Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
File:                     57787F4CE90211EA90508273C4F9AE02.roa (raw, json)
Hash identifier:          uPzmKNatWWQkNp8x+zlq+NQrlZ/SAL+Q1qeZRNXxNP8=
Subject key identifier:   38:28:12:EC:E6:5B:C8:02:CF:45:BB:79:DD:5F:DD:F5:CA:5D:38:C9
Certificate issuer:       /CN=A91EEAF9/serialNumber=DEBD28537A92EB13DA80F79884AEFB7F5169A879
Certificate serial:       06E0
Authority key identifier: DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3r0oU3qS6xPagPeYhK77f1FpqHk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
Signing time:             Wed 06 Dec 2023 22:29:53 +0000
ROA not before:           Wed 06 Dec 2023 22:29:53 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     17483
IP address blocks:        103.252.184.0/24 maxlen: 24
                          103.252.185.0/24 maxlen: 24
                          103.252.186.0/24 maxlen: 24
                          103.252.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 22 Oct 2024 06:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1760 (0x6e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EEAF9/serialNumber=DEBD28537A92EB13DA80F79884AEFB7F5169A879
        Validity
            Not Before: Dec  6 22:29:53 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=6570f5e1-46b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:77:73:40:db:0f:42:be:e2:b3:db:12:0c:78:
                    4d:6c:e2:18:fb:c5:d6:18:15:2d:90:23:09:ee:21:
                    eb:40:73:f9:a5:6b:ea:78:50:b5:c1:b1:97:db:00:
                    ae:3e:38:72:1e:83:65:f7:5f:bb:1b:a5:6e:51:62:
                    df:2d:90:ce:06:3a:93:d4:90:f5:c6:d4:48:26:6e:
                    6e:85:13:72:cc:8f:6a:57:96:68:f1:6a:3e:db:98:
                    e2:9c:6b:5a:e5:61:4a:3b:91:cd:e6:58:8a:c5:bb:
                    52:2a:22:ce:11:ef:c9:d2:f8:f9:2d:3e:b1:4b:fd:
                    04:56:d5:99:6b:e1:81:9e:02:4e:d0:c8:62:50:b7:
                    5b:e2:8d:aa:b9:7c:5d:af:25:a9:e9:33:1d:d5:bd:
                    b5:3d:10:58:f9:f1:ef:b7:c2:b8:b5:20:9c:16:a8:
                    af:fd:f8:90:2f:a4:85:f8:07:4c:63:5a:15:e7:96:
                    0d:43:e2:18:c4:ca:84:84:58:dc:13:2e:31:8c:fe:
                    a7:af:40:47:a3:f3:95:4e:76:07:4f:1f:1a:e8:ab:
                    77:d1:26:12:b2:77:e8:93:4a:a5:94:1f:40:8e:25:
                    40:1b:6d:41:70:c5:86:55:2b:77:1f:3e:e0:21:6a:
                    5f:3f:54:d3:f7:b6:c3:8d:b8:0c:f5:bf:98:44:29:
                    4f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:28:12:EC:E6:5B:C8:02:CF:45:BB:79:DD:5F:DD:F5:CA:5D:38:C9
            X509v3 Authority Key Identifier:
                keyid:DE:BD:28:53:7A:92:EB:13:DA:80:F7:98:84:AE:FB:7F:51:69:A8:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/3r0oU3qS6xPagPeYhK77f1FpqHk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3r0oU3qS6xPagPeYhK77f1FpqHk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEAF9/E61E7D5CE90011EAB59F6971C4F9AE02/57787F4CE90211EA90508273C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.252.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:a2:5c:5b:a5:d6:80:12:a1:b5:74:d7:b7:83:8d:e9:f4:31:
         9a:fc:fb:ec:c8:8f:e4:da:8f:f0:01:30:90:9b:ab:4b:b6:ba:
         02:2e:22:67:4d:04:dd:14:af:ee:e9:50:72:c0:2a:34:a1:b1:
         42:dc:93:0d:57:3a:49:2f:f5:0e:91:67:e7:38:fe:ec:66:25:
         c2:eb:d5:8c:59:9b:fa:41:a1:e3:fd:5b:02:a6:99:68:d8:2a:
         a3:5d:70:ee:07:a2:61:97:df:80:cc:29:8a:f9:81:dd:55:f8:
         e7:ac:f6:c4:14:38:fe:f3:30:1b:cc:bb:6a:da:34:c0:a0:5b:
         3c:61:07:5a:9a:72:ca:77:45:be:70:9d:0e:9f:52:3e:6f:37:
         2f:87:9c:a1:f9:c1:c9:65:86:60:d1:34:d8:bd:52:8d:1b:c9:
         2e:2a:37:9e:08:ef:92:62:5a:95:9f:67:33:90:68:dd:2e:2f:
         44:d7:7e:a8:0b:06:e2:55:fd:eb:93:9b:11:d3:b9:21:77:6b:
         77:fc:c4:e9:a8:03:9e:80:8a:cd:b5:f9:02:9b:e4:41:68:0e:
         21:2d:e0:fd:a2:72:df:0c:bd:2d:76:e0:98:89:0c:f0:e5:f3:
         b5:59:aa:e1:39:78:51:e7:3f:82:f0:f8:40:ba:53:8f:e0:01:
         2f:fc:b4:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVBRjkxMTAvBgNVBAUTKERFQkQyODUzN0E5MkVCMTNEQTgwRjc5ODg0QUVGQjdG
NTE2OUE4NzkwHhcNMjMxMjA2MjIyOTUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwZjVlMS00NmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtXdzQNsPQr7is9sSDHhNbOIY+8XWGBUtkCMJ7iHrQHP5pWvqeFC1wbGX2wCu
PjhyHoNl91+7G6VuUWLfLZDOBjqT1JD1xtRIJm5uhRNyzI9qV5Zo8Wo+25jinGta
5WFKO5HN5liKxbtSKiLOEe/J0vj5LT6xS/0EVtWZa+GBngJO0MhiULdb4o2quXxd
ryWp6TMd1b21PRBY+fHvt8K4tSCcFqiv/fiQL6SF+AdMY1oV55YNQ+IYxMqEhFjc
Ey4xjP6nr0BHo/OVTnYHTx8a6Kt30SYSsnfok0qllB9AjiVAG21BcMWGVSt3Hz7g
IWpfP1TT97bDjbgM9b+YRClPTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDgoEuzm
W8gCz0W7ed1f3fXKXTjJMB8GA1UdIwQYMBaAFN69KFN6kusT2oD3mISu+39Raah5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUFGOS9FNjFFN0Q1Q0U5
MDAxMUVBQjU5RjY5NzFDNEY5QUUwMi8zcjBvVTNxUzZ4UGFnUGVZaEs3N2YxRnBx
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNyMG9VM3FTNnhQYWdQZVloSzc3ZjFGcHFIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVBRjkvRTYxRTdENUNFOTAwMTFFQUI1OUY2OTcxQzRGOUFFMDIvNTc3ODdGNENF
OTAyMTFFQTkwNTA4MjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn/LgwDQYJKoZIhvcNAQELBQADggEBAAGiXFul1oASobV0
17eDjen0MZr8++zIj+Taj/ABMJCbq0u2ugIuImdNBN0Ur+7pUHLAKjShsULckw1X
Okkv9Q6RZ+c4/uxmJcLr1YxZm/pBoeP9WwKmmWjYKqNdcO4HomGX34DMKYr5gd1V
+Oes9sQUOP7zMBvMu2raNMCgWzxhB1qacsp3Rb5wnQ6fUj5vNy+HnKH5wcllhmDR
NNi9Uo0byS4qN54I75JiWpWfZzOQaN0uL0TXfqgLBuJV/euTmxHTuSF3a3f8xOmo
A56Ais21+QKb5EFoDiEt4P2ict8MvS124JiJDPDl87VZquE5eFHnP4Lw+EC6U4/g
AS/8tFo=
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:44:36 2024 by rpki-client on console-ams.rpki-client.org