Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0D86/68E7978A6CBD11EEB846F379C4F9AE02/C63CBEC86CBE11EE95D96B7CC4F9AE02.roa
File:                     C63CBEC86CBE11EE95D96B7CC4F9AE02.roa (raw, json)
Hash identifier:          kRDP/f+h5FC7ma7dc6gGGktA7H7ksRaBB0KNakKwouE=
Subject key identifier:   3B:11:F2:37:52:7C:01:6C:92:48:52:AB:44:DB:D1:CF:61:1F:5E:81
Certificate issuer:       /CN=A91F0D86/serialNumber=5F5CE28C04D16E950E0EBCD5955542483D3956D0
Certificate serial:       02
Authority key identifier: 5F:5C:E2:8C:04:D1:6E:95:0E:0E:BC:D5:95:55:42:48:3D:39:56:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X1zijATRbpUODrzVlVVCSD05VtA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F0D86/68E7978A6CBD11EEB846F379C4F9AE02/C63CBEC86CBE11EE95D96B7CC4F9AE02.roa
Signing time:             Tue 17 Oct 2023 07:28:32 +0000
ROA not before:           Tue 17 Oct 2023 07:28:32 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     45905
IP address blocks:        103.65.134.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Oct 2023 07:21:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F0D86/serialNumber=5F5CE28C04D16E950E0EBCD5955542483D3956D0
        Validity
            Not Before: Oct 17 07:28:32 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=652e37a0-5f77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:80:45:73:a6:a8:42:a0:d3:a0:af:70:c4:cd:
                    db:ca:c9:52:e4:f5:57:43:65:4a:0b:2e:2e:00:22:
                    e8:24:66:ce:84:1f:42:14:ec:70:fc:25:85:78:08:
                    02:7c:d2:35:ba:c4:cc:33:f6:b3:8a:dc:97:b9:c5:
                    a4:f7:04:76:18:e9:79:44:8a:25:62:48:f1:56:bf:
                    56:64:7a:54:bc:38:b5:eb:07:97:44:c0:77:91:29:
                    a3:ac:be:34:2e:89:13:a8:a7:05:2f:c8:b5:73:37:
                    ff:22:e8:90:77:11:ce:3a:a9:19:d4:70:e0:a6:f9:
                    01:c8:99:1c:54:b8:2c:53:c0:93:02:d3:49:a9:4f:
                    d1:1f:cb:21:a1:92:5a:5c:01:69:95:6c:ed:be:b3:
                    a7:50:7e:5c:95:43:69:f3:9a:b8:36:7a:95:e4:18:
                    12:3a:53:40:44:82:43:60:45:40:27:fd:38:be:ab:
                    04:0b:c1:5a:2e:fa:8f:b7:17:84:51:2c:b3:07:55:
                    31:dd:4b:66:f6:d9:3c:88:20:dd:76:1a:fb:5a:57:
                    9b:ae:da:43:d4:0f:d5:77:ed:2a:8c:17:05:61:45:
                    cb:e5:5b:e2:72:17:65:bc:e3:5c:16:52:02:43:74:
                    fa:08:31:a1:69:26:64:58:71:c6:2e:10:84:0e:e9:
                    e1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:11:F2:37:52:7C:01:6C:92:48:52:AB:44:DB:D1:CF:61:1F:5E:81
            X509v3 Authority Key Identifier:
                keyid:5F:5C:E2:8C:04:D1:6E:95:0E:0E:BC:D5:95:55:42:48:3D:39:56:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F0D86/68E7978A6CBD11EEB846F379C4F9AE02/X1zijATRbpUODrzVlVVCSD05VtA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X1zijATRbpUODrzVlVVCSD05VtA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0D86/68E7978A6CBD11EEB846F379C4F9AE02/C63CBEC86CBE11EE95D96B7CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.65.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:39:ef:0c:91:db:f9:b0:30:9f:8b:dd:7a:d0:58:87:fc:76:
         4d:88:99:f1:9b:8b:4b:14:a7:42:4f:d2:cb:64:99:db:48:97:
         99:b9:33:e3:29:c8:b3:f4:71:9d:e0:70:76:0e:45:a9:fe:7c:
         f2:6a:8f:4e:1b:32:e0:35:ab:96:70:37:19:14:21:e6:ae:28:
         1d:fc:7e:a1:a2:60:5d:15:e2:88:dd:7c:de:1f:89:61:d4:54:
         0d:ea:13:65:52:96:3f:7c:6e:7d:f5:bd:4f:80:4d:0e:86:99:
         90:ab:5b:35:31:94:de:a1:4b:4d:e9:45:de:5a:c1:ec:1c:0e:
         94:45:da:68:88:d2:54:c5:ee:03:5d:54:59:c1:9c:02:e8:de:
         2b:88:15:19:e1:c7:35:6a:e2:0b:bc:e8:45:f8:9b:3b:e8:ab:
         de:95:dc:e5:db:69:41:35:14:89:ec:37:7b:ba:1c:d8:15:1f:
         c5:09:09:08:6a:07:b4:ba:a2:4f:c9:17:f6:fd:70:03:eb:2d:
         f2:54:df:46:50:9f:09:77:54:77:11:f9:6c:26:d4:dc:58:b3:
         46:85:44:ce:51:d9:05:0d:4c:82:ba:bc:7c:a3:3e:84:bb:2d:
         44:55:fa:d9:6b:6c:b3:86:73:2b:44:5a:99:0d:8f:02:fe:da:
         f2:8d:ba:0d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MEQ4NjExMC8GA1UEBRMoNUY1Q0UyOEMwNEQxNkU5NTBFMEVCQ0Q1OTU1NTQyNDgz
RDM5NTZEMDAeFw0yMzEwMTcwNzI4MzJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MmUzN2EwLTVmNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdgEVzpqhCoNOgr3DEzdvKyVLk9VdDZUoLLi4AIugkZs6EH0IU7HD8JYV4CAJ8
0jW6xMwz9rOK3Je5xaT3BHYY6XlEiiViSPFWv1ZkelS8OLXrB5dEwHeRKaOsvjQu
iROopwUvyLVzN/8i6JB3Ec46qRnUcOCm+QHImRxUuCxTwJMC00mpT9EfyyGhklpc
AWmVbO2+s6dQflyVQ2nzmrg2epXkGBI6U0BEgkNgRUAn/Ti+qwQLwVou+o+3F4RR
LLMHVTHdS2b22TyIIN12GvtaV5uu2kPUD9V37SqMFwVhRcvlW+JyF2W841wWUgJD
dPoIMaFpJmRYccYuEIQO6eH5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOxHyN1J8
AWySSFKrRNvRz2EfXoEwHwYDVR0jBBgwFoAUX1zijATRbpUODrzVlVVCSD05VtAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwRDg2LzY4RTc5NzhBNkNC
RDExRUVCODQ2RjM3OUM0RjlBRTAyL1gxemlqQVRSYnBVT0RyelZsVlZDU0QwNVZ0
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWDF6aWpBVFJicFVPRHJ6VmxWVkNTRDA1VnRBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MEQ4Ni82OEU3OTc4QTZDQkQxMUVFQjg0NkYzNzlDNEY5QUUwMi9DNjNDQkVDODZD
QkUxMUVFOTVEOTZCN0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdBhjANBgkqhkiG9w0BAQsFAAOCAQEAYTnvDJHb+bAwn4vd
etBYh/x2TYiZ8ZuLSxSnQk/Sy2SZ20iXmbkz4ynIs/RxneBwdg5Fqf588mqPThsy
4DWrlnA3GRQh5q4oHfx+oaJgXRXiiN183h+JYdRUDeoTZVKWP3xuffW9T4BNDoaZ
kKtbNTGU3qFLTelF3lrB7BwOlEXaaIjSVMXuA11UWcGcAujeK4gVGeHHNWriC7zo
RfibO+ir3pXc5dtpQTUUiew3e7oc2BUfxQkJCGoHtLqiT8kX9v1wA+st8lTfRlCf
CXdUdxH5bCbU3FizRoVEzlHZBQ1Mgrq8fKM+hLstRFX62Wtss4ZzK0RamQ2PAv7a
8o26DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org