Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/DFCBB4CCAEF611EF919C954AC4F9AE02.roa
File:                     DFCBB4CCAEF611EF919C954AC4F9AE02.roa (raw, json)
Hash identifier:          igEMec4i5w6Amj3PkSJ9yQdNPXLXeSkiH6034lsV4Ig=
Subject key identifier:   0E:82:20:9A:0B:7B:10:81:78:1E:DB:6E:81:1B:BE:A5:8D:49:2C:70
Certificate issuer:       /CN=A91E29CB/serialNumber=A07AF0CCB29835CC7642974BAC9E1502B9CF82D0
Certificate serial:       0232
Authority key identifier: A0:7A:F0:CC:B2:98:35:CC:76:42:97:4B:AC:9E:15:02:B9:CF:82:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHrwzLKYNcx2QpdLrJ4VArnPgtA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/DFCBB4CCAEF611EF919C954AC4F9AE02.roa
Signing time:             Sat 30 Nov 2024 08:41:21 +0000
ROA not before:           Sat 30 Nov 2024 08:41:21 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     138358
IP address blocks:        103.159.36.0/23 maxlen: 23
                          103.159.36.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 30 Nov 2024 16:49:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 562 (0x232)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E29CB
        Validity
            Not Before: Nov 30 08:41:21 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=674acfb1-a548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8b:07:96:a8:8e:a3:e0:37:e6:68:13:3f:91:
                    b6:37:3f:60:22:0f:70:60:81:43:31:d8:b8:33:11:
                    52:45:ad:db:d5:64:ed:c3:fc:75:7d:c3:85:55:60:
                    db:17:83:1e:3f:f1:f7:88:a2:dd:27:46:65:b0:2d:
                    20:59:e4:94:1a:76:5e:dd:c6:2c:2f:1e:8e:39:ee:
                    b4:0a:9c:39:db:f5:d9:c3:68:02:bb:41:6a:9d:8a:
                    5f:13:9f:b1:ad:6c:ed:f3:da:26:99:78:d6:a6:e2:
                    14:75:40:e9:df:ea:69:d2:19:00:4c:01:9d:03:c9:
                    01:3f:b4:7b:81:4d:e0:87:54:70:45:7b:2b:fc:c4:
                    79:b5:b7:75:da:59:b3:47:c1:f5:b3:be:e7:aa:a1:
                    f9:c0:07:0e:d5:50:85:f3:69:78:90:42:81:fd:b2:
                    2b:e8:68:b7:bc:05:99:3a:e7:4a:1f:66:09:3a:db:
                    c1:ed:e5:e1:d1:da:40:0d:21:19:95:1c:06:c1:19:
                    ff:bb:dd:e5:86:e6:5b:5c:96:d0:5a:e5:90:dc:4c:
                    13:7f:56:1f:36:47:c6:69:a5:a7:0a:f2:58:f3:a5:
                    a8:29:11:f0:6e:a9:5e:d1:ea:9a:3b:32:70:ab:20:
                    26:82:4d:f0:33:08:19:c2:2d:78:b0:4e:65:fb:6b:
                    e9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:82:20:9A:0B:7B:10:81:78:1E:DB:6E:81:1B:BE:A5:8D:49:2C:70
            X509v3 Authority Key Identifier:
                keyid:A0:7A:F0:CC:B2:98:35:CC:76:42:97:4B:AC:9E:15:02:B9:CF:82:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHrwzLKYNcx2QpdLrJ4VArnPgtA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/DFCBB4CCAEF611EF919C954AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4a:42:40:0e:0e:8f:17:f2:02:6e:80:ae:66:e7:2b:de:8c:85:
         c0:45:6b:56:86:1a:ae:3f:1a:4d:34:04:cc:fe:a1:73:db:e5:
         3e:26:36:4f:3d:82:78:b9:1a:84:0d:0e:73:74:e7:c2:bd:1d:
         a6:79:f8:d1:fb:61:4c:2f:45:5c:41:c7:26:a6:c3:fe:85:ba:
         de:cd:7d:b4:14:68:40:c5:90:b3:5a:99:f3:43:11:4f:55:32:
         cd:52:22:0c:bb:53:b3:51:cb:07:fb:b6:16:fb:30:32:4d:31:
         ae:a3:89:80:88:d9:e1:e6:d0:8d:ee:d1:61:2f:a9:5a:98:d2:
         fb:70:bb:a2:0c:27:c7:ff:83:ab:a7:bf:09:29:b0:42:8c:72:
         a2:5f:05:e7:c9:84:bc:1a:e1:0d:7d:ca:ad:e5:39:00:4f:1a:
         17:f5:91:7e:7d:98:dd:62:9e:c5:a1:f1:84:e1:25:61:f9:07:
         7b:94:f0:16:03:a0:c8:03:5d:62:fe:ce:75:99:27:07:ce:63:
         fc:30:de:30:ff:4b:bb:fb:d6:94:64:ff:44:b2:4a:e6:bd:59:
         71:f1:d0:7e:94:b4:19:b9:38:f8:62:87:df:d3:c6:8f:09:f3:
         ea:42:57:a5:e7:fb:45:a7:80:8c:4f:e3:24:34:77:59:12:0a:
         42:c3:99:f1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI5Q0IxMTAvBgNVBAUTKEEwN0FGMENDQjI5ODM1Q0M3NjQyOTc0QkFDOUUxNTAy
QjlDRjgyRDAwHhcNMjQxMTMwMDg0MTIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRhY2ZiMS1hNTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsYsHlqiOo+A35mgTP5G2Nz9gIg9wYIFDMdi4MxFSRa3b1WTtw/x1fcOFVWDb
F4MeP/H3iKLdJ0ZlsC0gWeSUGnZe3cYsLx6OOe60Cpw52/XZw2gCu0FqnYpfE5+x
rWzt89ommXjWpuIUdUDp3+pp0hkATAGdA8kBP7R7gU3gh1RwRXsr/MR5tbd12lmz
R8H1s77nqqH5wAcO1VCF82l4kEKB/bIr6Gi3vAWZOudKH2YJOtvB7eXh0dpADSEZ
lRwGwRn/u93lhuZbXJbQWuWQ3EwTf1YfNkfGaaWnCvJY86WoKRHwbqle0eqaOzJw
qyAmgk3wMwgZwi14sE5l+2vpMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA6CIJoL
exCBeB7bboEbvqWNSSxwMB8GA1UdIwQYMBaAFKB68MyymDXMdkKXS6yeFQK5z4LQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjlDQi8xRjkwMkIwRTA1
QUYxMUVEQTcxNzY0MkJDNEY5QUUwMi9vSHJ3ekxLWU5jeDJRcGRMcko0VkFyblBn
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29Icnd6TEtZTmN4MlFwZExySjRWQXJuUGd0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI5Q0IvMUY5MDJCMEUwNUFGMTFFREE3MTc2NDJCQzRGOUFFMDIvREZDQkI0Q0NB
RUY2MTFFRjkxOUM5NTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnyQwDQYJKoZIhvcNAQELBQADggEBAEpCQA4OjxfyAm6A
rmbnK96MhcBFa1aGGq4/Gk00BMz+oXPb5T4mNk89gni5GoQNDnN058K9HaZ5+NH7
YUwvRVxBxyamw/6Fut7NfbQUaEDFkLNamfNDEU9VMs1SIgy7U7NRywf7thb7MDJN
Ma6jiYCI2eHm0I3u0WEvqVqY0vtwu6IMJ8f/g6unvwkpsEKMcqJfBefJhLwa4Q19
yq3lOQBPGhf1kX59mN1insWh8YThJWH5B3uU8BYDoMgDXWL+znWZJwfOY/ww3jD/
S7v71pRk/0SySua9WXHx0H6UtBm5OPhih9/Txo8J8+pCV6Xn+0WngIxP4yQ0d1kS
CkLDmfE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:08 2025 by rpki-client