            Not Before: Feb 21 12:35:21 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65d5ee09-fe15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:af:aa:bb:8c:7b:42:e7:50:32:3d:ef:80:6d:
                    00:f2:81:50:45:80:50:9c:b2:b2:88:a7:1f:47:64:
                    e0:0b:26:10:02:e5:27:f5:8f:78:fa:0a:59:d9:ac:
                    33:5a:dd:d1:4d:ff:19:43:ef:14:53:e5:ce:2c:b8:
                    bb:d2:0b:23:22:b2:6e:3c:d4:eb:44:1a:a4:79:5d:
                    a8:4f:a7:bf:3d:d1:3d:96:0e:a4:09:17:df:a5:2a:
                    90:c7:92:fc:25:42:8a:90:74:8e:d6:53:ce:cd:fb:
                    6d:68:af:b3:b4:b3:f6:e4:4e:2b:7a:3a:26:14:0a:
                    b9:53:e9:61:cf:65:7a:44:3f:f1:49:07:04:d4:0e:
                    b1:e1:9a:d4:1a:cc:96:eb:d6:8b:80:0e:5b:45:c5:
                    1e:24:9a:3b:a2:32:13:3e:e1:0b:ca:fd:eb:82:0b:
                    f2:83:72:05:7d:60:ab:56:dd:ed:e2:76:c2:d7:c2:
                    39:46:9f:96:45:28:78:54:76:e8:d5:3c:c1:94:d0:
                    c9:be:28:bf:c2:75:70:d4:47:2e:4b:73:2c:fa:c7:
                    48:2e:45:57:01:37:2c:a4:25:9a:e7:ca:bb:b7:9d:
                    a9:ad:7e:cf:84:8e:ea:72:b7:b1:68:78:07:64:65:
                    3d:9d:2b:c3:3c:e7:19:f9:b4:de:7c:4b:04:ed:d1:
                    e7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:0F:F9:C1:7F:73:2E:1F:07:91:9F:7F:F2:CD:09:92:83:F4:67:99
            X509v3 Authority Key Identifier:
                keyid:7F:35:2A:76:95:6D:77:02:FC:77:AF:60:FC:C1:29:E6:1F:DB:EA:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E15AD/B8B91C467E1211EE9CB11F3EC4F9AE02/fzUqdpVtdwL8d69g_MEp5h_b6jI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fzUqdpVtdwL8d69g_MEp5h_b6jI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E15AD/B8B91C467E1211EE9CB11F3EC4F9AE02/9BFF089AD0B511EE9C8E6885C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.84.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:10:8f:78:0b:5b:08:f5:be:49:7b:9f:5c:bd:c9:ca:6a:6e:
         37:bf:f2:55:02:e6:28:3e:ca:47:94:ed:5c:7f:3b:1b:3d:36:
         29:de:1a:80:1f:a4:98:73:9b:5e:4e:05:b0:02:f5:b1:dd:f6:
         8c:dd:7a:99:97:d5:d6:d2:a7:e6:b3:e3:0d:f5:cf:1d:0d:84:
         4f:29:10:a5:3f:46:92:9f:b0:c9:36:17:85:9c:64:1f:73:98:
         71:d3:de:5d:60:06:19:b7:10:4e:85:72:a4:28:65:d5:db:13:
         da:40:3c:12:1a:99:45:7b:60:5b:ad:aa:79:83:8e:7d:db:6c:
         18:1c:2d:bb:e2:cf:3d:e8:c3:04:36:b5:b6:bb:04:e6:dd:83:
         d1:6a:cc:3c:d8:8b:46:5d:f3:20:c4:84:40:0f:3f:64:86:58:
         67:3f:94:61:00:de:c9:e1:49:6f:4b:20:28:96:bd:07:3e:0a:
         c5:84:95:fd:37:2a:ce:5e:28:a2:0b:53:c1:9d:0c:42:04:e7:
         a3:82:f9:80:3a:65:7b:d1:55:fd:0d:8d:50:b9:9c:a9:6b:24:
         97:dc:b9:44:99:81:37:79:5b:7c:eb:a3:d0:4a:92:17:98:3c:
         3a:59:c7:d8:77:81:95:b3:73:37:09:a3:82:83:4f:a0:02:39:
         59:19:0d:b6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MTVBRDExMC8GA1UEBRMoN0YzNTJBNzY5NTZENzcwMkZDNzdBRjYwRkNDMTI5RTYx
RkRCRUEzMjAeFw0yNDAyMjExMjM1MjFaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDVlZTA5LWZlMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLr6q7jHtC51AyPe+AbQDygVBFgFCcsrKIpx9HZOALJhAC5Sf1j3j6ClnZrDNa
3dFN/xlD7xRT5c4suLvSCyMism481OtEGqR5XahPp7890T2WDqQJF9+lKpDHkvwl
QoqQdI7WU87N+21or7O0s/bkTit6OiYUCrlT6WHPZXpEP/FJBwTUDrHhmtQazJbr
1ouADltFxR4kmjuiMhM+4QvK/euCC/KDcgV9YKtW3e3idsLXwjlGn5ZFKHhUdujV
PMGU0Mm+KL/CdXDURy5Lcyz6x0guRVcBNyykJZrnyru3namtfs+Ejupyt7FoeAdk
ZT2dK8M85xn5tN58SwTt0eexAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/g/5wX9z
Lh8HkZ9/8s0JkoP0Z5kwHwYDVR0jBBgwFoAUfzUqdpVtdwL8d69g/MEp5h/b6jIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxNUFEL0I4QjkxQzQ2N0Ux
MjExRUU5Q0IxMUYzRUM0RjlBRTAyL2Z6VXFkcFZ0ZHdMOGQ2OWdfTUVwNWhfYjZq
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZnpVcWRwVnRkd0w4ZDY5Z19NRXA1aF9iNmpJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MTVBRC9COEI5MUM0NjdFMTIxMUVFOUNCMTFGM0VDNEY5QUUwMi85QkZGMDg5QUQw
QjUxMUVFOUM4RTY4ODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAXNUqDANBgkqhkiG9w0BAQsFAAOCAQEAjxCPeAtbCPW+SXuf
XL3JympuN7/yVQLmKD7KR5TtXH87Gz02Kd4agB+kmHObXk4FsAL1sd32jN16mZfV
1tKn5rPjDfXPHQ2ETykQpT9Gkp+wyTYXhZxkH3OYcdPeXWAGGbcQToVypChl1dsT
2kA8EhqZRXtgW62qeYOOfdtsGBwtu+LPPejDBDa1trsE5t2D0WrMPNiLRl3zIMSE
QA8/ZIZYZz+UYQDeyeFJb0sgKJa9Bz4KxYSV/Tcqzl4oogtTwZ0MQgTno4L5gDpl
e9FV/Q2NULmcqWskl9y5RJmBN3lbfOuj0EqSF5g8OlnH2HeBlbNzNwmjgoNPoAI5
WRkNtg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 15:42:04 2024 by rpki-client on console-fra.rpki-client.org