Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/1E6EA9F2C00811EE8047AC78C4F9AE02.roa
File:                     1E6EA9F2C00811EE8047AC78C4F9AE02.roa (raw, json)
Hash identifier:          6zz99P4e4jECpR46ioPrlZBvUq8/GLqZLh8qtcjla2I=
Subject key identifier:   EC:45:8A:9B:C1:1E:AC:B0:C4:4F:A0:56:80:CC:AD:79:82:14:3B:B3
Certificate issuer:       /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial:       62
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/1E6EA9F2C00811EE8047AC78C4F9AE02.roa
Signing time:             Wed 31 Jan 2024 07:12:40 +0000
ROA not before:           Wed 31 Jan 2024 07:12:40 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        103.218.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 11:13:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98 (0x62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
        Validity
            Not Before: Jan 31 07:12:40 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65b9f2e8-6985
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cd:39:db:10:77:4d:f1:2a:05:e9:11:78:a2:
                    00:b6:72:35:91:3d:4d:75:6b:c4:fe:d0:1f:4d:c8:
                    b6:4c:b1:71:c0:63:93:a0:63:fe:39:c2:26:a6:be:
                    54:1b:7f:28:e9:41:9c:af:8f:64:ef:81:d3:c9:4e:
                    05:3a:24:68:a8:88:4e:58:b9:1a:89:eb:b4:59:0d:
                    27:76:c8:8f:33:95:7b:64:65:54:a2:0c:47:31:d3:
                    07:09:bb:80:40:2c:60:8f:92:40:6f:83:b7:b5:ec:
                    4d:bf:42:a4:3f:79:e9:d7:24:4b:3e:a9:59:82:97:
                    b6:ae:38:03:83:04:fb:b9:80:17:5a:12:ca:30:c8:
                    96:a5:dd:e0:30:cd:5b:54:99:a0:50:7d:fd:42:4b:
                    9e:59:5c:d3:7f:6e:a0:95:b4:a7:b0:bc:c9:a0:b6:
                    8b:5e:9c:09:8a:08:b0:db:ea:40:10:cc:7b:cd:4d:
                    a2:5e:0e:3b:83:16:2b:b4:79:a9:72:29:82:f4:75:
                    cf:28:cf:5e:77:c1:5c:ce:9c:1b:9d:c0:b7:d5:e8:
                    aa:02:55:e7:1d:12:e6:48:2a:87:dc:08:9f:92:fa:
                    fe:41:35:52:56:b8:b4:b7:1a:20:3e:13:c3:e0:30:
                    36:49:93:4d:a4:38:ba:23:59:46:0f:b9:d2:f2:dc:
                    83:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:45:8A:9B:C1:1E:AC:B0:C4:4F:A0:56:80:CC:AD:79:82:14:3B:B3
            X509v3 Authority Key Identifier:
                keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/1E6EA9F2C00811EE8047AC78C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.218.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:69:1e:23:7e:b9:7d:36:50:1f:a6:f2:a5:99:2e:f2:4f:d5:
         b0:d2:33:ce:ec:03:83:4d:aa:d4:08:8c:84:ea:d5:9d:74:ee:
         ef:5d:27:15:1d:a9:b2:8a:03:b9:ea:5d:79:99:2b:c1:ad:a4:
         9e:e6:ff:88:48:65:c9:dc:a0:c9:14:cf:a1:09:9c:1c:e2:ea:
         54:ce:68:d5:63:84:96:ea:82:f8:5b:63:39:1f:ae:26:91:1d:
         9c:ab:f4:da:ad:cd:e5:4d:4f:1f:3d:bb:fe:b5:b0:ca:c1:88:
         4e:10:47:ec:f3:76:0a:cc:66:e5:d6:0c:46:92:82:db:e3:9a:
         6b:37:d8:70:7b:62:47:9c:d6:e6:00:bb:6f:fe:6a:f2:c6:be:
         a4:7c:c1:a8:6a:0e:ec:a4:a5:66:48:e5:6f:7f:f8:fe:1c:c3:
         71:97:e4:ae:66:6f:dd:bf:9f:3d:6b:49:44:93:ad:14:79:a8:
         0e:23:dd:3e:71:83:20:59:2f:c9:aa:21:47:cc:ef:68:f8:00:
         54:34:09:20:27:8b:75:58:a8:58:cd:93:80:89:e0:72:03:38:
         b6:4c:cc:5d:74:09:50:2a:1d:69:84:99:a1:05:df:fa:53:00:
         59:50:5b:b9:c3:5b:53:2d:4d:b8:a6:d3:0a:4b:52:b1:52:f6:
         79:da:62:55
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yNDAxMzEwNzEyNDBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjlmMmU4LTY5ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPzTnbEHdN8SoF6RF4ogC2cjWRPU11a8T+0B9NyLZMsXHAY5OgY/45wiamvlQb
fyjpQZyvj2TvgdPJTgU6JGioiE5YuRqJ67RZDSd2yI8zlXtkZVSiDEcx0wcJu4BA
LGCPkkBvg7e17E2/QqQ/eenXJEs+qVmCl7auOAODBPu5gBdaEsowyJal3eAwzVtU
maBQff1CS55ZXNN/bqCVtKewvMmgtotenAmKCLDb6kAQzHvNTaJeDjuDFiu0ealy
KYL0dc8oz153wVzOnBudwLfV6KoCVecdEuZIKofcCJ+S+v5BNVJWuLS3GiA+E8Pg
MDZJk02kOLojWUYPudLy3IOLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7EWKm8Ee
rLDET6BWgMyteYIUO7MwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi8xRTZFQTlGMkMw
MDgxMUVFODA0N0FDNzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfarDANBgkqhkiG9w0BAQsFAAOCAQEAUWkeI365fTZQH6by
pZku8k/VsNIzzuwDg02q1AiMhOrVnXTu710nFR2psooDuepdeZkrwa2knub/iEhl
ydygyRTPoQmcHOLqVM5o1WOEluqC+FtjOR+uJpEdnKv02q3N5U1PHz27/rWwysGI
ThBH7PN2Csxm5dYMRpKC2+OaazfYcHtiR5zW5gC7b/5q8sa+pHzBqGoO7KSlZkjl
b3/4/hzDcZfkrmZv3b+fPWtJRJOtFHmoDiPdPnGDIFkvyaohR8zvaPgAVDQJICeL
dVioWM2TgIngcgM4tkzMXXQJUCodaYSZoQXf+lMAWVBbucNbUy1NuKbTCktSsVL2
edpiVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org