Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/803BB2D8155711F081706932C4F9AE02.roa
File:                     803BB2D8155711F081706932C4F9AE02.roa (raw, json)
Hash identifier:          Vz8q2PS99OolEBraXNv9Sk2IlPO2sYnQ8ofj7HVC9/w=
Subject key identifier:   41:C3:A5:0C:82:5B:DE:B7:6B:3E:63:CD:75:41:24:15:33:01:E7:41
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       0776
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/803BB2D8155711F081706932C4F9AE02.roa
Signing time:             Wed 09 Apr 2025 15:30:01 +0000
ROA not before:           Wed 09 Apr 2025 15:30:01 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     64021
IP address blocks:        43.252.209.0/24 maxlen: 24
                          43.252.210.0/24 maxlen: 24
                          103.225.198.0/24 maxlen: 24
                          103.234.54.0/24 maxlen: 24
                          150.107.1.0/24 maxlen: 24
                          150.107.2.0/24 maxlen: 24
                          150.107.3.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 11 Apr 2025 16:03:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1910 (0x776)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Apr  9 15:30:01 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=67f69278-ea1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:49:d0:ea:0b:86:b7:1f:79:e7:16:f8:ab:d4:
                    e7:bf:f2:1f:27:19:64:5e:61:63:f3:33:c2:5b:55:
                    0e:64:56:62:94:e7:8f:e7:0d:4e:b5:03:f5:36:37:
                    b6:b3:10:42:86:f6:1a:fa:14:cd:6c:a6:60:5f:5c:
                    a5:5e:ca:e7:76:b9:61:70:e6:05:cb:1c:d3:f2:03:
                    c6:ac:d5:dc:49:94:26:f6:26:d3:f6:67:fb:17:81:
                    1b:24:4b:d7:db:8f:fc:c8:32:18:be:62:a0:d2:88:
                    64:17:1d:36:7b:5c:38:02:01:92:52:d8:db:42:61:
                    0a:c8:2d:9a:71:11:8f:63:27:8c:d1:9c:d1:34:98:
                    1e:ba:87:b9:03:22:71:df:95:96:fa:c9:fb:fa:63:
                    c1:c3:fa:2d:fc:9c:a4:da:5a:ed:11:fa:13:bb:41:
                    87:31:29:08:d3:44:1d:c2:7a:97:22:96:e0:cd:06:
                    c1:95:52:0a:b6:0e:75:aa:80:89:78:5d:0c:1a:25:
                    9b:7c:e6:55:e3:28:c5:23:16:fc:ce:82:9e:6b:96:
                    ec:fe:b3:ed:4a:fd:83:a8:7d:ba:8f:a4:ed:8d:64:
                    68:db:79:85:4d:e4:75:16:e1:54:2d:9a:fc:38:1a:
                    c0:d0:86:c4:07:0b:35:35:77:ba:6c:9d:49:a0:c9:
                    93:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:C3:A5:0C:82:5B:DE:B7:6B:3E:63:CD:75:41:24:15:33:01:E7:41
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/803BB2D8155711F081706932C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.252.209.0-43.252.210.255
                  103.225.198.0/24
                  103.234.54.0/24
                  150.107.1.0-150.107.3.255

    Signature Algorithm: sha256WithRSAEncryption
         05:d1:ba:25:a2:e8:0e:58:2d:d0:41:05:27:e2:77:d4:fc:23:
         fa:a8:d3:ab:3b:ed:66:f2:43:10:b7:76:71:f9:11:4a:7a:58:
         46:bb:95:3c:3d:d2:8d:51:82:5c:da:a4:56:5e:db:0b:50:bc:
         90:c2:ba:2e:fe:8b:09:3d:43:0b:38:90:85:09:55:64:a3:05:
         2b:ac:41:4a:0f:89:76:18:ee:7d:ef:0c:7f:48:55:dc:1b:38:
         25:f4:64:3a:f5:c9:42:3c:76:55:41:19:3b:21:d0:ad:6e:d6:
         34:dd:10:70:c3:55:e1:a4:1e:69:42:9e:ad:12:4d:33:15:9c:
         f1:97:87:78:40:67:88:1a:5a:63:e1:95:38:39:88:fe:5d:75:
         2a:23:02:ce:d7:a2:7b:8f:bd:cb:bd:3f:2e:e4:32:e8:ed:b1:
         ef:95:8b:6c:f5:e9:06:3f:33:e1:b1:d0:30:de:6d:e4:f5:30:
         7c:7f:25:e7:7e:a5:96:bf:6d:e2:5b:ea:4f:d2:14:9e:06:66:
         a5:a1:78:91:d5:5e:74:46:85:5a:f5:e6:57:36:62:15:87:1c:
         0b:50:30:ba:b2:8b:d2:ed:94:24:40:53:bc:b5:20:0f:a2:cc:
         46:70:b9:ba:2a:0d:5c:b5:b1:3a:da:5c:5b:db:28:0d:36:36:
         e2:c7:87:05
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICB3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwNDA5MTUzMDAxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y2OTI3OC1lYTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyknQ6guGtx955xb4q9Tnv/IfJxlkXmFj8zPCW1UOZFZilOeP5w1OtQP1Nje2
sxBChvYa+hTNbKZgX1ylXsrndrlhcOYFyxzT8gPGrNXcSZQm9ibT9mf7F4EbJEvX
24/8yDIYvmKg0ohkFx02e1w4AgGSUtjbQmEKyC2acRGPYyeM0ZzRNJgeuoe5AyJx
35WW+sn7+mPBw/ot/Jyk2lrtEfoTu0GHMSkI00QdwnqXIpbgzQbBlVIKtg51qoCJ
eF0MGiWbfOZV4yjFIxb8zoKea5bs/rPtSv2DqH26j6TtjWRo23mFTeR1FuFULZr8
OBrA0IbEBws1NXe6bJ1JoMmTYwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFEHDpQyC
W963az5jzXVBJBUzAedBMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvODAzQkIyRDgx
NTU3MTFGMDgxNzA2OTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEACv80QMEACv80gMEAGfhxgMEAGfqNjAMAwQAlmsBAwQC
lmsAMA0GCSqGSIb3DQEBCwUAA4IBAQAF0bolougOWC3QQQUn4nfU/CP6qNOrO+1m
8kMQt3Zx+RFKelhGu5U8PdKNUYJc2qRWXtsLULyQwrou/osJPUMLOJCFCVVkowUr
rEFKD4l2GO597wx/SFXcGzgl9GQ69clCPHZVQRk7IdCtbtY03RBww1XhpB5pQp6t
Ek0zFZzxl4d4QGeIGlpj4ZU4OYj+XXUqIwLO16J7j73LvT8u5DLo7bHvlYts9ekG
PzPhsdAw3m3k9TB8fyXnfqWWv23iW+pP0hSeBmaloXiR1V50RoVa9eZXNmIVhxwL
UDC6sovS7ZQkQFO8tSAPosxGcLm6Kg1ctbE62lxb2ygNNjbix4cF
-----END CERTIFICATE-----