Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa
File:                     0AA6EF265FA311EE90BA7329C4F9AE02.roa (raw, json)
Hash identifier:          hM8PEGfaJ3T2NT4PUF9FfI7k/P6ShySZJUysAivogJk=
Subject key identifier:   F0:24:79:22:DF:15:F6:26:79:89:7D:E0:19:4A:85:A2:F9:EA:41:CA
Certificate issuer:       /CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75
Certificate serial:       56
Authority key identifier: 7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa
Signing time:             Fri 01 Mar 2024 07:38:40 +0000
ROA not before:           Fri 01 Mar 2024 07:38:40 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     64021
IP address blocks:        43.230.8.0/24 maxlen: 24
                          43.230.10.0/24 maxlen: 24
                          43.230.11.0/24 maxlen: 24
                          103.49.60.0/24 maxlen: 24
                          103.49.61.0/24 maxlen: 24
                          103.49.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Jun 2024 02:12:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86 (0x56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75
        Validity
            Not Before: Mar  1 07:38:40 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e18600-9794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ea:e8:76:d3:61:33:cd:59:46:b0:bb:a2:03:
                    ba:43:18:5f:d1:3b:70:b2:1a:82:2d:b1:ac:33:82:
                    86:87:2e:94:0f:76:47:9c:17:97:87:cf:04:a5:d1:
                    d4:67:ca:91:73:72:f4:2c:5a:ad:94:2c:2e:40:c1:
                    8b:11:4f:86:ce:e2:cf:2e:a6:a6:d6:6b:0d:82:a5:
                    62:27:ee:89:ed:16:70:0f:30:5e:4d:ec:02:8d:b6:
                    37:c3:34:65:a6:bd:ea:52:9c:3e:97:16:2e:95:b0:
                    fd:f1:55:be:af:dd:25:2c:32:3d:07:59:b7:90:80:
                    f5:88:78:dd:59:3b:54:bc:49:70:65:db:79:9c:03:
                    0b:73:d6:59:70:14:86:5c:52:fb:96:2b:b9:79:83:
                    ee:30:3c:0b:a5:51:bc:33:ad:47:5b:b7:c5:a1:64:
                    16:ed:79:0f:ac:10:73:69:8a:95:1b:85:85:2b:15:
                    e1:cd:57:4e:f2:04:9d:a5:26:42:64:a8:a3:d5:60:
                    9b:27:da:b7:0c:ff:9c:12:76:d1:88:16:f1:6c:e9:
                    ca:eb:c8:30:ac:36:7b:95:58:0a:65:1a:8a:c7:2c:
                    e0:4e:98:0b:67:f2:79:19:e9:d7:0a:93:c2:11:35:
                    1b:4a:9b:72:76:bd:0c:45:85:53:24:7a:f8:09:4d:
                    df:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:24:79:22:DF:15:F6:26:79:89:7D:E0:19:4A:85:A2:F9:EA:41:CA
            X509v3 Authority Key Identifier:
                keyid:7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/e1mk24bvVBn3rb3aHfUrUJ7m33U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.8.0/24
                  43.230.10.0/23
                  103.49.60.0-103.49.62.255

    Signature Algorithm: sha256WithRSAEncryption
         b4:b2:19:67:5e:f3:3c:f2:f3:e2:f8:4f:50:a5:42:8c:d4:df:
         01:c7:95:b2:10:80:a8:87:78:39:d4:8a:2c:67:06:c8:b7:b7:
         f3:96:8c:78:2b:87:67:34:eb:73:e1:63:96:8e:86:b1:d3:26:
         45:e1:fb:9d:d1:ad:59:40:f5:24:c6:b9:e9:09:4f:e1:40:bd:
         30:0e:62:ea:fb:f2:bb:4b:09:50:e1:07:97:94:cb:20:92:de:
         62:45:67:85:e5:6d:16:b8:a4:43:bc:b9:cf:fe:4b:4b:66:3e:
         4c:eb:95:51:eb:46:79:45:00:94:7c:68:74:6c:a7:68:81:c5:
         f1:9d:bf:7e:64:b8:a5:d8:2b:fa:0f:0a:dd:f8:73:4e:2b:18:
         bf:b2:bd:0d:82:5d:85:e9:40:fc:b1:b0:8c:67:f0:09:6f:20:
         eb:f6:bd:96:c6:fe:ce:22:b9:eb:65:82:a0:12:bb:9c:46:d7:
         32:59:ee:8f:97:6f:7a:ea:4b:bc:b4:10:ab:1b:19:cc:b4:2a:
         cf:09:8f:0d:f4:9b:e5:0e:d1:28:e1:9f:6a:bc:c3:d1:17:49:
         5a:83:b5:34:52:e8:83:28:5d:10:84:1f:1d:bf:65:f4:ce:1a:
         1d:93:79:5f:39:82:dc:09:bc:9e:b7:a8:32:82:96:24:77:cc:
         86:3c:45:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
Mzg1MzExMC8GA1UEBRMoN0I1OUE0REI4NkVGNTQxOUY3QURCRERBMURGNTJCNTA5
RUU2REY3NTAeFw0yNDAzMDEwNzM4NDBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTE4NjAwLTk3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDI6uh202EzzVlGsLuiA7pDGF/RO3CyGoItsawzgoaHLpQPdkecF5eHzwSl0dRn
ypFzcvQsWq2ULC5AwYsRT4bO4s8upqbWaw2CpWIn7ontFnAPMF5N7AKNtjfDNGWm
vepSnD6XFi6VsP3xVb6v3SUsMj0HWbeQgPWIeN1ZO1S8SXBl23mcAwtz1llwFIZc
UvuWK7l5g+4wPAulUbwzrUdbt8WhZBbteQ+sEHNpipUbhYUrFeHNV07yBJ2lJkJk
qKPVYJsn2rcM/5wSdtGIFvFs6crryDCsNnuVWAplGorHLOBOmAtn8nkZ6dcKk8IR
NRtKm3J2vQxFhVMkevgJTd9BAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQU8CR5It8V
9iZ5iX3gGUqFovnqQcowHwYDVR0jBBgwFoAUe1mk24bvVBn3rb3aHfUrUJ7m33Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzODUzL0YwMUY2MzI4NUZB
MTExRUVCRDlBRjgyOEM0RjlBRTAyL2UxbWsyNGJ2VkJuM3JiM2FIZlVyVUo3bTMz
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZTFtazI0YnZWQm4zcmIzYUhmVXJVSjdtMzNVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
Mzg1My9GMDFGNjMyODVGQTExMUVFQkQ5QUY4MjhDNEY5QUUwMi8wQUE2RUYyNjVG
QTMxMUVFOTBCQTczMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEACvmCAMEASvmCjAMAwQCZzE8AwQAZzE+MA0GCSqGSIb3DQEB
CwUAA4IBAQC0shlnXvM88vPi+E9QpUKM1N8Bx5WyEICoh3g51IosZwbIt7fzlox4
K4dnNOtz4WOWjoax0yZF4fud0a1ZQPUkxrnpCU/hQL0wDmLq+/K7SwlQ4QeXlMsg
kt5iRWeF5W0WuKRDvLnP/ktLZj5M65VR60Z5RQCUfGh0bKdogcXxnb9+ZLil2Cv6
Dwrd+HNOKxi/sr0Ngl2F6UD8sbCMZ/AJbyDr9r2Wxv7OIrnrZYKgErucRtcyWe6P
l2966ku8tBCrGxnMtCrPCY8N9JvlDtEo4Z9qvMPRF0lag7U0UuiDKF0QhB8dv2X0
zhodk3lfOYLcCbyet6gygpYkd8yGPEX1
-----END CERTIFICATE-----
Generated at Thu Jun 13 02:57:10 2024 by rpki-client on console-fra.rpki-client.org