Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/83EE27DA168411EFB6BDB96BC4F9AE02.roa
File:                     83EE27DA168411EFB6BDB96BC4F9AE02.roa (raw, json)
Hash identifier:          AJqQxKXn3M7eAMNMtJGFDKvzjeTofk0Hjnu2lLi864A=
Subject key identifier:   69:1B:F9:CF:B7:5D:1F:F0:1A:A9:C3:3E:11:97:24:D4:E6:CA:88:33
Certificate issuer:       /CN=A912F535/serialNumber=D48CED18F68CA226983F9F999A140636275B6A55
Certificate serial:       54
Authority key identifier: D4:8C:ED:18:F6:8C:A2:26:98:3F:9F:99:9A:14:06:36:27:5B:6A:55
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1IztGPaMoiaYP5-ZmhQGNidbalU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/83EE27DA168411EFB6BDB96BC4F9AE02.roa
Signing time:             Mon 20 May 2024 08:39:48 +0000
ROA not before:           Mon 20 May 2024 08:39:48 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     400619
IP address blocks:        14.192.4.0/23 maxlen: 24
                          14.192.6.0/23 maxlen: 24
                          43.224.224.0/22 maxlen: 24
                          103.215.76.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 09:16:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84 (0x54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912F535/serialNumber=D48CED18F68CA226983F9F999A140636275B6A55
        Validity
            Not Before: May 20 08:39:48 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=664b0c53-b35a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:e2:31:c9:36:08:1a:b6:9b:9f:4c:8c:a2:c7:
                    6d:bc:67:6b:61:94:2d:c7:3d:c3:59:74:f1:9d:aa:
                    09:56:d0:6a:50:76:e7:8e:88:d4:5f:d5:8a:6a:d8:
                    d8:3f:de:c2:ba:67:d6:f8:5b:8c:b2:0c:4a:11:b4:
                    8f:81:bc:1d:22:39:d3:41:94:b1:d8:45:aa:65:ac:
                    94:01:dc:e1:74:27:70:9b:91:12:b4:34:f6:06:ca:
                    cf:90:6d:59:38:cd:72:cf:65:7b:d3:cf:5b:c6:0b:
                    45:d7:6f:d2:64:6b:74:19:9c:43:74:0c:6e:0f:bd:
                    a8:b8:ac:cc:5b:dc:7a:30:86:0b:5c:46:56:33:37:
                    b9:be:20:8c:63:1e:40:d3:c7:e0:56:9d:f1:54:81:
                    22:12:a8:2b:07:93:d2:75:27:cb:eb:c1:d6:ee:d3:
                    c8:1e:73:ce:ad:96:7a:85:b0:97:15:b7:5b:4d:67:
                    40:61:d0:37:91:20:3f:19:b0:9f:14:29:c2:9b:25:
                    73:9f:ec:e2:0e:9d:47:40:c2:4c:99:98:19:78:9a:
                    58:3d:c5:bb:a1:10:a5:55:a6:a5:ec:f8:70:0d:9a:
                    4d:f3:ef:29:ac:6a:7e:da:de:22:aa:5e:69:e6:4e:
                    a9:b0:7b:b1:5d:d4:4c:ae:78:6c:31:9b:25:3b:7f:
                    d7:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:1B:F9:CF:B7:5D:1F:F0:1A:A9:C3:3E:11:97:24:D4:E6:CA:88:33
            X509v3 Authority Key Identifier:
                keyid:D4:8C:ED:18:F6:8C:A2:26:98:3F:9F:99:9A:14:06:36:27:5B:6A:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/1IztGPaMoiaYP5-ZmhQGNidbalU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1IztGPaMoiaYP5-ZmhQGNidbalU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F535/69A58078BA6611EEBC39626EC4F9AE02/83EE27DA168411EFB6BDB96BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.192.4.0/22
                  43.224.224.0/22
                  103.215.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:04:44:11:9e:43:30:d6:7d:82:6b:84:d9:a7:23:8f:a4:f9:
         53:07:8f:ce:6f:24:b5:5a:1d:83:27:b5:92:2b:f3:a5:74:ff:
         93:c3:4b:a0:89:ee:14:e6:f5:a3:f1:29:64:9f:54:ed:5f:f0:
         00:f0:4e:35:dc:15:45:b1:83:6b:4a:66:98:a8:7c:2d:e6:8b:
         32:23:a5:1e:a9:ca:65:c3:a1:b1:6a:59:dd:6e:23:19:84:0c:
         5f:68:ca:44:8f:88:25:97:4d:bf:21:65:70:06:c6:f5:f1:c7:
         74:cb:ad:ca:33:8f:05:6c:4c:e6:f5:2d:d4:86:7e:14:c7:7b:
         d6:46:d0:a3:dd:7a:03:9a:e4:98:ab:ed:79:d8:64:6c:6e:de:
         b4:67:80:a1:5e:46:d9:cc:da:76:8f:a0:c8:d6:60:14:ae:6e:
         a3:79:92:bd:2a:40:29:57:97:39:3e:92:2b:11:01:1c:f8:b8:
         d5:49:15:bf:80:ae:bd:cd:92:a5:c3:4d:fd:29:0f:6b:de:a9:
         71:60:56:69:3e:d7:6d:de:88:c2:c1:a9:84:1e:05:c1:0f:8b:
         78:1a:b5:c3:c1:26:b8:99:c2:8a:e4:77:25:d1:4e:92:c6:fb:
         9e:f9:4e:ca:51:11:93:7f:64:ff:96:05:54:76:b5:2c:a1:29:
         43:20:7f:40
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RjUzNTExMC8GA1UEBRMoRDQ4Q0VEMThGNjhDQTIyNjk4M0Y5Rjk5OUExNDA2MzYy
NzVCNkE1NTAeFw0yNDA1MjAwODM5NDhaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NGIwYzUzLWIzNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd4jHJNggatpufTIyix228Z2thlC3HPcNZdPGdqglW0GpQdueOiNRf1Ypq2Ng/
3sK6Z9b4W4yyDEoRtI+BvB0iOdNBlLHYRaplrJQB3OF0J3CbkRK0NPYGys+QbVk4
zXLPZXvTz1vGC0XXb9Jka3QZnEN0DG4Pvai4rMxb3HowhgtcRlYzN7m+IIxjHkDT
x+BWnfFUgSISqCsHk9J1J8vrwdbu08gec86tlnqFsJcVt1tNZ0Bh0DeRID8ZsJ8U
KcKbJXOf7OIOnUdAwkyZmBl4mlg9xbuhEKVVpqXs+HANmk3z7ymsan7a3iKqXmnm
Tqmwe7Fd1EyueGwxmyU7f9dTAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUaRv5z7dd
H/AaqcM+EZck1ObKiDMwHwYDVR0jBBgwFoAU1IztGPaMoiaYP5+ZmhQGNidbalUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGNTM1LzY5QTU4MDc4QkE2
NjExRUVCQzM5NjI2RUM0RjlBRTAyLzFJenRHUGFNb2lhWVA1LVptaFFHTmlkYmFs
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMUl6dEdQYU1vaWFZUDUtWm1oUUdOaWRiYWxVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RjUzNS82OUE1ODA3OEJBNjYxMUVFQkMzOTYyNkVDNEY5QUUwMi84M0VFMjdEQTE2
ODQxMUVGQjZCREI5NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAg7ABAMEAivg4AMEAmfXTDANBgkqhkiG9w0BAQsFAAOCAQEA
pAREEZ5DMNZ9gmuE2acjj6T5UwePzm8ktVodgye1kivzpXT/k8NLoInuFOb1o/Ep
ZJ9U7V/wAPBONdwVRbGDa0pmmKh8LeaLMiOlHqnKZcOhsWpZ3W4jGYQMX2jKRI+I
JZdNvyFlcAbG9fHHdMutyjOPBWxM5vUt1IZ+FMd71kbQo916A5rkmKvtedhkbG7e
tGeAoV5G2czado+gyNZgFK5uo3mSvSpAKVeXOT6SKxEBHPi41UkVv4Cuvc2SpcNN
/SkPa96pcWBWaT7Xbd6IwsGphB4FwQ+LeBq1w8EmuJnCiuR3JdFOksb7nvlOylER
k39k/5YFVHa1LKEpQyB/QA==
-----END CERTIFICATE-----