Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
File:                     174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa (raw, json)
Hash identifier:          fnmc4zNj1BC1nZw1UL4LxvqcM3wZl/k+Y8sYgbvRl8w=
Subject key identifier:   B1:8D:F9:BB:CC:AE:1F:60:CD:92:68:57:EA:D6:1F:0C:9F:7B:AA:57
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0255
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
Signing time:             Wed 06 Sep 2023 23:07:03 +0000
ROA not before:           Wed 06 Sep 2023 23:07:03 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.7.0/24 maxlen: 24
                          203.32.25.0/24 maxlen: 24
                          203.32.26.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 23:29:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 597 (0x255)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Sep  6 23:07:03 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64f90617-a1b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:25:c6:13:10:7f:64:bc:4d:81:e9:3b:dc:87:
                    ca:f4:38:94:68:e2:1d:90:fe:20:c2:c3:f1:c2:0b:
                    05:a9:42:19:fe:27:73:16:cd:36:a5:b0:6e:81:b3:
                    22:a6:58:80:1d:f4:d8:93:52:17:d8:e3:70:38:97:
                    5c:0d:86:82:0c:9a:96:42:71:d9:40:06:d9:53:97:
                    69:7e:fc:d7:d8:30:6b:9b:d0:bf:74:5f:da:00:5c:
                    3e:f8:4d:59:a0:c3:94:8c:9b:54:3e:87:12:42:ca:
                    42:f6:60:91:02:03:50:d2:bb:19:de:3e:80:38:51:
                    00:c6:f1:f4:90:04:0e:69:2e:f0:c9:80:78:27:dc:
                    34:8f:7a:a4:49:35:39:4a:7d:8a:d6:0f:7c:cd:f0:
                    92:fe:0d:7c:b9:b9:7b:36:97:8e:b2:8b:21:99:ae:
                    55:c1:9d:9c:8e:eb:7c:02:71:de:dd:00:ff:ea:52:
                    30:7d:b2:a9:88:aa:8e:62:11:a0:04:f6:1c:c4:64:
                    bd:78:27:f4:30:32:82:17:05:26:4b:5e:81:64:86:
                    fa:11:1a:2e:25:9b:c7:5b:f3:7d:4b:20:73:6c:fc:
                    0b:41:ca:81:91:23:c0:58:94:bc:b1:97:c5:2c:75:
                    ec:f3:15:e4:55:71:fe:9e:ca:1a:95:f0:ea:b9:3a:
                    23:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:8D:F9:BB:CC:AE:1F:60:CD:92:68:57:EA:D6:1F:0C:9F:7B:AA:57
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/174A19AC4D0A11EEA9E1CE6BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.7.0/24
                  203.32.25.0-203.32.26.255
                  203.32.32.0/24
                  203.32.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:92:df:a0:a7:5d:34:b8:b7:19:70:b9:0b:a2:d8:75:eb:7f:
         e6:71:08:26:95:23:99:d1:f4:34:b1:e7:dd:37:99:c8:e5:e8:
         c8:98:aa:3c:3d:5d:53:eb:23:e5:1d:db:12:d7:50:e1:52:65:
         0e:33:8f:73:67:9d:f7:d3:b8:64:7d:e9:ad:3b:81:96:e9:d6:
         1f:1e:9f:11:7b:d3:b2:33:6c:f9:1b:6f:70:b2:5f:a8:27:c3:
         f7:82:5f:5c:f0:62:1e:b6:e1:f6:8b:50:98:41:85:b8:e3:b3:
         ac:df:2e:8f:83:fa:e5:9f:7f:21:77:80:11:af:b5:fb:bf:5b:
         a8:aa:4e:12:40:d9:e3:85:8e:95:fe:17:53:0f:d0:c9:1d:58:
         3e:a9:43:3e:5e:c1:63:43:e2:21:c9:b4:9f:f3:91:49:99:87:
         d0:da:e0:ce:53:8d:f0:35:65:5b:97:e7:ae:ee:aa:e4:54:62:
         51:ba:8d:1a:49:fb:43:fb:15:a1:fa:b4:dd:3d:b3:01:b4:77:
         f1:79:e7:f3:91:9a:6f:56:4a:b1:55:9f:84:4d:06:ef:a9:a5:
         71:59:91:df:f0:0c:49:7c:fa:d0:b2:1b:68:17:95:6b:c1:71:
         8e:ca:4c:a6:38:46:16:5f:26:fb:c4:7d:d7:5a:6e:2a:05:3f:
         c1:42:6e:c4
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTA2MjMwNzAzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY5MDYxNy1hMWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwiXGExB/ZLxNgek73IfK9DiUaOIdkP4gwsPxwgsFqUIZ/idzFs02pbBugbMi
pliAHfTYk1IX2ONwOJdcDYaCDJqWQnHZQAbZU5dpfvzX2DBrm9C/dF/aAFw++E1Z
oMOUjJtUPocSQspC9mCRAgNQ0rsZ3j6AOFEAxvH0kAQOaS7wyYB4J9w0j3qkSTU5
Sn2K1g98zfCS/g18ubl7NpeOsoshma5VwZ2cjut8AnHe3QD/6lIwfbKpiKqOYhGg
BPYcxGS9eCf0MDKCFwUmS16BZIb6ERouJZvHW/N9SyBzbPwLQcqBkSPAWJS8sZfF
LHXs8xXkVXH+nsoalfDquTojhQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFLGN+bvM
rh9gzZJoV+rWHwyfe6pXMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMTc0QTE5QUM0
RDBBMTFFRUE5RTFDRTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBADLIAcwDAMEAMsgGQMEAMsgGgMEAMsgIAMEAMsgJjANBgkq
hkiG9w0BAQsFAAOCAQEAJJLfoKddNLi3GXC5C6LYdet/5nEIJpUjmdH0NLHn3TeZ
yOXoyJiqPD1dU+sj5R3bEtdQ4VJlDjOPc2ed99O4ZH3prTuBlunWHx6fEXvTsjNs
+RtvcLJfqCfD94JfXPBiHrbh9otQmEGFuOOzrN8uj4P65Z9/IXeAEa+1+79bqKpO
EkDZ44WOlf4XUw/QyR1YPqlDPl7BY0PiIcm0n/ORSZmH0NrgzlON8DVlW5fnru6q
5FRiUbqNGkn7Q/sVofq03T2zAbR38Xnn85Gab1ZKsVWfhE0G76mlcVmR3/AMSXz6
0LIbaBeVa8FxjspMpjhGFl8m+8R911puKgU/wUJuxA==
-----END CERTIFICATE-----