Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa
File:                     E326ADB0293611EB9DE16C62C4F9AE02.roa (raw, json)
Hash identifier:          yso9R2xlBlKlk8GAlPN59e+FH++NnM8uw3XV+dH9NhQ=
Subject key identifier:   77:B9:AB:E7:4C:6C:19:20:D7:2E:8B:25:FE:7B:7E:B1:CE:D6:AF:F5
Certificate issuer:       /CN=A919B3BC/serialNumber=C4FB91813E7BA099D91E9C48172094B9905C0F11
Certificate serial:       1CD7
Authority key identifier: C4:FB:91:81:3E:7B:A0:99:D9:1E:9C:48:17:20:94:B9:90:5C:0F:11
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPuRgT57oJnZHpxIFyCUuZBcDxE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa
Signing time:             Tue 10 Oct 2023 16:43:21 +0000
ROA not before:           Tue 10 Oct 2023 16:43:21 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     58424
IP address blocks:        43.255.112.0/22 maxlen: 24
                          103.5.124.0/22 maxlen: 24
                          103.206.200.0/22 maxlen: 24
                          103.227.172.0/22 maxlen: 24
                          116.214.24.0/21 maxlen: 24
                          2407:8180::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 07 Aug 2024 07:20:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7383 (0x1cd7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919B3BC/serialNumber=C4FB91813E7BA099D91E9C48172094B9905C0F11
        Validity
            Not Before: Oct 10 16:43:21 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65257f29-1c5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:45:08:5c:21:58:71:1d:f9:ce:35:b1:33:62:
                    f6:39:0a:27:2b:72:e9:8a:1b:8b:8b:69:5c:ff:2a:
                    0e:31:83:fa:cc:b0:2e:ea:3e:0f:5d:ce:49:5c:7f:
                    85:2c:b9:99:18:1d:16:b8:a1:2a:dc:3b:07:3e:6d:
                    32:96:f3:ac:3e:cb:75:c6:24:84:e4:aa:c9:7c:cf:
                    72:c6:55:0c:ae:75:25:87:2a:48:a1:29:2e:74:d5:
                    51:93:1f:f5:c3:e4:52:3a:56:bf:82:a6:a5:72:0e:
                    75:5a:db:35:1b:28:d9:a9:a4:a7:d0:f8:38:a6:1d:
                    a1:3c:19:21:67:fb:f1:da:bb:d0:73:6c:de:b3:bf:
                    09:f7:4c:65:54:46:4c:0c:b4:49:e1:ad:c4:a0:6f:
                    a7:a5:44:ac:37:f1:be:f2:f3:f3:4e:7a:2e:9a:7f:
                    9b:da:30:93:63:84:14:ed:34:db:f7:c8:88:ff:94:
                    05:02:24:a2:c9:b6:4b:a8:ce:73:1d:19:06:9d:8d:
                    da:2f:dd:35:7d:62:1f:33:ee:73:e0:ca:a3:ec:69:
                    13:dd:91:aa:33:22:db:83:c5:5b:b5:a3:d1:b9:75:
                    0a:63:fb:aa:49:30:6c:4c:64:e3:de:c9:a8:97:d8:
                    3c:b3:e5:9e:51:8d:de:db:7d:38:c4:5e:7e:ca:60:
                    cc:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:B9:AB:E7:4C:6C:19:20:D7:2E:8B:25:FE:7B:7E:B1:CE:D6:AF:F5
            X509v3 Authority Key Identifier:
                keyid:C4:FB:91:81:3E:7B:A0:99:D9:1E:9C:48:17:20:94:B9:90:5C:0F:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/xPuRgT57oJnZHpxIFyCUuZBcDxE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPuRgT57oJnZHpxIFyCUuZBcDxE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.112.0/22
                  103.5.124.0/22
                  103.206.200.0/22
                  103.227.172.0/22
                  116.214.24.0/21
                IPv6:
                  2407:8180::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:c2:63:00:a4:82:eb:a9:49:77:37:10:e6:9d:76:f6:b1:06:
         79:ae:26:18:21:29:e6:30:05:b2:31:42:d9:29:7d:b6:00:8c:
         4b:08:87:c0:3a:77:1d:5a:eb:ca:47:6c:b6:61:a5:d3:48:28:
         53:11:3f:ec:93:92:c0:07:e8:57:0f:e4:72:56:f2:86:7b:e2:
         59:a1:31:8c:3c:a3:3c:31:3a:92:88:28:10:13:96:f0:17:63:
         15:a0:f0:96:11:a3:be:d5:4c:45:1f:1b:38:7b:81:c5:33:4f:
         9a:5b:17:ba:0c:8c:cc:0b:d8:ab:12:5a:b4:f9:c1:ea:c1:8e:
         b4:81:71:ca:c9:16:30:08:f5:82:98:60:a5:04:e1:db:3d:e4:
         ba:6b:06:c8:0d:a4:0b:e9:0d:83:4c:68:8e:03:36:8a:8c:d0:
         8c:9a:01:de:91:2f:e3:82:cc:f2:57:19:a1:47:33:74:80:0b:
         1c:0d:72:1b:3c:cd:51:61:4f:fa:88:98:81:2d:12:ec:79:c9:
         f0:47:7b:c0:0f:ec:c8:f2:bf:e7:05:02:80:4e:00:c5:db:6e:
         a8:c1:68:a5:60:dd:20:d5:ee:d9:3c:4d:2d:46:02:93:eb:ea:
         c5:8f:d1:23:8f:8d:fa:51:1f:a8:51:31:25:13:e1:3a:d6:d7:
         2b:25:6c:21
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICHNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUIzQkMxMTAvBgNVBAUTKEM0RkI5MTgxM0U3QkEwOTlEOTFFOUM0ODE3MjA5NEI5
OTA1QzBGMTEwHhcNMjMxMDEwMTY0MzIxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI1N2YyOS0xYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEUIXCFYcR35zjWxM2L2OQonK3LpihuLi2lc/yoOMYP6zLAu6j4PXc5JXH+F
LLmZGB0WuKEq3DsHPm0ylvOsPst1xiSE5KrJfM9yxlUMrnUlhypIoSkudNVRkx/1
w+RSOla/gqalcg51Wts1GyjZqaSn0Pg4ph2hPBkhZ/vx2rvQc2zes78J90xlVEZM
DLRJ4a3EoG+npUSsN/G+8vPzTnoumn+b2jCTY4QU7TTb98iI/5QFAiSiybZLqM5z
HRkGnY3aL901fWIfM+5z4Mqj7GkT3ZGqMyLbg8VbtaPRuXUKY/uqSTBsTGTj3smo
l9g8s+WeUY3e2304xF5+ymDM+wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFHe5q+dM
bBkg1y6LJf57frHO1q/1MB8GA1UdIwQYMBaAFMT7kYE+e6CZ2R6cSBcglLmQXA8R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjNCQy8zODEyNDRGRThG
OUIxMUU2QkVDNUNCMjVDNEY5QUUwMi94UHVSZ1Q1N29KblpIcHhJRnlDVXVaQmNE
eEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hQdVJnVDU3b0puWkhweElGeUNVdVpCY0R4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUIzQkMvMzgxMjQ0RkU4RjlCMTFFNkJFQzVDQjI1QzRGOUFFMDIvRTMyNkFEQjAy
OTM2MTFFQjlERTE2QzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr/3ADBAJnBXwDBAJnzsgDBAJn46wDBAN01hgwDQQCAAIw
BwMFACQHgYAwDQYJKoZIhvcNAQELBQADggEBAGPCYwCkguupSXc3EOaddvaxBnmu
JhghKeYwBbIxQtkpfbYAjEsIh8A6dx1a68pHbLZhpdNIKFMRP+yTksAH6FcP5HJW
8oZ74lmhMYw8ozwxOpKIKBATlvAXYxWg8JYRo77VTEUfGzh7gcUzT5pbF7oMjMwL
2KsSWrT5werBjrSBccrJFjAI9YKYYKUE4ds95LprBsgNpAvpDYNMaI4DNoqM0Iya
Ad6RL+OCzPJXGaFHM3SACxwNchs8zVFhT/qImIEtEux5yfBHe8AP7Mjyv+cFAoBO
AMXbbqjBaKVg3SDV7tk8TS1GApPr6sWP0SOPjfpRH6hRMSUT4TrW1yslbCE=
-----END CERTIFICATE-----