Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916548C/C7731D249E5511ED8D92BD79C4F9AE02/579616F29E5811EDA8C7767AC4F9AE02.roa
File:                     579616F29E5811EDA8C7767AC4F9AE02.roa (raw, json)
Hash identifier:          zJ/ksGiqDXsPYw6ABZ3eYnziH5nSxE60lEfynvZAXBQ=
Subject key identifier:   3A:2D:BA:F7:F4:A7:6D:81:3B:1E:6E:E7:BE:C7:97:62:45:04:54:6E
Certificate issuer:       /CN=A916548C/serialNumber=4FA368A62ED25C6278E23B1BFFA251A149AA2F58
Certificate serial:       016C
Authority key identifier: 4F:A3:68:A6:2E:D2:5C:62:78:E2:3B:1B:FF:A2:51:A1:49:AA:2F:58
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T6Nopi7SXGJ44jsb_6JRoUmqL1g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916548C/C7731D249E5511ED8D92BD79C4F9AE02/579616F29E5811EDA8C7767AC4F9AE02.roa
Signing time:             Fri 27 Dec 2024 06:14:36 +0000
ROA not before:           Fri 27 Dec 2024 06:14:36 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     150737
IP address blocks:        103.77.116.0/23 maxlen: 23
                          103.77.116.0/24 maxlen: 24
                          103.77.117.0/24 maxlen: 24
                          2001:df4:d3c0::/48 maxlen: 48
                          2001:df4:d3c0::/50 maxlen: 50
                          2001:df4:d3c0:4000::/50 maxlen: 50
                          2001:df4:d3c0:8000::/50 maxlen: 50
                          2001:df4:d3c0:c000::/50 maxlen: 50
Validation:               Failed, certificate revoked on Thu 16 Jan 2025 14:56:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 364 (0x16c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916548C
        Validity
            Not Before: Dec 27 06:14:36 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=676e45cc-159b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:db:58:df:f6:87:4f:28:79:cc:f7:80:b4:c9:
                    be:68:a0:76:eb:1a:b7:52:39:9a:f1:8b:90:e5:66:
                    ba:8f:64:85:ab:b1:b7:7b:9e:eb:12:1a:62:f7:9f:
                    a3:8d:21:99:94:f7:f2:0a:1a:82:6b:41:b9:53:95:
                    c6:c8:45:82:a4:a8:96:c3:64:2e:a4:20:b0:44:c3:
                    1a:47:e8:a7:bf:81:f9:5e:98:79:7d:ee:9f:4e:9d:
                    fd:f3:aa:5f:13:59:87:8f:0f:bf:64:e4:0f:de:88:
                    21:24:93:77:1d:da:e8:e3:94:50:93:72:2f:a1:06:
                    d6:82:c9:a5:15:e2:c6:e0:53:a1:30:ef:f5:81:6a:
                    5b:ae:bd:e1:67:fb:39:e2:60:2e:80:5b:76:87:7b:
                    54:79:65:40:54:61:31:18:99:60:bb:b4:3b:a1:d3:
                    04:33:98:7a:cd:35:8a:6f:6b:4d:0d:e4:c8:1e:8a:
                    51:41:2e:72:b8:e2:1d:e2:cd:4e:00:12:17:2e:0b:
                    d5:5b:c9:ad:ba:a0:66:29:87:e7:13:af:6c:8c:1a:
                    82:f3:c7:1b:05:bf:d4:c2:da:e6:33:a5:7c:b8:a3:
                    1c:a7:af:ad:b4:6c:b2:b3:1d:8f:f9:f0:94:c4:cc:
                    f4:48:1c:99:3b:99:c4:76:0d:d5:d9:96:e6:a8:be:
                    38:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:2D:BA:F7:F4:A7:6D:81:3B:1E:6E:E7:BE:C7:97:62:45:04:54:6E
            X509v3 Authority Key Identifier:
                keyid:4F:A3:68:A6:2E:D2:5C:62:78:E2:3B:1B:FF:A2:51:A1:49:AA:2F:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916548C/C7731D249E5511ED8D92BD79C4F9AE02/T6Nopi7SXGJ44jsb_6JRoUmqL1g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T6Nopi7SXGJ44jsb_6JRoUmqL1g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916548C/C7731D249E5511ED8D92BD79C4F9AE02/579616F29E5811EDA8C7767AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.77.116.0/23
                IPv6:
                  2001:df4:d3c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:11:5b:c4:04:cf:c4:ed:ba:89:db:7d:7d:c8:12:fc:90:8f:
         e7:ba:76:2f:e8:6c:e8:48:bc:6d:7c:5f:a5:77:11:ad:21:20:
         b5:cb:f9:ce:2f:fa:48:5c:db:d2:61:b3:7c:cf:4a:51:65:c0:
         f0:d0:3d:ca:26:65:68:a5:8c:6e:69:7a:a1:47:fa:4a:1b:5f:
         b5:63:a8:14:47:08:ef:85:df:6f:ba:90:a8:cf:45:18:77:f1:
         b3:16:cd:d9:8f:70:f6:d4:2a:ca:05:47:56:dd:5f:8b:07:d3:
         d1:f7:10:45:4c:d7:86:8c:1c:43:99:ae:7d:7a:f2:53:f9:1b:
         d0:60:fa:c3:34:e8:b6:8a:04:f1:7a:57:9a:b9:b3:8a:f8:66:
         03:41:cb:56:4b:ef:7f:a2:87:fb:5b:3e:ac:c5:43:08:84:7b:
         69:ab:1c:81:73:22:fc:73:a2:1b:bb:9d:11:b8:56:cc:fa:56:
         cc:96:5a:c4:39:0f:88:33:ab:0f:e3:e2:22:4b:a3:34:90:5a:
         fe:98:bc:bd:1a:76:cf:d7:be:22:1f:76:ed:5c:14:11:95:16:
         9c:aa:76:4d:f1:4d:85:f8:ca:86:45:a6:6e:ef:00:c7:9a:a8:
         b1:a1:c7:c2:51:50:68:1a:79:5d:bb:13:79:1d:37:98:00:f2:
         ec:c4:cc:5d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU0OEMxMTAvBgNVBAUTKDRGQTM2OEE2MkVEMjVDNjI3OEUyM0IxQkZGQTI1MUEx
NDlBQTJGNTgwHhcNMjQxMjI3MDYxNDM2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZlNDVjYy0xNTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39tY3/aHTyh5zPeAtMm+aKB26xq3Ujma8YuQ5Wa6j2SFq7G3e57rEhpi95+j
jSGZlPfyChqCa0G5U5XGyEWCpKiWw2QupCCwRMMaR+inv4H5Xph5fe6fTp3986pf
E1mHjw+/ZOQP3oghJJN3Hdro45RQk3IvoQbWgsmlFeLG4FOhMO/1gWpbrr3hZ/s5
4mAugFt2h3tUeWVAVGExGJlgu7Q7odMEM5h6zTWKb2tNDeTIHopRQS5yuOId4s1O
ABIXLgvVW8mtuqBmKYfnE69sjBqC88cbBb/UwtrmM6V8uKMcp6+ttGyysx2P+fCU
xMz0SByZO5nEdg3V2ZbmqL44lwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDotuvf0
p22BOx5u577Hl2JFBFRuMB8GA1UdIwQYMBaAFE+jaKYu0lxieOI7G/+iUaFJqi9Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTQ4Qy9DNzczMUQyNDlF
NTUxMUVEOEQ5MkJENzlDNEY5QUUwMi9UNk5vcGk3U1hHSjQ0anNiXzZKUm9VbXFM
MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Q2Tm9waTdTWEdKNDRqc2JfNkpSb1VtcUwxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU0OEMvQzc3MzFEMjQ5RTU1MTFFRDhEOTJCRDc5QzRGOUFFMDIvNTc5NjE2RjI5
RTU4MTFFREE4Qzc3NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnTXQwDwQCAAIwCQMHACABDfTTwDANBgkqhkiG9w0BAQsF
AAOCAQEAcBFbxATPxO26idt9fcgS/JCP57p2L+hs6Ei8bXxfpXcRrSEgtcv5zi/6
SFzb0mGzfM9KUWXA8NA9yiZlaKWMbml6oUf6ShtftWOoFEcI74Xfb7qQqM9FGHfx
sxbN2Y9w9tQqygVHVt1fiwfT0fcQRUzXhowcQ5mufXryU/kb0GD6wzTotooE8XpX
mrmzivhmA0HLVkvvf6KH+1s+rMVDCIR7aascgXMi/HOiG7udEbhWzPpWzJZaxDkP
iDOrD+PiIkujNJBa/pi8vRp2z9e+Ih927VwUEZUWnKp2TfFNhfjKhkWmbu8Ax5qo
saHHwlFQaBp5XbsTeR03mADy7MTMXQ==
-----END CERTIFICATE-----