Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
File:                     974892D624CE11EF8339A27EC4F9AE02.roa (raw, json)
Hash identifier:          hEUYtRPuDXimXdo472s3iB0VEukLRZ/5qZj7XhE2It0=
Subject key identifier:   0F:E0:92:A0:CA:F9:CD:86:4E:DB:59:0F:19:7E:3C:BF:6E:B8:02:2E
Certificate issuer:       /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial:       AC
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
Signing time:             Fri 07 Jun 2024 13:05:19 +0000
ROA not before:           Fri 07 Jun 2024 13:05:19 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     151810
IP address blocks:        103.218.172.0/24 maxlen: 24
                          103.218.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Sep 2024 16:10:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172 (0xac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
        Validity
            Not Before: Jun  7 13:05:19 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6663058f-60c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:83:b6:1c:b0:de:7a:a3:d0:36:a4:56:a0:1d:
                    97:7c:e9:19:5e:02:32:ed:a1:9e:4b:71:7c:5f:47:
                    1b:94:e9:4d:5a:28:07:38:71:41:bb:6a:eb:f7:e2:
                    d4:9b:ba:65:30:3c:0a:5a:35:e7:c0:d4:58:f2:9b:
                    91:ea:ff:79:71:37:9d:6b:e9:49:eb:70:4a:bb:d1:
                    6d:87:78:c6:a6:7e:61:89:53:d1:58:f9:9d:7d:dd:
                    45:55:9a:fe:5f:dd:95:da:eb:18:c4:03:36:6e:89:
                    12:fa:a3:4e:63:0b:2c:3b:4b:51:35:99:61:c1:d0:
                    ef:06:4b:8b:41:89:b6:98:2b:df:e9:87:50:96:7f:
                    33:81:81:6e:fe:82:53:c3:62:45:c3:37:c9:9d:f2:
                    4c:67:7c:18:da:84:1c:f8:d0:fc:ce:cc:1f:9f:4f:
                    20:fd:9a:2b:6c:5c:ab:29:9c:08:d0:a3:de:1c:77:
                    99:a0:50:7a:5e:a4:18:06:ca:c3:b5:95:ee:2a:66:
                    0b:c6:d6:de:ac:c5:2a:88:59:3f:bd:09:6c:06:96:
                    e6:b5:e2:b1:15:b0:06:77:65:6d:40:ff:21:0e:6a:
                    7f:5c:69:6c:a6:90:85:5c:cb:5c:e6:ce:d1:8a:59:
                    ea:9a:8f:5c:94:f7:36:04:b5:e5:35:bd:20:f5:96:
                    05:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E0:92:A0:CA:F9:CD:86:4E:DB:59:0F:19:7E:3C:BF:6E:B8:02:2E
            X509v3 Authority Key Identifier:
                keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/974892D624CE11EF8339A27EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.218.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:3c:83:00:07:fd:ef:a7:b5:3b:dd:72:bd:2f:8b:fb:c4:55:
         6e:3d:6b:bf:50:63:7a:13:62:cc:71:29:9d:22:99:0e:a6:a6:
         cd:b6:85:ee:a9:80:e4:b1:22:e7:f4:96:5c:12:d0:0f:0a:c1:
         f1:28:6f:0f:ca:8a:0e:b8:b6:e5:52:bf:bd:39:ff:15:09:f1:
         35:88:09:a0:07:ae:29:2d:12:69:7b:16:e7:e8:86:1a:60:70:
         02:d6:a5:41:97:5a:23:b4:08:25:7e:fd:96:e8:47:b6:75:ec:
         c5:12:c1:63:6a:00:3f:da:ea:a7:22:0e:ba:61:5e:22:d1:86:
         dd:f6:85:31:1a:ff:9e:81:f8:9b:fc:82:ec:87:23:f3:26:07:
         e6:49:b4:8f:68:12:a9:ab:03:8d:81:07:8c:0f:ef:f8:d9:ce:
         c1:6d:fe:85:61:94:c4:c5:68:72:55:20:7c:af:c1:59:a4:3b:
         47:2c:fd:54:9d:f2:ef:d1:5c:42:3e:05:02:cc:16:6f:59:c5:
         2f:a9:70:da:0b:42:e5:31:3b:9c:72:37:85:d1:bc:2d:dc:77:
         5f:04:49:b1:9e:a8:59:6e:6f:53:4e:f5:71:ea:c1:86:d3:de:
         ed:58:e5:e9:34:cc:c5:43:2b:ae:22:5a:a2:9c:76:8f:c7:a6:
         84:71:41:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQwNjA3MTMwNTE5WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYzMDU4Zi02MGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnIO2HLDeeqPQNqRWoB2XfOkZXgIy7aGeS3F8X0cblOlNWigHOHFBu2rr9+LU
m7plMDwKWjXnwNRY8puR6v95cTeda+lJ63BKu9Fth3jGpn5hiVPRWPmdfd1FVZr+
X92V2usYxAM2bokS+qNOYwssO0tRNZlhwdDvBkuLQYm2mCvf6YdQln8zgYFu/oJT
w2JFwzfJnfJMZ3wY2oQc+ND8zswfn08g/ZorbFyrKZwI0KPeHHeZoFB6XqQYBsrD
tZXuKmYLxtberMUqiFk/vQlsBpbmteKxFbAGd2VtQP8hDmp/XGlsppCFXMtc5s7R
ilnqmo9clPc2BLXlNb0g9ZYFzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA/gkqDK
+c2GTttZDxl+PL9uuAIuMB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvOTc0ODkyRDYy
NENFMTFFRjgzMzlBMjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn2qwwDQYJKoZIhvcNAQELBQADggEBAB88gwAH/e+ntTvd
cr0vi/vEVW49a79QY3oTYsxxKZ0imQ6mps22he6pgOSxIuf0llwS0A8KwfEobw/K
ig64tuVSv705/xUJ8TWICaAHriktEml7FufohhpgcALWpUGXWiO0CCV+/ZboR7Z1
7MUSwWNqAD/a6qciDrphXiLRht32hTEa/56B+Jv8guyHI/MmB+ZJtI9oEqmrA42B
B4wP7/jZzsFt/oVhlMTFaHJVIHyvwVmkO0cs/VSd8u/RXEI+BQLMFm9ZxS+pcNoL
QuUxO5xyN4XRvC3cd18ESbGeqFlub1NO9XHqwYbT3u1Y5ek0zMVDK64iWqKcdo/H
poRxQYw=
-----END CERTIFICATE-----
Generated at Sun Sep 1 18:04:15 2024 by rpki-client on console-fra.rpki-client.org