Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
File:                     F10C2ACA01C211EDA14D295CC4F9AE02.roa (raw, json)
Hash identifier:          Wv2IXCnZf/XCOoliTljFe2/SOFFru32/MWVILh9scGI=
Subject key identifier:   CE:8E:42:9E:25:98:85:43:94:49:82:26:F0:34:EB:F1:96:CA:97:EE
Certificate issuer:       /CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Certificate serial:       0131
Authority key identifier: A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
Signing time:             Sat 01 Jul 2023 03:12:37 +0000
ROA not before:           Sat 01 Jul 2023 03:12:37 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     135602
IP address blocks:        103.26.8.0/24 maxlen: 24
                          103.26.9.0/24 maxlen: 24
                          103.26.10.0/24 maxlen: 24
                          103.26.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Jul 2023 05:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305 (0x131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
        Validity
            Not Before: Jul  1 03:12:37 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=649f99a4-1ad9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9a:c5:02:d4:d2:58:84:de:c5:0e:12:84:bb:
                    aa:33:29:9d:81:56:eb:18:3a:81:41:22:a0:68:83:
                    ee:4a:f1:11:86:0c:2e:b0:3f:a8:94:92:22:3c:de:
                    63:8d:2f:1e:ce:ec:bf:cc:a6:fe:77:c7:e4:f4:1a:
                    d6:82:73:f1:e6:a6:62:78:f3:b5:34:9c:d7:21:db:
                    80:ff:d7:28:e7:f3:e9:26:31:0e:14:bc:ff:31:7f:
                    81:4f:2a:71:4b:01:f4:b1:dc:61:c2:f8:e0:5d:b4:
                    01:16:c1:04:a4:30:7f:58:cc:c6:27:c2:2b:78:4a:
                    8c:fc:9c:69:81:b2:12:ff:56:38:33:47:48:cc:1d:
                    a9:9e:85:1b:e2:5b:58:8d:de:37:5a:42:b6:ed:b6:
                    9f:8e:86:f5:53:b0:c2:0c:d7:d9:78:20:9f:d7:a4:
                    e2:d6:d6:42:23:d3:72:55:4a:a4:4e:52:8e:26:f2:
                    ad:4e:ec:1c:af:6f:29:8f:c2:8c:1c:64:32:ad:8d:
                    ee:df:09:d1:77:7b:67:78:3f:db:21:4b:91:62:58:
                    49:fe:0c:34:8d:67:83:e3:b0:ad:f8:d0:71:5a:8d:
                    36:df:d5:6d:a3:f5:12:18:2c:8e:8c:d8:93:44:22:
                    60:fe:c9:9d:ac:04:09:7e:e0:0e:ab:e0:82:d2:59:
                    01:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:8E:42:9E:25:98:85:43:94:49:82:26:F0:34:EB:F1:96:CA:97:EE
            X509v3 Authority Key Identifier:
                keyid:A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/oYXAxXSCnF_NcURUSeU0za70E5Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/F10C2ACA01C211EDA14D295CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.26.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:e2:ca:89:fa:7a:ac:a4:eb:ab:26:73:af:b2:eb:b7:fd:a4:
         84:ba:83:42:9c:c4:80:f7:f0:f9:42:78:59:f1:40:03:be:31:
         ed:36:4d:18:1f:1b:89:c2:4c:8c:8e:ec:c1:b3:e9:9b:b8:4c:
         fa:b9:1b:2d:53:d2:22:7e:b0:6b:8e:ad:02:5c:51:4d:eb:1f:
         12:c5:b3:93:97:7b:97:6a:6b:28:e2:8e:ff:6b:79:8e:9b:02:
         d8:fe:13:c4:f5:a6:f3:91:51:ba:db:dd:65:df:80:22:21:8c:
         12:6e:3e:ab:63:7d:79:55:c9:22:59:23:f8:4e:38:af:3a:72:
         cd:23:0d:0b:69:f4:34:85:fb:c5:e5:9b:bb:ec:f5:39:8e:73:
         90:0b:7d:6c:a7:ef:ac:f2:b8:6f:2c:57:e7:e7:12:a8:93:2c:
         dc:81:49:ce:ae:04:4e:cc:8c:5f:d8:60:69:3a:2c:c9:2e:ac:
         1f:c5:12:d4:b0:6d:ed:f9:60:63:80:1b:a1:e2:c3:a4:43:2f:
         19:75:5a:f8:4f:c6:4c:bf:5e:01:a3:de:37:50:fa:bc:61:7f:
         4a:73:b7:6b:3b:12:51:91:f7:e5:5e:e9:88:91:4c:9b:0c:4c:
         ad:ff:30:e9:ac:d6:e0:59:de:a0:ff:54:e5:04:af:53:81:2d:
         9a:d3:0d:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFMzIxMTAvBgNVBAUTKEExODVDMEM1NzQ4MjlDNUZDRDcxNDQ1NDQ5RTUzNENE
QUVGNDEzOTYwHhcNMjMwNzAxMDMxMjM3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDlmOTlhNC0xYWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxJrFAtTSWITexQ4ShLuqMymdgVbrGDqBQSKgaIPuSvERhgwusD+olJIiPN5j
jS8ezuy/zKb+d8fk9BrWgnPx5qZiePO1NJzXIduA/9co5/PpJjEOFLz/MX+BTypx
SwH0sdxhwvjgXbQBFsEEpDB/WMzGJ8IreEqM/JxpgbIS/1Y4M0dIzB2pnoUb4ltY
jd43WkK27bafjob1U7DCDNfZeCCf16Ti1tZCI9NyVUqkTlKOJvKtTuwcr28pj8KM
HGQyrY3u3wnRd3tneD/bIUuRYlhJ/gw0jWeD47Ct+NBxWo0239Vto/USGCyOjNiT
RCJg/smdrAQJfuAOq+CC0lkB7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFM6OQp4l
mIVDlEmCJvA06/GWypfuMB8GA1UdIwQYMBaAFKGFwMV0gpxfzXFEVEnlNM2u9BOW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEUzMi83MjA5NTlGQzAx
QzAxMUVEQkQ3QzZGNThDNEY5QUUwMi9vWVhBeFhTQ25GX05jVVJVU2VVMHphNzBF
NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ZWEF4WFNDbkZfTmNVUlVTZVUwemE3MEU1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFMzIvNzIwOTU5RkMwMUMwMTFFREJEN0M2RjU4QzRGOUFFMDIvRjEwQzJBQ0Ew
MUMyMTFFREExNEQyOTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnGggwDQYJKoZIhvcNAQELBQADggEBAI3iyon6eqyk66sm
c6+y67f9pIS6g0KcxID38PlCeFnxQAO+Me02TRgfG4nCTIyO7MGz6Zu4TPq5Gy1T
0iJ+sGuOrQJcUU3rHxLFs5OXe5dqayjijv9reY6bAtj+E8T1pvORUbrb3WXfgCIh
jBJuPqtjfXlVySJZI/hOOK86cs0jDQtp9DSF+8Xlm7vs9TmOc5ALfWyn76zyuG8s
V+fnEqiTLNyBSc6uBE7MjF/YYGk6LMkurB/FEtSwbe35YGOAG6Hiw6RDLxl1WvhP
xky/XgGj3jdQ+rxhf0pzt2s7ElGR9+Ve6YiRTJsMTK3/MOms1uBZ3qD/VOUEr1OB
LZrTDec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org