Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7D7F944CE63711EE9235F65AC4F9AE02.roa
File:                     7D7F944CE63711EE9235F65AC4F9AE02.roa (raw, json)
Hash identifier:          FGTOqwzLHk6CfyISDfRQg479E1UFJRHn2yk0jTzEG98=
Subject key identifier:   51:A3:C3:25:0A:28:16:AB:B0:1D:C6:8A:AB:34:12:8A:1F:B7:3F:9F
Certificate issuer:       /CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
Certificate serial:       05
Authority key identifier: E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7D7F944CE63711EE9235F65AC4F9AE02.roa
Signing time:             Tue 19 Mar 2024 21:27:30 +0000
ROA not before:           Tue 19 Mar 2024 21:27:30 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     174
IP address blocks:        103.67.54.0/24 maxlen: 24
                          103.67.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Apr 2024 14:35:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FD8BE/serialNumber=E3F18D412026F31BA443EA33F56706FFB2F0F162
        Validity
            Not Before: Mar 19 21:27:30 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65fa0342-fa06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7e:f8:1e:8c:a7:be:dc:b6:ed:8b:55:3f:6c:
                    60:84:ef:15:52:b7:56:25:88:0c:78:07:bc:81:a6:
                    0b:05:7b:26:a7:e4:de:8d:1b:3c:25:91:ae:33:60:
                    47:25:e5:09:5d:60:07:76:70:82:6b:0a:2a:89:36:
                    92:82:15:9c:e4:ce:e1:70:8f:60:19:b0:c0:c0:95:
                    15:cb:5a:31:9e:9b:da:7b:ec:88:99:09:54:ce:78:
                    f1:20:3f:03:6b:30:8d:79:15:c7:9f:81:1d:e2:0e:
                    0a:f7:4a:9e:20:82:8c:bb:45:67:0e:4f:8b:a8:4c:
                    43:0b:a7:57:03:b4:eb:cf:eb:e4:1a:fd:58:8b:f3:
                    ed:18:6f:d8:27:66:7c:f6:0c:87:f1:e2:35:68:3f:
                    4c:e1:e6:42:2c:42:db:00:a5:3b:13:23:db:42:28:
                    c2:36:31:06:9d:7e:c3:66:e3:d2:bb:d6:59:88:e0:
                    56:71:91:e8:d4:73:71:b2:73:af:54:04:33:59:ef:
                    21:a9:ff:70:8e:29:6e:ab:1e:4a:c8:a5:73:76:7d:
                    f7:01:c7:fd:19:ea:ce:d6:c6:19:31:53:17:be:1c:
                    d7:a7:f6:52:b9:2f:69:87:06:2c:09:ce:4d:f6:3c:
                    e1:70:65:cf:10:0d:0e:f5:b4:fa:f6:ed:7e:d6:6f:
                    c7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A3:C3:25:0A:28:16:AB:B0:1D:C6:8A:AB:34:12:8A:1F:B7:3F:9F
            X509v3 Authority Key Identifier:
                keyid:E3:F1:8D:41:20:26:F3:1B:A4:43:EA:33:F5:67:06:FF:B2:F0:F1:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_GNQSAm8xukQ-oz9WcG_7Lw8WI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD8BE/C68EFF9EE5D611EE8B356739C4F9AE02/7D7F944CE63711EE9235F65AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.67.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:88:c9:74:78:50:69:c1:c2:63:7d:68:a4:32:42:15:c1:ec:
         ec:6f:d4:6e:85:38:c4:09:ed:69:5f:8f:5e:07:c4:78:f4:e8:
         5e:5b:7b:2d:3f:08:bb:70:79:55:93:cd:62:d1:25:fc:6a:da:
         af:f6:7f:7b:b4:bf:78:3b:b3:75:6d:6a:91:87:03:60:c9:54:
         d5:8e:52:2d:78:38:b9:e1:90:01:ce:a6:be:26:ad:c8:57:b5:
         54:55:9e:9e:cb:55:8f:ea:99:01:f6:46:ad:ef:51:cf:66:e7:
         78:1a:f9:1b:5b:07:3b:d5:60:d2:b9:cc:85:de:ed:35:49:e7:
         2d:a6:e7:be:67:e7:52:05:29:6a:c6:15:80:42:67:29:60:42:
         90:e1:24:5f:37:c5:ab:53:32:df:2d:e1:97:c6:27:d2:00:08:
         54:bf:8a:af:51:d0:36:5e:4d:09:92:82:a1:8a:75:48:3c:cc:
         17:1a:2a:dc:90:ca:9f:fe:3c:63:be:0a:f5:45:3b:34:1f:16:
         8d:28:52:85:7a:22:65:a0:39:4d:37:be:96:7f:be:9f:ec:0d:
         4e:c2:36:d1:05:de:ee:51:1a:2a:db:92:ae:b8:0a:01:de:2b:
         e5:4a:d7:51:05:79:cd:95:35:52:fb:ab:1e:32:5b:03:73:39:
         81:a8:47:84
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RDhCRTExMC8GA1UEBRMoRTNGMThENDEyMDI2RjMxQkE0NDNFQTMzRjU2NzA2RkZC
MkYwRjE2MjAeFw0yNDAzMTkyMTI3MzBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmEwMzQyLWZhMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6fvgejKe+3Lbti1U/bGCE7xVSt1YliAx4B7yBpgsFeyan5N6NGzwlka4zYEcl
5QldYAd2cIJrCiqJNpKCFZzkzuFwj2AZsMDAlRXLWjGem9p77IiZCVTOePEgPwNr
MI15FcefgR3iDgr3Sp4ggoy7RWcOT4uoTEMLp1cDtOvP6+Qa/ViL8+0Yb9gnZnz2
DIfx4jVoP0zh5kIsQtsApTsTI9tCKMI2MQadfsNm49K71lmI4FZxkejUc3Gyc69U
BDNZ7yGp/3COKW6rHkrIpXN2ffcBx/0Z6s7WxhkxUxe+HNen9lK5L2mHBiwJzk32
POFwZc8QDQ71tPr27X7Wb8exAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUaPDJQoo
FquwHcaKqzQSih+3P58wHwYDVR0jBBgwFoAU4/GNQSAm8xukQ+oz9WcG/7Lw8WIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZEOEJFL0M2OEVGRjlFRTVE
NjExRUU4QjM1NjczOUM0RjlBRTAyLzRfR05RU0FtOHh1a1Etb3o5V2NHXzdMdzhX
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNF9HTlFTQW04eHVrUS1vejlXY0dfN0x3OFdJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RDhCRS9DNjhFRkY5RUU1RDYxMUVFOEIzNTY3MzlDNEY5QUUwMi83RDdGOTQ0Q0U2
MzcxMUVFOTIzNUY2NUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdDNjANBgkqhkiG9w0BAQsFAAOCAQEAUojJdHhQacHCY31o
pDJCFcHs7G/UboU4xAntaV+PXgfEePToXlt7LT8Iu3B5VZPNYtEl/Grar/Z/e7S/
eDuzdW1qkYcDYMlU1Y5SLXg4ueGQAc6mviatyFe1VFWenstVj+qZAfZGre9Rz2bn
eBr5G1sHO9Vg0rnMhd7tNUnnLabnvmfnUgUpasYVgEJnKWBCkOEkXzfFq1My3y3h
l8Yn0gAIVL+Kr1HQNl5NCZKCoYp1SDzMFxoq3JDKn/48Y74K9UU7NB8WjShShXoi
ZaA5TTe+ln++n+wNTsI20QXe7lEaKtuSrrgKAd4r5UrXUQV5zZU1UvurHjJbA3M5
gahHhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org