Route Origin Authorization

$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
File:                     3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa (raw, json)
Hash identifier:          5+Yi9Vo9POIAt48DtMn/XCDAAlAOwTmbvxzsoDOpUYQ=
Subject key identifier:   72:60:9E:08:D5:80:83:37:7C:3F:C6:29:C3:29:CD:8B:8F:44:07:06
Certificate issuer:       /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial:       7A6E53CBB85B3ACB57392ECAD4DF5998222F34CF
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access:      rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
Signing time:             Sat 15 Jun 2024 12:00:01 +0000
ROA not before:           Sat 15 Jun 2024 11:55:01 +0000
ROA not after:            Sat 14 Jun 2025 12:00:01 +0000
asID:                     45163
IP address blocks:        203.147.108.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 17 Jun 2024 00:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:6e:53:cb:b8:5b:3a:cb:57:39:2e:ca:d4:df:59:98:22:2f:34:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
        Validity
            Not Before: Jun 15 11:55:01 2024 GMT
            Not After : Jun 14 12:00:01 2025 GMT
        Subject: CN=72609E08D58083377C3FC629C329CD8B8F440706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:00:c6:3b:f5:56:1d:dd:e5:09:09:d2:d7:d7:
                    90:83:bf:86:e3:be:4c:33:15:e8:48:81:9a:41:45:
                    7e:e7:34:ea:6f:dc:ed:a9:85:83:d0:52:cc:55:d9:
                    05:7f:99:a6:51:68:16:e0:ee:eb:9b:05:55:cc:4b:
                    95:8b:df:ab:b5:ae:4d:f1:5b:85:00:a3:74:3d:e5:
                    41:ac:4e:5a:03:ed:e1:2b:9d:7c:bc:6c:7f:5e:55:
                    56:df:ac:96:8c:8b:ce:ed:51:2f:6a:30:d0:f5:d2:
                    f3:1e:23:bc:9e:45:90:c0:0b:d8:3d:66:f9:8b:3f:
                    7f:93:24:69:55:69:35:d7:94:4e:87:b2:c5:6e:6d:
                    c9:b5:44:b4:50:3c:d5:a2:a4:d0:7d:c1:87:75:a5:
                    39:48:8e:4c:e6:1e:9d:f9:f9:7d:d2:8d:98:09:73:
                    0d:d1:56:25:fb:da:36:18:ba:67:c9:09:92:f5:a5:
                    17:fe:d9:dd:44:ef:d8:84:60:21:bc:a0:82:44:86:
                    a4:01:ef:eb:8e:a6:48:fa:75:0a:bc:99:90:69:3f:
                    6b:a2:5e:ac:7a:0a:8b:66:2e:09:70:0f:79:23:f5:
                    16:cc:cf:5f:3f:95:61:bb:fe:a8:41:42:9e:49:40:
                    8e:33:4e:f0:f4:a9:ab:c4:d8:15:e8:24:bb:35:f0:
                    c6:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:60:9E:08:D5:80:83:37:7C:3F:C6:29:C3:29:CD:8B:8F:44:07:06
            X509v3 Authority Key Identifier:
                keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.147.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:4d:eb:70:b5:c1:8c:c3:45:9a:53:c1:c8:fd:82:20:bf:8a:
         d0:e8:49:61:5b:33:b8:e5:fe:e3:ba:52:e4:93:92:f0:a1:b0:
         49:f5:cf:34:a8:83:f3:e6:6d:d7:fd:b4:8e:87:9d:aa:63:d1:
         64:bc:44:a1:f4:76:fe:ae:e6:15:1f:f0:07:30:89:97:00:3e:
         eb:ad:2d:f2:1c:6d:34:50:56:15:0c:53:da:89:53:64:71:bb:
         3c:94:b4:d7:57:92:d4:2e:ed:84:99:c3:35:0b:52:c6:f6:70:
         6a:70:b2:b3:91:0d:2f:58:a8:f9:bc:da:b5:2b:50:a3:10:3b:
         5b:21:8e:23:0b:78:f4:89:f0:03:70:57:f5:99:fe:12:77:a0:
         6c:58:86:f1:d8:a4:23:76:60:5a:5d:85:bf:e8:1e:26:dc:66:
         0b:83:36:42:35:bf:4e:b4:e4:ee:42:33:59:25:b8:ff:23:29:
         b6:cf:d7:e1:2d:4e:5d:c9:3c:bb:ef:af:a2:1f:db:e5:84:20:
         02:41:94:6d:c7:9e:64:62:e2:4c:4b:53:0e:1e:29:c5:78:54:
         c4:80:47:9c:3f:ff:07:48:e3:d3:ac:83:8f:96:b6:f1:ca:43:
         73:91:a4:2a:d2:6b:ae:b6:86:b0:ea:e9:17:67:0a:33:96:ab:
         46:78:f1:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUem5Ty7hbOstXOS7K1N9ZmCIvNM8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI0MDYxNTExNTUwMVoX
DTI1MDYxNDEyMDAwMVowMzExMC8GA1UEAxMoNzI2MDlFMDhENTgwODMzNzdDM0ZD
NjI5QzMyOUNEOEI4RjQ0MDcwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYAxjv1Vh3d5QkJ0tfXkIO/huO+TDMV6EiBmkFFfuc06m/c7amFg9BSzFXZ
BX+ZplFoFuDu65sFVcxLlYvfq7WuTfFbhQCjdD3lQaxOWgPt4SudfLxsf15VVt+s
loyLzu1RL2ow0PXS8x4jvJ5FkMAL2D1m+Ys/f5MkaVVpNdeUToeyxW5tybVEtFA8
1aKk0H3Bh3WlOUiOTOYenfn5fdKNmAlzDdFWJfvaNhi6Z8kJkvWlF/7Z3UTv2IRg
IbyggkSGpAHv646mSPp1CryZkGk/a6JerHoKi2YuCXAPeSP1FszPXz+VYbv+qEFC
nklAjjNO8PSpq8TYFegkuzXwxiMCAwEAAaOCAgkwggIFMB0GA1UdDgQWBBRyYJ4I
1YCDN3w/xinDKc2Lj0QHBjAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzALhmxy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzQzNzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQz
NTMxMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAcuTbDANBgkqhkiG9w0BAQsFAAOCAQEAoU3rcLXB
jMNFmlPByP2CIL+K0OhJYVszuOX+47pS5JOS8KGwSfXPNKiD8+Zt1/20joedqmPR
ZLxEofR2/q7mFR/wBzCJlwA+660t8hxtNFBWFQxT2olTZHG7PJS011eS1C7thJnD
NQtSxvZwanCys5ENL1io+bzatStQoxA7WyGOIwt49InwA3BX9Zn+EnegbFiG8dik
I3ZgWl2Fv+geJtxmC4M2QjW/TrTk7kIzWSW4/yMpts/X4S1OXck8u++voh/b5YQg
AkGUbceeZGLiTEtTDh4pxXhUxIBHnD//B0jj06yDj5a28cpDc5GkKtJrrraGsOrp
F2cKM5arRnjxCQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:19:09 2024 by rpki-client on console-fra.rpki-client.org