Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/F5FEF28652EA11EEA37F4F18C4F9AE02.roa
File:                     F5FEF28652EA11EEA37F4F18C4F9AE02.roa (raw, json)
Hash identifier:          9OeHVNa1vCKTXoCuJzFhRj1YUoHqnt/QNlk2P9G0Y48=
Subject key identifier:   E3:09:51:43:05:9D:ED:3D:54:60:D5:2F:F0:F3:59:88:2F:F2:FF:FC
Certificate issuer:       /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial:       02
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/F5FEF28652EA11EEA37F4F18C4F9AE02.roa
Signing time:             Thu 14 Sep 2023 10:39:20 +0000
ROA not before:           Thu 14 Sep 2023 10:39:20 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     151810
IP address blocks:        103.218.172.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 15 Sep 2023 06:55:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
        Validity
            Not Before: Sep 14 10:39:20 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6502e2d8-de04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:08:a3:55:b2:9b:de:f0:cb:97:03:87:e3:18:
                    6f:cb:31:aa:ff:75:1b:7a:e6:68:3f:4e:08:19:6a:
                    bd:56:3a:a1:91:9a:3e:d4:3f:1a:51:24:6c:af:e4:
                    f9:f6:be:2d:1d:ae:d3:37:99:8f:8c:10:11:cb:f3:
                    ef:cb:60:7b:8f:d9:73:37:96:fe:5a:e2:ec:7b:99:
                    6b:0c:93:d2:17:9a:8a:5e:11:24:56:ed:7b:41:db:
                    f5:44:f7:a6:07:1f:33:93:50:e6:22:d6:de:20:6c:
                    d2:14:a0:3c:77:89:6a:24:ac:f3:59:c7:35:54:44:
                    53:92:b7:85:e2:4a:2f:4e:39:b4:62:40:4e:49:dd:
                    e0:0c:76:c4:83:f6:84:e6:82:97:26:cc:8b:22:ef:
                    e3:1a:4b:f5:bd:d1:91:80:a8:44:ac:88:8c:85:2f:
                    77:59:49:e3:fe:3e:cd:9f:2e:ff:47:3d:e8:7c:15:
                    2e:eb:69:94:69:fb:6d:c8:6b:e4:b4:73:a2:77:32:
                    22:ef:17:e2:41:c2:4d:6e:90:0f:e2:8f:55:30:5d:
                    96:89:28:6c:7b:31:69:f7:56:94:96:05:f1:ec:cb:
                    cb:a3:27:4e:db:01:6f:c4:13:3f:96:b5:d6:8e:b0:
                    ab:e3:8b:c1:ec:8b:71:36:9c:c8:95:ad:82:a1:94:
                    91:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:09:51:43:05:9D:ED:3D:54:60:D5:2F:F0:F3:59:88:2F:F2:FF:FC
            X509v3 Authority Key Identifier:
                keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/F5FEF28652EA11EEA37F4F18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.218.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:39:c9:17:7a:d9:b9:af:e1:05:82:c1:e9:60:1a:45:34:20:
         0a:30:42:cc:b2:d6:5b:70:06:44:cb:71:55:26:a7:b4:cf:69:
         af:51:7a:c8:e9:d5:77:ab:d0:d9:75:d1:e6:a5:40:95:92:dd:
         86:d9:e5:7d:d1:9a:3d:c4:9c:db:e9:1b:52:42:e5:3e:83:43:
         96:e0:b6:ae:bb:c1:77:20:d5:08:54:4b:e2:dc:89:45:70:7a:
         7b:8f:0d:10:02:99:e5:ab:c5:9e:ac:23:92:dc:82:31:c1:df:
         8e:eb:94:28:f9:a4:38:55:5e:bf:ab:4b:7f:56:c8:52:1c:40:
         6d:97:83:2f:9f:01:79:9d:9e:6d:0c:89:2d:79:d8:a0:cb:f9:
         37:1a:31:f6:50:11:d8:af:d5:b4:a1:90:41:e5:1a:44:b8:3f:
         18:ba:c6:e8:ec:bc:0c:d9:7a:e2:22:cc:2d:d5:9b:69:1a:ea:
         dd:43:43:37:8e:a2:e5:b5:c9:6b:d3:65:b5:8d:01:22:83:47:
         ff:36:aa:8f:88:2c:41:90:44:30:e3:b0:3d:53:88:a6:67:b9:
         72:20:05:d8:0a:56:ef:43:3e:30:57:3b:15:fa:e6:a6:b4:8c:
         bb:ee:84:7b:0b:7c:8e:9c:db:42:4e:6a:97:95:62:9a:d6:3e:
         58:fa:08:51
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTdBQTExMC8GA1UEBRMoMDk0NzA1MUVGQTUwNDI5MjE1NzUwQTQ4QkMwMzFBREE5
MjZFRjY2RTAeFw0yMzA5MTQxMDM5MjBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDJlMmQ4LWRlMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDiCKNVspve8MuXA4fjGG/LMar/dRt65mg/TggZar1WOqGRmj7UPxpRJGyv5Pn2
vi0drtM3mY+MEBHL8+/LYHuP2XM3lv5a4ux7mWsMk9IXmopeESRW7XtB2/VE96YH
HzOTUOYi1t4gbNIUoDx3iWokrPNZxzVURFOSt4XiSi9OObRiQE5J3eAMdsSD9oTm
gpcmzIsi7+MaS/W90ZGAqESsiIyFL3dZSeP+Ps2fLv9HPeh8FS7raZRp+23Ia+S0
c6J3MiLvF+JBwk1ukA/ij1UwXZaJKGx7MWn3VpSWBfHsy8ujJ07bAW/EEz+WtdaO
sKvji8Hsi3E2nMiVrYKhlJEvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU4wlRQwWd
7T1UYNUv8PNZiC/y//wwHwYDVR0jBBgwFoAUCUcFHvpQQpIVdQpIvAMa2pJu9m4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0FBLzQxRjBGOTdFNTJC
ODExRUU4RTQzMDAwREM0RjlBRTAyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTlt
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ1VjRkh2cFFRcElWZFFwSXZBTWEycEp1OW00LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTdBQS80MUYwRjk3RTUyQjgxMUVFOEU0MzAwMERDNEY5QUUwMi9GNUZFRjI4NjUy
RUExMUVFQTM3RjRGMThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfarDANBgkqhkiG9w0BAQsFAAOCAQEAnTnJF3rZua/hBYLB
6WAaRTQgCjBCzLLWW3AGRMtxVSantM9pr1F6yOnVd6vQ2XXR5qVAlZLdhtnlfdGa
PcSc2+kbUkLlPoNDluC2rrvBdyDVCFRL4tyJRXB6e48NEAKZ5avFnqwjktyCMcHf
juuUKPmkOFVev6tLf1bIUhxAbZeDL58BeZ2ebQyJLXnYoMv5Nxox9lAR2K/VtKGQ
QeUaRLg/GLrG6Oy8DNl64iLMLdWbaRrq3UNDN46i5bXJa9NltY0BIoNH/zaqj4gs
QZBEMOOwPVOIpme5ciAF2ApW70M+MFc7FfrmprSMu+6Eewt8jpzbQk5ql5VimtY+
WPoIUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org