Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
File:                     2005B82854BA11EEB6F36C44C4F9AE02.roa (raw, json)
Hash identifier:          l4W7jdOdRlOBaiNd5+G63OAezhE5Xam5ATOo0OO21z8=
Subject key identifier:   8A:92:0D:67:A6:A0:A6:57:F5:68:B1:5A:D0:CE:6E:6D:A3:F9:56:A5
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0504
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
Signing time:             Fri 13 Oct 2023 18:02:57 +0000
ROA not before:           Fri 13 Oct 2023 18:02:57 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     834
IP address blocks:        43.254.165.0/24 maxlen: 24
                          43.255.122.0/23 maxlen: 24
                          43.255.156.0/24 maxlen: 24
                          103.24.216.0/23 maxlen: 24
                          103.231.58.0/23 maxlen: 24
                          103.240.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Oct 2023 15:48:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1284 (0x504)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Oct 13 18:02:57 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=65298651-6d2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:61:98:39:bb:55:20:c8:6c:85:df:0c:0c:ee:
                    8b:d9:c4:ad:da:59:07:77:02:60:64:f4:6b:60:87:
                    cb:b2:8e:51:2f:92:f1:d0:38:6e:05:8e:27:67:6d:
                    6d:5b:68:44:44:5d:2f:0a:e1:79:7e:d8:6f:0e:ef:
                    71:83:85:8c:8e:12:36:42:4e:da:39:9e:5c:27:47:
                    0d:c0:fe:65:f0:58:a2:06:e5:05:6d:91:de:dc:bf:
                    b3:50:ef:eb:a0:e8:2d:82:4f:12:7e:c4:ab:17:b2:
                    d4:bf:bc:7e:0d:3f:5e:e4:75:ab:a7:87:f1:3b:e6:
                    80:3e:70:d1:22:dc:bf:5f:72:71:9a:12:54:8e:27:
                    82:e8:58:bc:de:a0:5d:a2:b1:bd:48:8c:f0:1d:a7:
                    66:da:b6:8b:7e:4d:8a:03:ec:cc:8f:b8:ac:61:cc:
                    5b:df:0f:09:e2:53:fa:f9:73:23:e2:8c:23:be:e3:
                    f4:85:4d:0b:95:e0:27:da:9d:7e:f0:8c:88:6c:0b:
                    31:32:8b:e1:1e:e4:5f:82:30:ba:d3:a1:d7:3f:33:
                    91:0d:07:80:fb:d4:e0:5d:45:d8:a6:61:4d:91:4c:
                    ab:f1:6e:ff:ca:d0:3c:d7:de:a5:af:ba:06:05:0e:
                    0b:b2:2c:96:cd:2c:a8:c8:b1:37:89:5b:0f:67:1b:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:92:0D:67:A6:A0:A6:57:F5:68:B1:5A:D0:CE:6E:6D:A3:F9:56:A5
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/2005B82854BA11EEB6F36C44C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.254.165.0/24
                  43.255.122.0/23
                  43.255.156.0/24
                  103.24.216.0/23
                  103.231.58.0/23
                  103.240.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:bf:f4:35:81:82:e1:6c:bc:65:f3:36:c3:66:c0:78:2e:db:
         f8:e3:ed:86:4c:23:34:ca:e1:e6:21:54:eb:88:9f:29:73:3c:
         05:3e:a0:b8:fe:e0:84:f3:ce:61:43:45:c8:cb:f7:85:7c:e8:
         d1:59:15:58:c3:13:fe:0a:c8:ae:12:2b:3d:f0:46:f9:a4:88:
         91:be:19:33:cd:56:36:eb:ec:13:b8:e8:bf:0e:9e:25:a7:c8:
         ed:a5:68:9a:3e:28:fe:37:98:d8:7c:9b:d8:8d:77:0e:82:b0:
         f4:eb:d0:85:f3:d5:7d:53:00:a3:15:3b:3e:e8:17:e6:7c:3f:
         71:52:19:26:42:52:58:66:ac:79:b9:f2:e9:f5:12:1e:6b:13:
         bb:7a:30:7a:b0:92:42:7a:89:10:8d:f4:a2:a2:a9:e4:e7:50:
         7a:ba:82:87:0f:44:65:5a:0d:fd:f2:7f:37:db:23:d8:bb:52:
         fc:75:68:71:33:42:c9:d3:b9:ca:2a:de:8f:6f:c0:37:ed:3b:
         d4:9f:4a:63:b6:8b:3f:60:4f:f1:f7:9d:3e:cf:48:f1:ae:ef:
         68:75:2f:43:a2:e3:23:7b:91:94:91:41:c7:d3:1e:f7:17:bd:
         fc:09:a2:11:f5:ce:aa:de:a5:51:10:51:e3:f2:46:b4:ce:ad:
         0d:9c:0d:72
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDEzMTgwMjU3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI5ODY1MS02ZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1WGYObtVIMhshd8MDO6L2cSt2lkHdwJgZPRrYIfLso5RL5Lx0DhuBY4nZ21t
W2hERF0vCuF5fthvDu9xg4WMjhI2Qk7aOZ5cJ0cNwP5l8FiiBuUFbZHe3L+zUO/r
oOgtgk8SfsSrF7LUv7x+DT9e5HWrp4fxO+aAPnDRIty/X3JxmhJUjieC6Fi83qBd
orG9SIzwHadm2raLfk2KA+zMj7isYcxb3w8J4lP6+XMj4owjvuP0hU0LleAn2p1+
8IyIbAsxMovhHuRfgjC606HXPzORDQeA+9TgXUXYpmFNkUyr8W7/ytA8196lr7oG
BQ4LsiyWzSyoyLE3iVsPZxuEGwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFIqSDWem
oKZX9WixWtDObm2j+ValMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMjAwNUI4Mjg1
NEJBMTFFRUI2RjM2QzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/qUDBAEr/3oDBAAr/5wDBAFnGNgDBAFn5zoDBABn8MYw
DQYJKoZIhvcNAQELBQADggEBAH6/9DWBguFsvGXzNsNmwHgu2/jj7YZMIzTK4eYh
VOuInylzPAU+oLj+4ITzzmFDRcjL94V86NFZFVjDE/4KyK4SKz3wRvmkiJG+GTPN
Vjbr7BO46L8OniWnyO2laJo+KP43mNh8m9iNdw6CsPTr0IXz1X1TAKMVOz7oF+Z8
P3FSGSZCUlhmrHm58un1Eh5rE7t6MHqwkkJ6iRCN9KKiqeTnUHq6gocPRGVaDf3y
fzfbI9i7Uvx1aHEzQsnTucoq3o9vwDftO9SfSmO2iz9gT/H3nT7PSPGu72h1L0Oi
4yN7kZSRQcfTHvcXvfwJohH1zqrepVEQUePyRrTOrQ2cDXI=
-----END CERTIFICATE-----