Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9188CCC/7E6E0014454711EEACD35F41C4F9AE02/7349E1BCB71011EFB2492640C4F9AE02.roa
File:                     7349E1BCB71011EFB2492640C4F9AE02.roa (raw, json)
Hash identifier:          Trsw6c+/j5wxo4vDvijyU9hjvuL2c/1bflc1/tf8D8E=
Subject key identifier:   34:31:96:03:30:DC:57:7C:B0:17:79:79:07:C9:27:DE:A3:93:A7:F7
Certificate issuer:       /CN=A9188CCC/serialNumber=E231D30927E49A6A22D9F6ACD706103BE3E5DC16
Certificate serial:       0112
Authority key identifier: E2:31:D3:09:27:E4:9A:6A:22:D9:F6:AC:D7:06:10:3B:E3:E5:DC:16
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4jHTCSfkmmoi2fas1wYQO-Pl3BY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9188CCC/7E6E0014454711EEACD35F41C4F9AE02/7349E1BCB71011EFB2492640C4F9AE02.roa
Signing time:             Tue 21 Jan 2025 11:54:29 +0000
ROA not before:           Tue 21 Jan 2025 11:54:29 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     55734
IP address blocks:        43.245.0.0/22 maxlen: 24
                          103.232.184.0/22 maxlen: 24
                          223.27.120.0/22 maxlen: 24
                          2401:4ce0::/32 maxlen: 32
Validation:               Failed, certificate revoked on Wed 22 Jan 2025 08:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 274 (0x112)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9188CCC, serialNumber=E231D30927E49A6A22D9F6ACD706103BE3E5DC16
        Validity
            Not Before: Jan 21 11:54:29 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=678f8af4-4776
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9b:97:ab:e0:9f:4e:6c:30:95:12:31:94:df:
                    0c:e6:30:99:a6:23:99:93:30:e2:a2:5f:3c:59:04:
                    d8:ab:fe:ec:d4:d6:97:00:9a:f3:a9:99:ab:1a:c4:
                    aa:f9:51:64:94:21:59:f7:b5:24:7b:a4:84:8b:07:
                    24:ee:0d:20:7c:45:87:78:b0:e7:3e:ea:8b:d9:b9:
                    3b:65:7a:40:1d:f9:63:6a:2e:25:e9:52:e1:20:a3:
                    9d:82:ee:7a:e9:38:a9:f6:1a:50:58:8a:33:05:11:
                    d1:04:b7:55:d2:70:11:da:e0:bd:f8:4f:02:ec:17:
                    ba:f8:27:f6:cf:60:53:b9:84:9d:8d:ab:0f:58:e5:
                    b1:bc:6d:52:be:ca:f8:bc:fa:66:b5:a0:a9:a6:c3:
                    ce:31:98:ac:77:82:ce:25:94:e8:08:b8:be:2b:b8:
                    82:6d:54:f9:74:a8:5d:d5:53:30:a9:c9:aa:a4:bd:
                    99:4a:d4:8c:ae:44:69:24:1e:5d:dd:3e:46:6c:c0:
                    72:39:ff:b6:ca:c1:8c:db:d3:d7:65:14:99:51:99:
                    e8:00:02:65:39:cf:64:3b:39:f7:ff:3e:67:af:7e:
                    fd:45:92:76:46:0d:84:8b:71:2b:ef:9b:b4:00:6a:
                    93:4e:b4:ac:18:d4:19:56:24:6d:8e:4d:49:b8:1d:
                    ec:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:31:96:03:30:DC:57:7C:B0:17:79:79:07:C9:27:DE:A3:93:A7:F7
            X509v3 Authority Key Identifier:
                keyid:E2:31:D3:09:27:E4:9A:6A:22:D9:F6:AC:D7:06:10:3B:E3:E5:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9188CCC/7E6E0014454711EEACD35F41C4F9AE02/4jHTCSfkmmoi2fas1wYQO-Pl3BY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4jHTCSfkmmoi2fas1wYQO-Pl3BY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188CCC/7E6E0014454711EEACD35F41C4F9AE02/7349E1BCB71011EFB2492640C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.245.0.0/22
                  103.232.184.0/22
                  223.27.120.0/22
                IPv6:
                  2401:4ce0::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:2a:e3:b4:11:c8:ec:4b:25:36:78:e9:99:7c:34:16:5f:f5:
         09:70:5c:d9:12:9b:c4:4e:16:85:9b:30:8e:eb:c8:31:30:d1:
         e6:c7:a3:ca:5e:5c:bc:d7:c8:1f:7b:23:ba:3b:c5:0e:d3:c3:
         8f:9f:23:4a:69:aa:54:e5:81:1b:2d:40:21:3c:b2:75:ec:f2:
         e1:66:a1:ba:d3:8d:46:dd:1f:b8:16:00:26:76:80:ae:e9:fd:
         ac:ba:e4:9e:05:82:2a:a0:c0:b3:3b:da:80:af:33:da:f1:5c:
         60:ab:24:56:76:94:bb:48:77:a7:e9:93:ee:6a:d2:aa:cc:79:
         f6:60:90:36:ab:10:68:18:76:53:f2:f5:85:db:d0:3a:b5:a8:
         ce:8c:b9:4d:54:cc:62:bc:ac:d2:ec:0b:6f:cd:ea:45:c9:42:
         2e:79:ad:c7:d6:97:c2:4b:67:a7:1b:98:10:45:75:c2:7c:21:
         8c:a2:71:e4:83:cc:ee:68:02:f8:26:97:fe:a2:46:cb:04:76:
         d8:b6:26:69:59:70:25:21:44:23:9d:55:5f:ff:8d:c6:be:dc:
         27:7b:49:b8:88:1c:2d:29:12:7d:75:5a:93:aa:c8:6b:2d:1d:
         1f:d8:57:01:75:08:cf:12:a5:31:4c:30:d5:61:94:cb:93:a5:
         f8:e5:a3:9d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhDQ0MxMTAvBgNVBAUTKEUyMzFEMzA5MjdFNDlBNkEyMkQ5RjZBQ0Q3MDYxMDNC
RTNFNURDMTYwHhcNMjUwMTIxMTE1NDI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhmOGFmNC00Nzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApZuXq+CfTmwwlRIxlN8M5jCZpiOZkzDiol88WQTYq/7s1NaXAJrzqZmrGsSq
+VFklCFZ97Uke6SEiwck7g0gfEWHeLDnPuqL2bk7ZXpAHfljai4l6VLhIKOdgu56
6Tip9hpQWIozBRHRBLdV0nAR2uC9+E8C7Be6+Cf2z2BTuYSdjasPWOWxvG1Svsr4
vPpmtaCppsPOMZisd4LOJZToCLi+K7iCbVT5dKhd1VMwqcmqpL2ZStSMrkRpJB5d
3T5GbMByOf+2ysGM29PXZRSZUZnoAAJlOc9kOzn3/z5nr379RZJ2Rg2Ei3Er75u0
AGqTTrSsGNQZViRtjk1JuB3sDwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDQxlgMw
3Fd8sBd5eQfJJ96jk6f3MB8GA1UdIwQYMBaAFOIx0wkn5JpqItn2rNcGEDvj5dwW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OENDQy83RTZFMDAxNDQ1
NDcxMUVFQUNEMzVGNDFDNEY5QUUwMi80akhUQ1Nma21tb2kyZmFzMXdZUU8tUGwz
QlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRqSFRDU2ZrbW1vaTJmYXMxd1lRTy1QbDNCWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhDQ0MvN0U2RTAwMTQ0NTQ3MTFFRUFDRDM1RjQxQzRGOUFFMDIvNzM0OUUxQkNC
NzEwMTFFRkIyNDkyNjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIr9QADBAJn6LgDBALfG3gwDQQCAAIwBwMFACQBTOAwDQYJ
KoZIhvcNAQELBQADggEBAEIq47QRyOxLJTZ46Zl8NBZf9QlwXNkSm8ROFoWbMI7r
yDEw0ebHo8peXLzXyB97I7o7xQ7Tw4+fI0ppqlTlgRstQCE8snXs8uFmobrTjUbd
H7gWACZ2gK7p/ay65J4FgiqgwLM72oCvM9rxXGCrJFZ2lLtId6fpk+5q0qrMefZg
kDarEGgYdlPy9YXb0Dq1qM6MuU1UzGK8rNLsC2/N6kXJQi55rcfWl8JLZ6cbmBBF
dcJ8IYyiceSDzO5oAvgml/6iRssEdti2JmlZcCUhRCOdVV//jca+3Cd7SbiIHC0p
En11WpOqyGstHR/YVwF1CM8SpTFMMNVhlMuTpfjlo50=
-----END CERTIFICATE-----