Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E70ED/E6277A3EE9E111E9A5987E1FC4F9AE02/C1B0502AE9E311E9BDB21F23C4F9AE02.roa
File:                     C1B0502AE9E311E9BDB21F23C4F9AE02.roa (raw, json)
Hash identifier:          SXsJqfn15YybqwSHtHD/1SSe6d+qaes78Qzt0hxzuYU=
Subject key identifier:   45:E3:B6:15:8D:CC:4D:95:04:CA:30:11:F3:3B:CB:31:E8:4C:AE:F5
Certificate issuer:       /CN=A91E70ED/serialNumber=DA3C91F8F155D90B9987C913B24C4F9E5445E9CC
Certificate serial:       0BC3
Authority key identifier: DA:3C:91:F8:F1:55:D9:0B:99:87:C9:13:B2:4C:4F:9E:54:45:E9:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2jyR-PFV2QuZh8kTskxPnlRF6cw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E70ED/E6277A3EE9E111E9A5987E1FC4F9AE02/C1B0502AE9E311E9BDB21F23C4F9AE02.roa
Signing time:             Wed 15 Nov 2023 22:58:49 +0000
ROA not before:           Wed 15 Nov 2023 22:58:49 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     395363
IP address blocks:        103.80.4.0/24 maxlen: 24
                          103.80.5.0/24 maxlen: 24
                          103.80.6.0/24 maxlen: 24
                          2400:4840::/48 maxlen: 48
                          2400:4840:10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 17:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3011 (0xbc3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E70ED/serialNumber=DA3C91F8F155D90B9987C913B24C4F9E5445E9CC
        Validity
            Not Before: Nov 15 22:58:49 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=65554d29-17ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c4:06:a3:95:4f:85:89:53:40:88:33:9d:f1:
                    f3:6d:f5:fe:d0:03:e5:a7:67:12:7d:28:41:19:30:
                    85:f1:77:76:1a:75:7a:ee:1f:93:79:50:00:1f:05:
                    c7:a6:90:92:18:88:d9:be:dd:27:20:74:e2:11:ee:
                    6f:07:42:a3:e6:4b:20:dd:1a:45:09:d6:31:49:b9:
                    f5:85:89:98:40:63:e8:6f:83:60:5f:31:59:15:8f:
                    10:ea:84:c0:6a:50:98:52:28:39:f5:2d:f4:c0:f5:
                    c2:96:4e:29:eb:e9:3e:bb:f2:bb:f4:a9:65:52:e0:
                    7d:3f:69:c3:e5:7a:7a:d6:4d:6f:b0:64:07:02:8f:
                    17:45:8d:74:88:4a:fc:b3:a9:91:6c:32:62:87:33:
                    c2:76:a2:a3:d6:94:fd:6b:a5:f1:51:0a:d4:58:bc:
                    49:02:38:5f:c7:07:89:21:6e:11:6c:da:1d:59:a2:
                    b7:a2:2f:3c:40:8d:92:f3:d7:38:6e:a3:5c:f3:b8:
                    5b:20:2f:6e:95:e0:79:70:78:bb:fd:61:16:53:51:
                    ac:8d:01:23:97:75:e9:60:b2:1f:3a:6d:5a:79:a5:
                    b4:b9:1b:53:c0:91:db:53:a2:32:14:8c:7e:5f:d2:
                    83:a6:38:1a:3c:cf:a1:0b:06:63:48:aa:0f:40:17:
                    c4:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:E3:B6:15:8D:CC:4D:95:04:CA:30:11:F3:3B:CB:31:E8:4C:AE:F5
            X509v3 Authority Key Identifier:
                keyid:DA:3C:91:F8:F1:55:D9:0B:99:87:C9:13:B2:4C:4F:9E:54:45:E9:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E70ED/E6277A3EE9E111E9A5987E1FC4F9AE02/2jyR-PFV2QuZh8kTskxPnlRF6cw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2jyR-PFV2QuZh8kTskxPnlRF6cw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E70ED/E6277A3EE9E111E9A5987E1FC4F9AE02/C1B0502AE9E311E9BDB21F23C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.80.4.0-103.80.6.255
                IPv6:
                  2400:4840::/48
                  2400:4840:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:2a:e2:31:03:04:2b:9a:e8:be:95:6d:d2:84:59:b8:67:1f:
         6b:e6:43:93:62:3b:58:8c:ac:18:02:57:53:eb:5d:fa:94:ce:
         db:cf:74:e9:ae:fc:e8:09:ee:47:f7:73:d5:ac:9a:4e:17:88:
         92:75:54:86:87:de:c3:7c:bd:7d:f0:5b:07:33:c0:7b:ef:b4:
         73:44:6a:0a:a0:b2:df:15:6d:24:de:f2:7d:7e:70:2f:4d:1c:
         5c:08:b3:f1:82:19:f1:0e:18:03:df:52:55:f9:e3:b1:e7:ba:
         c9:44:c8:d4:b4:0f:42:3b:17:db:65:29:f1:5f:30:d4:ca:2c:
         d4:f2:7b:05:09:0e:62:82:f5:e1:b8:9b:17:74:45:1a:f4:9c:
         1f:67:5d:14:3e:d4:d5:3f:16:93:a1:36:1a:56:37:51:9a:a3:
         93:a2:a1:60:7c:c3:7f:06:e0:0d:a4:3f:7e:32:0a:83:4e:d5:
         16:a5:88:fb:36:b0:b1:e5:b3:45:5c:c2:5a:22:3b:e6:b8:22:
         15:2b:5e:f8:cd:f6:c9:ab:ab:30:1f:98:a8:7f:2d:e9:9f:dd:
         b0:11:3e:e1:0e:eb:18:9d:ad:81:f2:aa:98:59:6b:0b:83:00:
         05:6e:2e:aa:3d:55:56:98:f4:60:fe:ef:d6:63:6a:52:06:8c:
         ec:b4:86:93
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICC8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTcwRUQxMTAvBgNVBAUTKERBM0M5MUY4RjE1NUQ5MEI5OTg3QzkxM0IyNEM0RjlF
NTQ0NUU5Q0MwHhcNMjMxMTE1MjI1ODQ5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU1NGQyOS0xN2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxsQGo5VPhYlTQIgznfHzbfX+0APlp2cSfShBGTCF8Xd2GnV67h+TeVAAHwXH
ppCSGIjZvt0nIHTiEe5vB0Kj5ksg3RpFCdYxSbn1hYmYQGPob4NgXzFZFY8Q6oTA
alCYUig59S30wPXClk4p6+k+u/K79KllUuB9P2nD5Xp61k1vsGQHAo8XRY10iEr8
s6mRbDJihzPCdqKj1pT9a6XxUQrUWLxJAjhfxweJIW4RbNodWaK3oi88QI2S89c4
bqNc87hbIC9uleB5cHi7/WEWU1GsjQEjl3XpYLIfOm1aeaW0uRtTwJHbU6IyFIx+
X9KDpjgaPM+hCwZjSKoPQBfEawIDAQABo4ICtzCCArMwHQYDVR0OBBYEFEXjthWN
zE2VBMowEfM7yzHoTK71MB8GA1UdIwQYMBaAFNo8kfjxVdkLmYfJE7JMT55URenM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzBFRC9FNjI3N0EzRUU5
RTExMUU5QTU5ODdFMUZDNEY5QUUwMi8yanlSLVBGVjJRdVpoOGtUc2t4UG5sUkY2
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJqeVItUEZWMlF1Wmg4a1Rza3hQbmxSRjZjdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTcwRUQvRTYyNzdBM0VFOUUxMTFFOUE1OTg3RTFGQzRGOUFFMDIvQzFCMDUwMkFF
OUUzMTFFOUJEQjIxRjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMBQEAgABMA4wDAMEAmdQBAMEAGdQBjAYBAIAAjASAwcAJABIQAAAAwcAJABI
QAAQMA0GCSqGSIb3DQEBCwUAA4IBAQB3KuIxAwQrmui+lW3ShFm4Zx9r5kOTYjtY
jKwYAldT6136lM7bz3TprvzoCe5H93PVrJpOF4iSdVSGh97DfL198FsHM8B777Rz
RGoKoLLfFW0k3vJ9fnAvTRxcCLPxghnxDhgD31JV+eOx57rJRMjUtA9COxfbZSnx
XzDUyizU8nsFCQ5igvXhuJsXdEUa9JwfZ10UPtTVPxaToTYaVjdRmqOToqFgfMN/
BuANpD9+MgqDTtUWpYj7NrCx5bNFXMJaIjvmuCIVK174zfbJq6swH5iofy3pn92w
ET7hDusYna2B8qqYWWsLgwAFbi6qPVVWmPRg/u/WY2pSBozstIaT
-----END CERTIFICATE-----
Generated at Mon Jan 22 22:08:17 2024 by rpki-client on console-ams.rpki-client.org