Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
File:                     68E96E5E09E611EFABB7B40EC4F9AE02.roa (raw, json)
Hash identifier:          WU5HiQLq3a8OwuaojmyQXFf4nxFp9ZCDZT9TUKBk+QQ=
Subject key identifier:   DD:10:1E:EB:DE:87:83:7F:93:9D:5C:DF:9B:5B:D3:33:57:18:96:CB
Certificate issuer:       /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial:       09
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
Signing time:             Sat 04 May 2024 08:21:52 +0000
ROA not before:           Sat 04 May 2024 08:21:52 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     152698
IP address blocks:        103.14.22.0/24 maxlen: 24
                          103.14.23.0/24 maxlen: 24
                          2001:df3:ad40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 07 May 2024 17:11:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
        Validity
            Not Before: May  4 08:21:52 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6635f01f-96af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:f0:0a:69:3a:ad:8e:36:6b:7f:e6:62:cd:03:
                    96:6a:35:e4:59:35:f8:87:f6:3c:45:00:50:19:54:
                    17:c0:c5:a5:cc:23:66:34:5f:d0:f2:5a:46:2e:62:
                    90:7a:cd:a4:00:90:e2:72:74:46:9b:de:85:49:6c:
                    10:23:28:37:2f:13:70:09:7e:63:ac:0f:59:41:04:
                    ec:9b:13:f1:30:74:52:e2:ac:a6:7a:90:f1:b1:9e:
                    89:21:ad:6a:81:7b:f3:b3:ba:76:db:b4:d3:e8:33:
                    0b:eb:c0:0c:71:94:2d:be:3f:2e:43:75:90:14:d0:
                    16:53:03:17:2f:89:0b:2e:3e:a7:95:c9:bd:c5:df:
                    1f:88:50:40:93:4a:85:cb:1d:a8:bf:a1:92:58:ff:
                    9e:6a:c9:72:0d:b8:d9:76:b5:82:3b:0e:e5:b1:74:
                    a5:bb:e0:97:96:00:8c:e3:71:8b:d7:9a:ff:7d:d9:
                    2d:f6:13:6c:de:5a:c3:b0:56:44:7d:25:d3:36:7f:
                    88:42:dd:d8:5a:93:2a:5e:13:7c:7a:7d:ed:23:97:
                    91:99:2e:35:22:d6:a4:79:b9:9d:7c:c5:6a:66:9c:
                    d1:40:f1:57:6e:1f:ac:c8:9f:9d:ce:5d:6f:78:a2:
                    1d:bd:1c:d9:26:b4:0d:5a:49:2b:34:0f:84:6b:28:
                    ac:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:10:1E:EB:DE:87:83:7F:93:9D:5C:DF:9B:5B:D3:33:57:18:96:CB
            X509v3 Authority Key Identifier:
                keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/68E96E5E09E611EFABB7B40EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.14.22.0/23
                IPv6:
                  2001:df3:ad40::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:68:08:b6:20:41:98:ae:31:80:70:4d:5e:36:c6:53:6c:20:
         e0:eb:b4:82:31:33:36:77:41:32:65:c8:6f:2e:6c:7c:7b:ff:
         4f:f3:79:7e:00:10:59:26:f5:5e:a0:c4:32:fc:de:39:56:8d:
         0a:b4:af:6f:e4:3c:3a:c1:be:08:fb:d4:f7:2d:02:60:d3:29:
         71:1d:a5:80:87:48:34:26:4b:eb:57:66:5a:be:e2:c0:ec:0d:
         5a:c0:e8:98:64:a9:bd:61:8d:3c:43:9c:e5:79:93:4e:89:72:
         74:03:6a:a1:35:0a:b9:f1:85:bd:96:71:7f:16:03:e4:b2:9c:
         a2:a6:15:b9:dd:16:af:c6:28:b1:f2:71:63:4e:3c:8e:71:2b:
         75:1b:55:b3:07:52:01:df:5c:9a:7e:b5:e7:83:9d:e1:d3:b9:
         0a:19:ab:fe:ac:87:bd:6f:50:ac:2a:8a:5a:ae:93:56:13:4a:
         55:db:43:f9:76:43:9e:dc:92:71:ef:25:a2:17:e0:28:ca:f5:
         22:93:97:80:af:20:89:33:7d:33:a7:ab:7f:91:7f:13:76:99:
         79:6f:0c:aa:e8:2b:07:e9:ac:46:56:db:81:83:84:c8:4a:f6:
         29:55:b0:d5:33:4a:bd:2a:f3:cb:cf:56:74:bb:a6:78:3d:85:
         af:ff:79:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OTM1MzExMC8GA1UEBRMoQUNEMDQ3RDBEODhFMjY1N0UxMkNGOTEzMDFDMTYwRjFE
M0NEMkYzMzAeFw0yNDA1MDQwODIxNTJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzVmMDFmLTk2YWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDx8AppOq2ONmt/5mLNA5ZqNeRZNfiH9jxFAFAZVBfAxaXMI2Y0X9DyWkYuYpB6
zaQAkOJydEab3oVJbBAjKDcvE3AJfmOsD1lBBOybE/EwdFLirKZ6kPGxnokhrWqB
e/OzunbbtNPoMwvrwAxxlC2+Py5DdZAU0BZTAxcviQsuPqeVyb3F3x+IUECTSoXL
Hai/oZJY/55qyXINuNl2tYI7DuWxdKW74JeWAIzjcYvXmv992S32E2zeWsOwVkR9
JdM2f4hC3dhakypeE3x6fe0jl5GZLjUi1qR5uZ18xWpmnNFA8VduH6zIn53OXW94
oh29HNkmtA1aSSs0D4RrKKwPAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU3RAe696H
g3+TnVzfm1vTM1cYlsswHwYDVR0jBBgwFoAUrNBH0NiOJlfhLPkTAcFg8dPNLzMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5MzUzLzA4NzVFNjQ4MDVD
NjExRUY4OTYyMEEyNkM0RjlBRTAyL3JOQkgwTmlPSmxmaExQa1RBY0ZnOGRQTkx6
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvck5CSDBOaU9KbGZoTFBrVEFjRmc4ZFBOTHpNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OTM1My8wODc1RTY0ODA1QzYxMUVGODk2MjBBMjZDNEY5QUUwMi82OEU5NkU1RTA5
RTYxMUVGQUJCN0I0MEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcOFjAPBAIAAjAJAwcAIAEN861AMA0GCSqGSIb3DQEBCwUA
A4IBAQAVaAi2IEGYrjGAcE1eNsZTbCDg67SCMTM2d0EyZchvLmx8e/9P83l+ABBZ
JvVeoMQy/N45Vo0KtK9v5Dw6wb4I+9T3LQJg0ylxHaWAh0g0JkvrV2ZavuLA7A1a
wOiYZKm9YY08Q5zleZNOiXJ0A2qhNQq58YW9lnF/FgPkspyiphW53Ravxiix8nFj
TjyOcSt1G1WzB1IB31yafrXng53h07kKGav+rIe9b1CsKoparpNWE0pV20P5dkOe
3JJx7yWiF+AoyvUik5eAryCJM30zp6t/kX8Tdpl5bwyq6CsH6axGVtuBg4TISvYp
VbDVM0q9KvPLz1Z0u6Z4PYWv/3lX
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org