Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8F0D16D45D9E11EEA1BEB272C4F9AE02.roa
File:                     8F0D16D45D9E11EEA1BEB272C4F9AE02.roa (raw, json)
Hash identifier:          TcpttMNaxay3s4CpYZjy16cbukxGkFov9a3kU8Ouekc=
Subject key identifier:   7D:F5:AA:2E:1C:81:37:03:55:C9:01:D9:8F:5C:1A:F2:AE:00:16:31
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       027E
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8F0D16D45D9E11EEA1BEB272C4F9AE02.roa
Signing time:             Thu 28 Sep 2023 01:30:08 +0000
ROA not before:           Thu 28 Sep 2023 01:30:08 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.7.0/24 maxlen: 24
                          203.32.21.0/24 maxlen: 24
                          203.32.26.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Oct 2023 07:25:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 638 (0x27e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Sep 28 01:30:08 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6514d720-5725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3d:b0:93:2a:d9:36:6b:c2:28:59:46:99:82:
                    0f:76:45:6c:72:62:64:48:49:01:67:dc:1b:a9:a8:
                    c6:06:f4:a6:2c:11:10:15:95:c1:a3:af:d7:b8:c9:
                    90:9c:19:4b:fa:b3:4e:98:c2:b8:e9:b9:55:03:91:
                    90:c4:bd:df:f1:15:b2:7d:ec:40:99:8c:82:ef:ff:
                    a1:73:02:9f:8a:85:24:d4:c6:6e:0b:e3:49:17:c3:
                    57:1b:6b:af:69:be:d4:09:3d:91:8a:d0:dd:72:c0:
                    17:84:2e:4d:83:4b:2d:31:b4:f1:15:35:04:5b:ea:
                    64:a3:ea:c3:a1:55:0a:02:56:6b:29:68:94:69:63:
                    37:8c:df:f1:46:ec:f5:06:af:6d:f0:51:39:43:46:
                    a2:d8:82:6b:3d:ef:70:68:a3:e3:cc:7e:d3:ba:e2:
                    1d:37:56:52:e5:94:ce:62:60:4d:ca:81:6f:21:f4:
                    d6:66:18:af:d8:d7:48:8b:e9:1c:34:60:ec:ff:5e:
                    5c:0d:16:75:bb:16:eb:f3:ee:ff:84:88:93:be:d9:
                    75:67:b1:68:b0:f2:fb:02:49:28:0f:a1:45:fb:83:
                    73:53:56:45:db:f1:ae:22:da:be:e3:90:0d:70:c4:
                    e7:28:67:f8:75:d1:cc:36:17:d0:2c:b9:29:a3:a0:
                    52:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:F5:AA:2E:1C:81:37:03:55:C9:01:D9:8F:5C:1A:F2:AE:00:16:31
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8F0D16D45D9E11EEA1BEB272C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.7.0/24
                  203.32.21.0/24
                  203.32.26.0/24
                  203.32.32.0/24
                  203.32.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:a7:24:a8:c8:3c:21:2e:ea:42:b4:c4:f9:59:6c:2b:e6:62:
         ab:59:27:2f:fe:e2:1f:ae:67:a5:d6:0d:89:2e:66:54:03:71:
         3d:0f:75:00:01:be:59:a3:8c:e7:60:96:48:b4:45:d9:9e:06:
         a6:46:6b:ae:9b:dc:f7:55:36:91:b3:0d:6c:4c:b7:d8:ac:fe:
         a0:0d:81:19:ea:19:cc:52:4b:dc:c9:c7:01:9c:e0:d8:14:d3:
         13:01:9c:18:0d:8c:ad:de:9c:40:2f:5a:bc:f5:18:bb:19:5e:
         8f:0a:c9:a0:2f:f0:c4:1a:cd:c4:3d:e6:ae:dd:d9:77:33:d9:
         cf:78:7e:31:a5:67:71:56:d4:0a:1c:92:5c:b4:b1:c4:97:66:
         ca:49:a7:da:16:4e:d1:e0:1c:e8:ce:6b:04:f8:26:1b:e5:bc:
         91:12:e1:44:5c:1a:4e:a0:3f:8e:51:20:ff:2e:3f:0c:b1:70:
         a5:d6:80:30:99:88:8b:ff:28:2b:98:39:e0:66:04:0f:b5:8f:
         fe:81:7b:77:14:95:c2:88:f6:89:49:f7:4d:b3:8e:32:80:f4:
         20:76:53:53:23:fe:1b:82:0a:c0:4e:db:c8:59:df:5b:f4:d4:
         8f:d9:d1:90:2a:3d:0e:bf:18:56:81:58:9f:d0:90:de:9a:19:
         59:a1:95:68
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTI4MDEzMDA4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE0ZDcyMC01NzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxD2wkyrZNmvCKFlGmYIPdkVscmJkSEkBZ9wbqajGBvSmLBEQFZXBo6/XuMmQ
nBlL+rNOmMK46blVA5GQxL3f8RWyfexAmYyC7/+hcwKfioUk1MZuC+NJF8NXG2uv
ab7UCT2RitDdcsAXhC5Ng0stMbTxFTUEW+pko+rDoVUKAlZrKWiUaWM3jN/xRuz1
Bq9t8FE5Q0ai2IJrPe9waKPjzH7TuuIdN1ZS5ZTOYmBNyoFvIfTWZhiv2NdIi+kc
NGDs/15cDRZ1uxbr8+7/hIiTvtl1Z7FosPL7AkkoD6FF+4NzU1ZF2/GuItq+45AN
cMTnKGf4ddHMNhfQLLkpo6BSsQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFH31qi4c
gTcDVckB2Y9cGvKuABYxMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvOEYwRDE2RDQ1
RDlFMTFFRUExQkVCMjcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBADLIAcDBADLIBUDBADLIBoDBADLICADBADLICgwDQYJKoZI
hvcNAQELBQADggEBAJqnJKjIPCEu6kK0xPlZbCvmYqtZJy/+4h+uZ6XWDYkuZlQD
cT0PdQABvlmjjOdglki0RdmeBqZGa66b3PdVNpGzDWxMt9is/qANgRnqGcxSS9zJ
xwGc4NgU0xMBnBgNjK3enEAvWrz1GLsZXo8KyaAv8MQazcQ95q7d2Xcz2c94fjGl
Z3FW1Aockly0scSXZspJp9oWTtHgHOjOawT4JhvlvJES4URcGk6gP45RIP8uPwyx
cKXWgDCZiIv/KCuYOeBmBA+1j/6Be3cUlcKI9olJ902zjjKA9CB2U1Mj/huCCsBO
28hZ31v01I/Z0ZAqPQ6/GFaBWJ/QkN6aGVmhlWg=
-----END CERTIFICATE-----