Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912D826/CF4E1D74AE4A11EC846F3F68C4F9AE02/6BC9725CAE5011EC8547106FC4F9AE02.roa
File:                     6BC9725CAE5011EC8547106FC4F9AE02.roa (raw, json)
Hash identifier:          XSUJmKCrqD1w1CB5GddJ3gQD66qZNbyzMMEeHiej6F0=
Subject key identifier:   EB:DC:72:E4:2B:1A:6E:C5:42:44:6C:32:7B:9B:87:E2:52:F8:F3:91
Certificate issuer:       /CN=A912D826/serialNumber=3D2CCC9183744DC696A8556BCB9043848E95DF70
Certificate serial:       01F9
Authority key identifier: 3D:2C:CC:91:83:74:4D:C6:96:A8:55:6B:CB:90:43:84:8E:95:DF:70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PSzMkYN0TcaWqFVry5BDhI6V33A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912D826/CF4E1D74AE4A11EC846F3F68C4F9AE02/6BC9725CAE5011EC8547106FC4F9AE02.roa
Signing time:             Tue 30 May 2023 08:36:55 +0000
ROA not before:           Tue 30 May 2023 08:36:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     149657
IP address blocks:        103.185.22.0/23 maxlen: 23
                          2400:6920::/36 maxlen: 36
                          2400:6920:f000::/48 maxlen: 48
                          2400:6920:f001::/48 maxlen: 48
                          2400:6920:f002::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 505 (0x1f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912D826/serialNumber=3D2CCC9183744DC696A8556BCB9043848E95DF70
        Validity
            Not Before: May 30 08:36:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6475b5a6-f01f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:35:c7:c4:34:8c:62:81:f8:48:d8:96:21:56:
                    a4:53:a5:e8:63:97:d4:ff:96:e9:94:90:34:8a:2c:
                    d4:57:8d:07:c0:10:4a:ad:4b:22:a1:f4:4c:0d:f1:
                    a7:b5:61:40:8e:d9:8c:93:ab:b6:5b:e4:fc:cc:4e:
                    8f:fa:4e:72:c9:11:bd:0d:31:07:95:10:22:76:80:
                    c1:bd:f8:bf:64:7b:0e:0e:f9:63:d5:e6:96:8c:b6:
                    73:34:5b:6c:a1:d6:23:6a:87:1c:72:ac:48:aa:3c:
                    51:66:a7:09:74:23:e0:1f:09:ed:ce:cb:38:2a:12:
                    f8:1a:57:30:d9:4a:d9:c7:14:e7:b3:f7:f2:43:23:
                    84:c1:81:9d:86:cc:32:a8:b7:70:03:ca:a7:d1:d3:
                    53:b3:f3:0f:f9:e3:69:7a:f8:63:5a:d1:0c:24:28:
                    ce:71:3a:89:99:c9:5d:6c:8a:a6:03:20:2e:29:c2:
                    3e:6d:b9:a9:ad:a2:39:d4:7f:72:09:5e:0f:c0:2b:
                    db:31:59:51:f1:00:8c:0b:98:39:31:09:45:8c:df:
                    e2:9d:1d:9d:10:b7:c9:d8:05:65:70:aa:99:a1:76:
                    0e:9b:18:10:a0:f4:02:e1:13:f5:8c:70:9f:f6:e6:
                    d4:17:b1:77:cc:3f:1d:56:f4:68:fb:61:df:5a:1f:
                    10:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:DC:72:E4:2B:1A:6E:C5:42:44:6C:32:7B:9B:87:E2:52:F8:F3:91
            X509v3 Authority Key Identifier:
                keyid:3D:2C:CC:91:83:74:4D:C6:96:A8:55:6B:CB:90:43:84:8E:95:DF:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912D826/CF4E1D74AE4A11EC846F3F68C4F9AE02/PSzMkYN0TcaWqFVry5BDhI6V33A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PSzMkYN0TcaWqFVry5BDhI6V33A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D826/CF4E1D74AE4A11EC846F3F68C4F9AE02/6BC9725CAE5011EC8547106FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.185.22.0/23
                IPv6:
                  2400:6920::/36
                  2400:6920:f000::-2400:6920:f002:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         81:1f:78:d9:07:0f:dc:1b:e8:70:35:74:78:a1:5b:fe:4e:9f:
         46:fe:83:1b:cf:2f:f3:ad:ef:88:2e:4e:7c:fa:90:d2:04:e2:
         48:0d:c5:15:a7:6f:da:33:19:ee:b4:d7:3a:86:5c:18:9d:e3:
         0b:df:b8:82:44:71:2c:25:ff:8f:e5:61:cb:15:e6:06:28:33:
         99:bc:1d:a2:bb:58:66:d4:30:c7:15:7d:0d:ae:cc:94:4a:75:
         23:d4:cd:89:5c:4e:7b:d3:39:ce:f3:ac:4b:94:e8:c8:6f:ad:
         07:b8:5d:85:09:e2:35:b7:41:fb:10:69:6b:fa:5d:23:39:5c:
         d1:1a:88:9f:bf:c6:f9:39:34:39:06:fd:86:ce:6b:41:d0:a7:
         13:d3:5e:dd:77:18:46:cb:a7:a6:c4:99:92:6c:57:db:dc:ce:
         13:0d:3f:38:bd:ea:ba:69:69:c9:3c:6f:49:57:c9:51:5b:7b:
         56:4b:bf:9b:e9:84:a8:98:24:f0:46:aa:2e:aa:68:e7:ab:c6:
         a6:48:4d:a6:2b:f6:3d:36:f6:cf:39:39:c2:6f:5c:e1:1b:01:
         65:7b:7a:b7:b3:c1:ad:dd:88:b9:3f:67:4f:b9:19:7f:79:fe:
         32:0b:4f:18:9f:c5:aa:18:0e:6b:d0:b5:94:42:22:e4:a8:71:
         d5:19:21:b6
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICAfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQ4MjYxMTAvBgNVBAUTKDNEMkNDQzkxODM3NDREQzY5NkE4NTU2QkNCOTA0Mzg0
OEU5NURGNzAwHhcNMjMwNTMwMDgzNjU0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc1YjVhNi1mMDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3DXHxDSMYoH4SNiWIVakU6XoY5fU/5bplJA0iizUV40HwBBKrUsiofRMDfGn
tWFAjtmMk6u2W+T8zE6P+k5yyRG9DTEHlRAidoDBvfi/ZHsODvlj1eaWjLZzNFts
odYjaocccqxIqjxRZqcJdCPgHwntzss4KhL4Glcw2UrZxxTns/fyQyOEwYGdhswy
qLdwA8qn0dNTs/MP+eNpevhjWtEMJCjOcTqJmcldbIqmAyAuKcI+bbmpraI51H9y
CV4PwCvbMVlR8QCMC5g5MQlFjN/inR2dELfJ2AVlcKqZoXYOmxgQoPQC4RP1jHCf
9ubUF7F3zD8dVvRo+2HfWh8Q/wIDAQABo4ICuDCCArQwHQYDVR0OBBYEFOvccuQr
Gm7FQkRsMnubh+JS+PORMB8GA1UdIwQYMBaAFD0szJGDdE3GlqhVa8uQQ4SOld9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDgyNi9DRjRFMUQ3NEFF
NEExMUVDODQ2RjNGNjhDNEY5QUUwMi9QU3pNa1lOMFRjYVdxRlZyeTVCRGhJNlYz
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BTek1rWU4wVGNhV3FGVnJ5NUJEaEk2VjMzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQ4MjYvQ0Y0RTFENzRBRTRBMTFFQzg0NkYzRjY4QzRGOUFFMDIvNkJDOTcyNUNB
RTUwMTFFQzg1NDcxMDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMAwEAgABMAYDBAFnuRYwIQQCAAIwGwMGBCQAaSAAMBEDBgQkAGkg8AMHACQA
aSDwAjANBgkqhkiG9w0BAQsFAAOCAQEAgR942QcP3BvocDV0eKFb/k6fRv6DG88v
863viC5OfPqQ0gTiSA3FFadv2jMZ7rTXOoZcGJ3jC9+4gkRxLCX/j+VhyxXmBigz
mbwdortYZtQwxxV9Da7MlEp1I9TNiVxOe9M5zvOsS5ToyG+tB7hdhQniNbdB+xBp
a/pdIzlc0RqIn7/G+Tk0OQb9hs5rQdCnE9Ne3XcYRsunpsSZkmxX29zOEw0/OL3q
umlpyTxvSVfJUVt7Vku/m+mEqJgk8EaqLqpo56vGpkhNpiv2PTb2zzk5wm9c4RsB
ZXt6t7PBrd2IuT9nT7kZf3n+MgtPGJ/FqhgOa9C1lEIi5Khx1Rkhtg==
-----END CERTIFICATE-----