Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/6A795E92ECA411ED8FDDC54AC4F9AE02.roa
File:                     6A795E92ECA411ED8FDDC54AC4F9AE02.roa (raw, json)
Hash identifier:          dXydeg5lWEhtDteHXpVJHXS3J9oWfLGuik/h1dY8QJI=
Subject key identifier:   D9:53:8F:A7:C3:9E:15:A4:AB:1B:74:73:F6:BF:22:9A:1B:34:05:3B
Certificate issuer:       /CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Certificate serial:       0AC9
Authority key identifier: F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/6A795E92ECA411ED8FDDC54AC4F9AE02.roa
Signing time:             Fri 02 Jun 2023 20:31:39 +0000
ROA not before:           Fri 02 Jun 2023 20:31:39 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     141731
IP address blocks:        2401:c5c0:2000::/42 maxlen: 42
                          2401:c5c0:2000::/48 maxlen: 48
                          2401:c5c0:2001::/48 maxlen: 48
                          2401:c5c0:2002::/48 maxlen: 48
                          2401:c5c0:2003::/48 maxlen: 48
                          2401:c5c0:2004::/48 maxlen: 48
                          2401:c5c0:2005::/48 maxlen: 48
                          2401:c5c0:2006::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 05 Sep 2023 04:14:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2761 (0xac9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
        Validity
            Not Before: Jun  2 20:31:39 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=647a51ab-3e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:75:fb:d8:4d:1f:58:cb:c7:6f:dc:47:bb:fc:
                    45:d4:9b:8f:32:bd:cf:6a:92:a4:03:99:2a:84:9f:
                    f1:2d:d7:b5:db:54:67:8f:61:aa:a6:2e:5d:f7:7d:
                    46:7a:59:57:68:1d:1f:af:51:2a:ff:85:06:63:6f:
                    8c:d1:ba:d5:16:a5:99:c0:29:0e:1b:5f:3b:a0:a2:
                    60:49:4a:a3:d5:b9:db:9f:2d:15:6e:02:9f:d1:79:
                    3b:96:88:1a:77:57:2d:e2:ef:11:c8:55:0b:97:1b:
                    18:9c:9b:86:c7:a1:c9:f2:9f:f7:0b:4d:d4:2e:e7:
                    ad:84:cb:fd:fd:f5:5d:f3:4b:6a:27:97:8f:da:9b:
                    55:6b:f7:92:83:13:eb:6d:af:d2:cd:c7:32:c6:66:
                    3f:be:c8:93:0b:7e:f3:e5:1b:35:63:65:94:2a:28:
                    cc:75:f7:7c:d5:95:3f:73:23:31:78:32:3b:3e:c7:
                    2e:0f:3a:56:ab:6a:a2:33:25:00:3e:5f:a6:3d:73:
                    1c:58:f8:93:5e:6e:94:83:f2:72:a6:ef:1b:d3:b1:
                    38:23:72:39:aa:7f:04:0a:a8:10:0f:9d:21:42:f8:
                    b4:26:d6:2e:b5:ca:a2:1c:07:94:c1:b6:8d:d1:95:
                    7f:47:a5:3d:d5:f7:22:d8:f5:a7:20:70:67:d1:2f:
                    8b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:53:8F:A7:C3:9E:15:A4:AB:1B:74:73:F6:BF:22:9A:1B:34:05:3B
            X509v3 Authority Key Identifier:
                keyid:F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/6A795E92ECA411ED8FDDC54AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:c5c0:2000::/42

    Signature Algorithm: sha256WithRSAEncryption
         93:47:3e:f6:af:67:f9:55:0b:00:78:3d:d2:28:db:9c:c2:d4:
         ad:32:08:ed:3b:3a:59:47:0a:8c:4d:f2:97:e8:bc:5c:87:f5:
         49:c5:b3:80:a6:b6:cc:a0:ef:ac:41:2d:88:59:85:29:9d:90:
         91:8f:4b:16:a9:e7:e1:dc:fb:11:18:84:46:54:f7:59:9c:ca:
         66:e0:a9:ca:5b:ff:27:4c:7a:b4:dd:75:56:31:7b:cc:e8:08:
         86:3b:ea:7e:a1:4c:03:84:05:02:d7:27:7c:6c:21:37:68:01:
         20:af:26:0e:d9:f2:61:64:3d:9e:1e:55:5c:7f:ab:26:28:cb:
         4c:e8:f0:e9:63:1c:b1:d8:f1:a3:59:cf:db:b9:49:1f:31:f5:
         f6:42:e2:84:31:d2:6c:10:91:9b:56:57:84:56:68:59:15:0f:
         ba:ac:58:68:d2:3b:bf:53:c0:c4:d7:b7:cb:23:a9:b4:dc:c1:
         e0:37:24:79:db:06:c8:80:36:0e:0d:dc:10:55:4a:d0:46:ae:
         81:8b:88:76:61:bb:5d:98:d3:60:d7:49:a0:5e:d1:f1:11:b8:
         72:01:a7:0e:2c:96:9a:5f:4c:82:15:0b:28:a8:78:c0:77:86:
         e6:88:1f:d9:e0:f4:03:05:94:7c:ef:02:28:f3:d0:42:91:73:
         e8:93:85:27
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg5MjgxMTAvBgNVBAUTKEY1QzlEMzBFOUQwNzcxQ0QwN0U1MUIyRTRBNTJCNTIy
NTNBQkQwMjYwHhcNMjMwNjAyMjAzMTM5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhNTFhYi0zZTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr3X72E0fWMvHb9xHu/xF1JuPMr3PapKkA5kqhJ/xLde121Rnj2Gqpi5d931G
ellXaB0fr1Eq/4UGY2+M0brVFqWZwCkOG187oKJgSUqj1bnbny0VbgKf0Xk7loga
d1ct4u8RyFULlxsYnJuGx6HJ8p/3C03ULuethMv9/fVd80tqJ5eP2ptVa/eSgxPr
ba/SzccyxmY/vsiTC37z5Rs1Y2WUKijMdfd81ZU/cyMxeDI7PscuDzpWq2qiMyUA
Pl+mPXMcWPiTXm6Ug/Jypu8b07E4I3I5qn8ECqgQD50hQvi0JtYutcqiHAeUwbaN
0ZV/R6U91fci2PWnIHBn0S+LAQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNlTj6fD
nhWkqxt0c/a/IpobNAU7MB8GA1UdIwQYMBaAFPXJ0w6dB3HNB+UbLkpStSJTq9Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODkyOC80REE3QkIyMDBC
NUIxMUVBQTNFQkM2NTBDNEY5QUUwMi85Y25URHAwSGNjMEg1UnN1U2xLMUlsT3Iw
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzljblREcDBIY2MwSDVSc3VTbEsxSWxPcjBDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg5MjgvNERBN0JCMjAwQjVCMTFFQUEzRUJDNjUwQzRGOUFFMDIvNkE3OTVFOTJF
Q0E0MTFFRDhGRERDNTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwYkAcXAIAAwDQYJKoZIhvcNAQELBQADggEBAJNHPvavZ/lV
CwB4PdIo25zC1K0yCO07OllHCoxN8pfovFyH9UnFs4Cmtsyg76xBLYhZhSmdkJGP
Sxap5+Hc+xEYhEZU91mcymbgqcpb/ydMerTddVYxe8zoCIY76n6hTAOEBQLXJ3xs
ITdoASCvJg7Z8mFkPZ4eVVx/qyYoy0zo8OljHLHY8aNZz9u5SR8x9fZC4oQx0mwQ
kZtWV4RWaFkVD7qsWGjSO79TwMTXt8sjqbTcweA3JHnbBsiANg4N3BBVStBGroGL
iHZhu12Y02DXSaBe0fERuHIBpw4slppfTIIVCyioeMB3huaIH9ng9AMFlHzvAijz
0EKRc+iThSc=
-----END CERTIFICATE-----