Route Origin Authorization

$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa
File:                     3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa (raw, json)
Hash identifier:          gz+QAaBGu/xCqfa9Xn/49t9CVD6XZyc5jeJLqLaoK2I=
Subject key identifier:   23:97:82:08:2A:56:9A:D4:DF:AA:FF:DE:AA:50:E1:D2:2B:F5:19:D2
Certificate issuer:       /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial:       5BB28D30788FC2354B822023D9563FE91038369E
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access:      rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa
Signing time:             Thu 03 Jul 2025 00:00:01 +0000
ROA not before:           Wed 02 Jul 2025 23:55:01 +0000
ROA not after:            Thu 02 Jul 2026 00:00:01 +0000
asID:                     24021
IP address blocks:        203.147.108.0/23 maxlen: 23
Validation:               Failed, certificate revoked on Thu 03 Jul 2025 12:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:b2:8d:30:78:8f:c2:35:4b:82:20:23:d9:56:3f:e9:10:38:36:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91872ED0001, serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
        Validity
            Not Before: Jul  2 23:55:01 2025 GMT
            Not After : Jul  2 00:00:01 2026 GMT
        Subject: CN=239782082A569AD4DFAAFFDEAA50E1D22BF519D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:77:71:1e:de:10:e2:1d:01:e6:27:bd:8e:26:
                    38:97:95:61:ab:32:ba:60:09:89:57:53:e4:e0:83:
                    1a:bb:96:ea:83:24:86:af:d3:3c:9e:da:80:4a:fd:
                    d6:d4:d8:48:cc:e9:b8:01:46:6e:65:16:6a:cd:47:
                    37:7b:04:44:eb:d3:80:15:14:29:3e:36:94:ef:23:
                    d4:8d:04:31:4d:ad:d4:61:4d:e2:e1:04:25:f2:08:
                    43:77:fe:df:ec:bf:18:1a:33:7a:b6:e8:ff:a5:7c:
                    3d:36:2e:e0:a0:80:99:66:ea:78:42:95:38:f2:3c:
                    8e:1a:51:8c:7d:ea:3d:91:c6:2e:e9:cf:6c:a4:05:
                    a4:73:46:d1:05:e1:ff:5c:74:90:7e:8a:a7:f5:64:
                    5a:2f:cd:14:7c:4b:cc:23:2e:79:e4:b5:f9:aa:64:
                    88:4b:81:98:c6:1d:45:fd:52:c4:34:92:de:cd:5e:
                    c6:c5:f9:2f:39:04:da:5a:5b:1d:92:62:f8:e9:f1:
                    59:36:36:22:ed:23:82:6f:21:91:7a:c5:28:9c:5e:
                    14:e3:ae:92:1f:e6:5f:91:29:3c:82:3c:7d:d7:56:
                    37:5c:af:20:ea:be:28:9e:6b:6b:35:e9:67:5e:0d:
                    3a:28:60:9b:f6:1c:64:6a:34:b4:1a:d3:4b:e9:73:
                    7e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:97:82:08:2A:56:9A:D4:DF:AA:FF:DE:AA:50:E1:D2:2B:F5:19:D2
            X509v3 Authority Key Identifier:
                keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.147.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:38:9a:cd:ba:6d:9a:24:24:b9:ea:aa:c8:51:00:c5:27:b4:
         19:6e:90:bb:81:e0:83:a7:48:1a:81:cf:98:fc:69:91:67:7b:
         a6:cb:03:e5:b7:0a:27:93:b9:45:33:f8:72:a5:3e:b7:24:d5:
         c6:f4:b0:b3:cd:ba:c1:9b:1c:14:98:f2:79:e6:c8:dd:0a:59:
         4a:9f:4e:5e:e3:88:1e:d5:41:d0:66:30:5b:73:d0:34:f9:a1:
         e5:38:53:b4:7e:9e:da:9a:54:44:98:9a:15:6c:00:09:77:47:
         bb:ff:9b:8d:2e:35:f0:8d:f9:12:2b:2f:8c:13:99:25:f2:bd:
         b2:c0:0d:71:ff:04:f8:fc:b9:7c:ed:3d:e5:ff:91:75:f7:99:
         71:67:6c:7e:d9:5a:d2:09:e2:b5:bd:ab:c8:78:79:38:12:f9:
         82:3c:7f:77:15:e2:9a:03:1c:9c:85:14:5d:c9:cd:cc:69:4f:
         df:de:e0:18:82:c9:09:15:34:c6:55:14:3d:cf:0c:c4:ec:21:
         c6:02:1d:e2:cb:bc:ec:b6:de:bd:c3:09:9a:a4:ed:12:9b:37:
         47:2e:68:1d:5c:99:cb:14:48:02:15:66:e6:46:53:db:62:af:
         ad:45:ce:03:9a:35:2c:a7:19:1f:25:73:56:07:dd:86:d9:3b:
         e8:29:d2:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUW7KNMHiPwjVLgiAj2VY/6RA4Np4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI1MDcwMjIzNTUwMVoX
DTI2MDcwMjAwMDAwMVowMzExMC8GA1UEAxMoMjM5NzgyMDgyQTU2OUFENERGQUFG
RkRFQUE1MEUxRDIyQkY1MTlEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh3cR7eEOIdAeYnvY4mOJeVYasyumAJiVdT5OCDGruW6oMkhq/TPJ7agEr9
1tTYSMzpuAFGbmUWas1HN3sEROvTgBUUKT42lO8j1I0EMU2t1GFN4uEEJfIIQ3f+
3+y/GBozerbo/6V8PTYu4KCAmWbqeEKVOPI8jhpRjH3qPZHGLunPbKQFpHNG0QXh
/1x0kH6Kp/VkWi/NFHxLzCMueeS1+apkiEuBmMYdRf1SxDSS3s1exsX5LzkE2lpb
HZJi+OnxWTY2Iu0jgm8hkXrFKJxeFOOukh/mX5EpPII8fddWN1yvIOq+KJ5razXp
Z14NOihgm/YcZGo0tBrTS+lzfnkCAwEAAaOCAgkwggIFMB0GA1UdDgQWBBQjl4II
Klaa1N+q/96qUOHSK/UZ0jAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzALhmxy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzQzNzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIz
NDMwMzIzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAcuTbDANBgkqhkiG9w0BAQsFAAOCAQEAljiazbpt
miQkueqqyFEAxSe0GW6Qu4Hgg6dIGoHPmPxpkWd7pssD5bcKJ5O5RTP4cqU+tyTV
xvSws826wZscFJjyeebI3QpZSp9OXuOIHtVB0GYwW3PQNPmh5ThTtH6e2ppURJia
FWwACXdHu/+bjS418I35EisvjBOZJfK9ssANcf8E+Py5fO095f+RdfeZcWdsftla
0gnitb2ryHh5OBL5gjx/dxXimgMcnIUUXcnNzGlP397gGILJCRU0xlUUPc8MxOwh
xgId4su87LbevcMJmqTtEps3Ry5oHVyZyxRIAhVm5kZT22KvrUXOA5o1LKcZHyVz
Vgfdhtk76CnS3w==
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:58:26 2025 by rpki-client