Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7A35195A0A1811F0ADFE8D2DC4F9AE02.roa
File:                     7A35195A0A1811F0ADFE8D2DC4F9AE02.roa (raw, json)
Hash identifier:          SK0Fc+kcmvRgjtBQ8R3CONikfR4Yi3yxrqr0xUmbmj8=
Subject key identifier:   6F:CF:9E:22:56:0F:54:3A:83:C6:73:82:A2:F4:A4:B0:B4:8F:DB:CF
Certificate issuer:       /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial:       0BFB
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7A35195A0A1811F0ADFE8D2DC4F9AE02.roa
Signing time:             Thu 03 Jul 2025 07:21:07 +0000
ROA not before:           Thu 03 Jul 2025 07:21:07 +0000
ROA not after:            Thu 28 May 2026 00:00:00 +0000
asID:                     5065
IP address blocks:        43.230.52.0/24 maxlen: 24
                          43.230.53.0/24 maxlen: 24
                          103.7.117.0/24 maxlen: 24
                          103.7.118.0/24 maxlen: 24
                          103.13.19.0/24 maxlen: 24
                          103.15.32.0/24 maxlen: 24
                          103.15.33.0/24 maxlen: 24
                          103.15.34.0/24 maxlen: 24
                          103.15.35.0/24 maxlen: 24
                          103.248.150.0/24 maxlen: 24
                          103.248.151.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 03 Jul 2025 09:54:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3067 (0xbfb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
        Validity
            Not Before: Jul  3 07:21:07 2025 GMT
            Not After : May 28 00:00:00 2026 GMT
        Subject: CN=68662f62-9b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:03:2f:85:e4:0a:91:c3:08:f5:f8:6f:e1:14:
                    3d:3d:02:cd:50:d3:5f:a2:ef:ed:cf:50:9a:66:d7:
                    38:f8:0a:fc:e5:b7:ba:e2:66:87:25:a3:3b:6d:5d:
                    9d:bc:cf:79:4e:f8:47:39:8f:38:c3:9b:f0:92:33:
                    0c:25:78:6c:52:2f:60:7f:51:02:09:19:2c:f4:ae:
                    0f:ed:72:57:69:7d:b9:d2:a6:ee:2d:39:09:21:23:
                    5a:f9:7f:6b:f3:33:ce:58:76:3c:3d:55:61:fd:f7:
                    0a:0e:a5:93:c4:da:ed:86:a6:e0:5b:07:81:cb:0e:
                    68:d5:2b:1d:54:40:14:c3:3d:75:3f:db:18:a6:81:
                    ab:ea:31:83:9d:40:34:19:1f:30:81:07:af:9a:d1:
                    61:e1:b8:f2:5f:1b:83:3a:33:66:98:86:71:73:9d:
                    de:56:64:84:1d:02:11:3a:36:a9:68:f2:c5:ba:2d:
                    98:03:2d:5a:62:5c:b8:ee:7c:56:f8:37:dc:9e:d1:
                    4f:f2:b1:7d:80:80:80:c9:b0:ef:a8:7b:bc:a4:5d:
                    e3:93:9f:f8:a2:b8:98:05:1a:d5:49:d2:e5:b7:a1:
                    d4:5f:98:5c:0c:3f:ec:2a:73:29:a9:70:75:a0:7f:
                    3b:98:00:ab:93:0f:64:7d:0b:73:2c:06:d2:98:bc:
                    2e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:CF:9E:22:56:0F:54:3A:83:C6:73:82:A2:F4:A4:B0:B4:8F:DB:CF
            X509v3 Authority Key Identifier:
                keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/7A35195A0A1811F0ADFE8D2DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.52.0/23
                  103.7.117.0-103.7.118.255
                  103.13.19.0/24
                  103.15.32.0/22
                  103.248.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:c1:7d:2f:6b:a1:4a:34:03:97:33:60:ef:e8:52:44:61:34:
         2e:42:df:b7:05:6e:ff:06:6f:97:cc:3f:e9:24:d6:b3:cb:c7:
         60:69:ff:27:9e:2e:a0:8e:60:0d:80:db:74:cb:f6:91:6f:f8:
         c2:a6:e1:fb:da:96:65:8e:da:64:1d:07:8e:7f:df:98:b3:e1:
         6c:7b:67:0b:6e:c5:ac:2f:37:f3:63:7e:e7:4a:15:8e:ff:0e:
         de:18:56:86:c4:54:6e:23:13:bb:e4:f3:5e:d7:db:e1:3a:44:
         c3:a9:f5:9b:e7:2b:d2:f2:28:b0:0d:2e:ef:ba:2b:dc:f7:8f:
         ff:29:2d:22:ed:f0:59:53:0e:18:68:be:45:04:c0:85:3d:57:
         00:18:7b:96:cf:05:3f:2b:fb:d6:a9:bb:c0:3c:a3:1a:9d:15:
         cf:fc:28:ab:b0:52:a1:3b:93:7f:1a:8d:17:fc:8a:1a:26:bc:
         0b:e6:b6:ec:79:c0:25:d3:e6:16:e4:cd:84:79:d6:b0:11:cd:
         bb:93:2c:c7:01:36:5f:fe:36:08:58:7e:08:8b:67:58:4a:fc:
         56:fd:43:08:b0:3d:47:31:5e:ae:5f:24:63:cf:28:e4:be:ae:
         c5:48:b2:01:bd:a3:03:7f:d4:58:90:73:c1:79:47:8f:31:46:
         01:08:87:96
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICC/swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwNzAzMDcyMTA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY2MmY2Mi05YjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmQMvheQKkcMI9fhv4RQ9PQLNUNNfou/tz1CaZtc4+Ar85be64maHJaM7bV2d
vM95TvhHOY84w5vwkjMMJXhsUi9gf1ECCRks9K4P7XJXaX250qbuLTkJISNa+X9r
8zPOWHY8PVVh/fcKDqWTxNrthqbgWweByw5o1SsdVEAUwz11P9sYpoGr6jGDnUA0
GR8wgQevmtFh4bjyXxuDOjNmmIZxc53eVmSEHQIROjapaPLFui2YAy1aYly47nxW
+DfcntFP8rF9gICAybDvqHu8pF3jk5/4oriYBRrVSdLlt6HUX5hcDD/sKnMpqXB1
oH87mACrkw9kfQtzLAbSmLwuvQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFG/PniJW
D1Q6g8ZzgqL0pLC0j9vPMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvN0EzNTE5NUEw
QTE4MTFGMEFERkU4RDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAEr5jQwDAMEAGcHdQMEAGcHdgMEAGcNEwMEAmcPIAMEAWf4
ljANBgkqhkiG9w0BAQsFAAOCAQEAmsF9L2uhSjQDlzNg7+hSRGE0LkLftwVu/wZv
l8w/6STWs8vHYGn/J54uoI5gDYDbdMv2kW/4wqbh+9qWZY7aZB0Hjn/fmLPhbHtn
C27FrC8382N+50oVjv8O3hhWhsRUbiMTu+TzXtfb4TpEw6n1m+cr0vIosA0u77or
3PeP/yktIu3wWVMOGGi+RQTAhT1XABh7ls8FPyv71qm7wDyjGp0Vz/woq7BSoTuT
fxqNF/yKGia8C+a27HnAJdPmFuTNhHnWsBHNu5MsxwE2X/42CFh+CItnWEr8Vv1D
CLA9RzFerl8kY88o5L6uxUiyAb2jA3/UWJBzwXlHjzFGAQiHlg==
-----END CERTIFICATE-----