Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C2C37DA02E2D11EFBB0E692FC4F9AE02.roa
File:                     C2C37DA02E2D11EFBB0E692FC4F9AE02.roa (raw, json)
Hash identifier:          2J2MMCs2hKpGWbblZu+XEohS2/YuFGJiiNZY7bLGFSI=
Subject key identifier:   13:7C:0A:3D:A5:EA:EA:7D:E7:A1:A2:EA:A0:01:49:CD:15:75:FF:DE
Certificate issuer:       /CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
Certificate serial:       32
Authority key identifier: AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C2C37DA02E2D11EFBB0E692FC4F9AE02.roa
Signing time:             Wed 19 Jun 2024 11:19:15 +0000
ROA not before:           Wed 19 Jun 2024 11:19:15 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     23470
IP address blocks:        103.14.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jun 2024 18:08:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50 (0x32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F9353/serialNumber=ACD047D0D88E2657E12CF91301C160F1D3CD2F33
        Validity
            Not Before: Jun 19 11:19:15 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6672beb3-b393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a6:f1:8d:58:f8:32:af:b1:ff:c8:2c:9b:68:
                    c2:d7:bc:dd:b0:1a:2a:93:51:53:c5:48:92:2e:c2:
                    c0:4f:4b:45:af:f4:b1:b3:3b:c4:6b:57:52:8b:10:
                    05:6b:1f:8a:57:d3:da:9c:a1:6f:ff:30:3e:0f:74:
                    21:3d:99:c8:cd:7c:d5:a5:c5:a7:32:4a:bd:6a:d1:
                    a5:f4:0a:c7:1b:4f:83:df:1d:16:d4:39:ee:7e:b2:
                    d6:32:11:57:61:b8:d6:ed:64:3a:f0:6e:1b:5d:6c:
                    41:43:00:b0:9d:33:d6:76:2a:36:82:48:f9:3b:49:
                    4e:0a:9f:35:b8:4a:74:a5:59:ed:ec:54:b7:57:b0:
                    8b:73:8c:20:b7:95:fd:77:6a:cd:c4:0f:65:cd:b9:
                    73:0d:75:cb:95:0b:52:01:4f:e6:87:42:ff:9f:df:
                    af:ea:4f:f3:74:e4:21:da:0a:0b:c7:fe:c4:b5:10:
                    95:40:f9:b9:40:a0:c4:e6:3a:00:fe:2d:ea:6b:b3:
                    c8:b1:3d:a1:66:44:a2:cf:ab:b3:6b:0b:6c:6b:d1:
                    6a:7c:df:7d:6b:fb:27:e8:55:2c:aa:66:27:51:15:
                    b6:17:42:c1:01:19:f5:f1:a6:73:60:7d:05:a1:b6:
                    27:2c:06:1c:c9:23:e2:a2:89:15:cf:4d:96:b9:3d:
                    02:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7C:0A:3D:A5:EA:EA:7D:E7:A1:A2:EA:A0:01:49:CD:15:75:FF:DE
            X509v3 Authority Key Identifier:
                keyid:AC:D0:47:D0:D8:8E:26:57:E1:2C:F9:13:01:C1:60:F1:D3:CD:2F:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/rNBH0NiOJlfhLPkTAcFg8dPNLzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNBH0NiOJlfhLPkTAcFg8dPNLzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9353/0875E64805C611EF89620A26C4F9AE02/C2C37DA02E2D11EFBB0E692FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.14.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:93:21:81:51:de:50:ce:fc:af:5a:cc:32:27:bd:67:8f:a8:
         72:e1:9f:cb:99:db:28:e5:96:b4:bd:5f:5e:45:a5:36:64:18:
         9b:7e:17:83:c6:44:4c:a5:97:e0:40:29:5b:4e:8d:90:f2:10:
         00:be:2a:90:04:68:4a:5f:aa:2e:64:4d:f3:a3:db:30:da:8f:
         5a:89:d5:f5:da:30:c8:b9:5a:4a:6a:81:47:98:95:76:e3:25:
         8d:3e:00:b3:a0:0b:3f:f4:f9:63:37:86:01:4d:39:e6:cb:2b:
         41:47:62:63:6e:b5:51:07:83:84:8f:d9:70:e5:24:b1:cb:22:
         fc:c2:e2:13:ef:cd:3f:0d:92:a4:40:a3:fb:2f:6c:48:62:e2:
         75:a6:be:2c:96:f8:e7:92:98:03:3d:2e:b6:ef:a2:58:7d:e9:
         8f:fd:46:17:cb:78:51:f7:71:db:af:49:00:10:76:77:c5:7d:
         a6:09:7b:8d:97:e8:01:d6:b5:07:f8:28:de:e1:78:dc:5f:f9:
         d0:60:71:b3:22:b8:b3:aa:ed:fb:71:ab:bb:5f:f6:cd:76:98:
         8b:70:3a:bf:3d:bf:b3:59:3c:e5:9e:9c:71:a3:18:bf:66:54:
         3d:d6:f9:30:7b:1d:8f:04:67:4c:05:24:df:f3:d4:1e:5b:5a:
         58:83:d1:d6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OTM1MzExMC8GA1UEBRMoQUNEMDQ3RDBEODhFMjY1N0UxMkNGOTEzMDFDMTYwRjFE
M0NEMkYzMzAeFw0yNDA2MTkxMTE5MTVaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NzJiZWIzLWIzOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDopvGNWPgyr7H/yCybaMLXvN2wGiqTUVPFSJIuwsBPS0Wv9LGzO8RrV1KLEAVr
H4pX09qcoW//MD4PdCE9mcjNfNWlxacySr1q0aX0CscbT4PfHRbUOe5+stYyEVdh
uNbtZDrwbhtdbEFDALCdM9Z2KjaCSPk7SU4KnzW4SnSlWe3sVLdXsItzjCC3lf13
as3ED2XNuXMNdcuVC1IBT+aHQv+f36/qT/N05CHaCgvH/sS1EJVA+blAoMTmOgD+
Leprs8ixPaFmRKLPq7NrC2xr0Wp8331r+yfoVSyqZidRFbYXQsEBGfXxpnNgfQWh
ticsBhzJI+KiiRXPTZa5PQJ1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUE3wKPaXq
6n3noaLqoAFJzRV1/94wHwYDVR0jBBgwFoAUrNBH0NiOJlfhLPkTAcFg8dPNLzMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5MzUzLzA4NzVFNjQ4MDVD
NjExRUY4OTYyMEEyNkM0RjlBRTAyL3JOQkgwTmlPSmxmaExQa1RBY0ZnOGRQTkx6
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvck5CSDBOaU9KbGZoTFBrVEFjRmc4ZFBOTHpNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OTM1My8wODc1RTY0ODA1QzYxMUVGODk2MjBBMjZDNEY5QUUwMi9DMkMzN0RBMDJF
MkQxMUVGQkIwRTY5MkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcOFjANBgkqhkiG9w0BAQsFAAOCAQEAEZMhgVHeUM78r1rM
Mie9Z4+ocuGfy5nbKOWWtL1fXkWlNmQYm34Xg8ZETKWX4EApW06NkPIQAL4qkARo
Sl+qLmRN86PbMNqPWonV9dowyLlaSmqBR5iVduMljT4As6ALP/T5YzeGAU055ssr
QUdiY261UQeDhI/ZcOUkscsi/MLiE+/NPw2SpECj+y9sSGLidaa+LJb455KYAz0u
tu+iWH3pj/1GF8t4Ufdx269JABB2d8V9pgl7jZfoAda1B/go3uF43F/50GBxsyK4
s6rt+3Gru1/2zXaYi3A6vz2/s1k85Z6ccaMYv2ZUPdb5MHsdjwRnTAUk3/PUHlta
WIPR1g==
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:42 2024 by rpki-client on console-fra.rpki-client.org