Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/4D240522C92711EDAE3AB84EC4F9AE02.roa
File:                     4D240522C92711EDAE3AB84EC4F9AE02.roa (raw, json)
Hash identifier:          EIHjK2e+E7rHjVZMC+fDNtdY3pw8jNLvA/ctsL3ijIg=
Subject key identifier:   B6:1A:97:C0:45:6A:A3:86:01:A1:6A:FB:77:13:DF:5D:86:9B:3E:2C
Certificate issuer:       /CN=A913F0E3/serialNumber=8E8377810CF9C204BB12584F3E5B5F050368246F
Certificate serial:       1D9C
Authority key identifier: 8E:83:77:81:0C:F9:C2:04:BB:12:58:4F:3E:5B:5F:05:03:68:24:6F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/joN3gQz5wgS7ElhPPltfBQNoJG8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/4D240522C92711EDAE3AB84EC4F9AE02.roa
Signing time:             Sat 28 Oct 2023 16:23:26 +0000
ROA not before:           Sat 28 Oct 2023 16:23:26 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     58631
IP address blocks:        103.5.28.0/24 maxlen: 24
                          103.192.197.0/24 maxlen: 24
                          2001:df0:247::/48 maxlen: 48
                          2400:c760::/48 maxlen: 48
                          2400:c760:1::/48 maxlen: 48
                          2400:c760:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 19 Sep 2024 03:56:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7580 (0x1d9c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913F0E3/serialNumber=8E8377810CF9C204BB12584F3E5B5F050368246F
        Validity
            Not Before: Oct 28 16:23:26 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=653d357e-d48f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:aa:f3:95:2d:be:0c:a1:ce:4f:fd:10:9a:95:
                    f3:97:6c:a9:4c:02:6d:8c:30:5a:b7:e4:dd:ac:15:
                    8d:37:c9:28:b1:f5:55:10:64:71:da:48:c3:aa:e8:
                    4d:73:34:31:44:e2:da:1d:98:fc:70:df:4b:1a:a0:
                    00:8b:ef:78:94:97:34:13:20:2b:57:54:41:c7:6e:
                    8f:6d:c1:54:96:d1:9c:22:bb:59:b8:05:03:9b:f5:
                    a2:c6:84:7f:f1:94:40:b7:60:6e:a2:a1:ea:d4:9c:
                    92:62:f3:f6:9a:b8:39:58:f9:51:d0:7f:92:65:7d:
                    a0:2c:ab:f3:70:05:4d:60:64:9b:de:c5:71:eb:76:
                    df:c2:5b:95:ce:33:05:f5:44:38:a4:a4:b2:5a:16:
                    aa:a0:7d:3b:c9:a3:07:fb:bb:1d:e4:7c:a1:07:20:
                    f7:6e:50:2f:7c:34:62:b6:92:06:f3:4f:dd:f7:07:
                    e3:b0:f7:16:6f:36:60:10:e9:6a:7e:2e:01:4b:52:
                    5a:31:51:6d:b9:29:f9:51:d4:03:04:20:1f:b7:da:
                    fc:e3:96:2d:10:22:51:d3:cf:c0:9a:93:e7:b7:6b:
                    1b:c2:1f:80:12:ba:01:72:69:a8:f3:0a:26:9f:ec:
                    f5:d8:10:dd:91:3d:94:fe:99:94:35:9d:86:36:80:
                    b9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:1A:97:C0:45:6A:A3:86:01:A1:6A:FB:77:13:DF:5D:86:9B:3E:2C
            X509v3 Authority Key Identifier:
                keyid:8E:83:77:81:0C:F9:C2:04:BB:12:58:4F:3E:5B:5F:05:03:68:24:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/joN3gQz5wgS7ElhPPltfBQNoJG8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/joN3gQz5wgS7ElhPPltfBQNoJG8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/4D240522C92711EDAE3AB84EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.5.28.0/24
                  103.192.197.0/24
                IPv6:
                  2001:df0:247::/48
                  2400:c760::-2400:c760:2:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         90:e9:9f:00:c5:a6:45:1e:3d:17:d0:7f:44:c8:39:99:74:68:
         f9:33:4a:d3:a3:9e:31:1d:7a:09:fd:dd:4b:3a:12:94:9e:0c:
         29:52:cf:73:86:e8:6e:44:c9:41:49:f4:eb:18:da:02:8d:77:
         11:e7:0d:89:dc:12:f4:f8:28:9b:ad:ee:80:ce:c6:c8:d8:0b:
         20:e7:cf:6d:ed:cc:c2:17:a5:22:12:02:4f:c6:59:e7:a2:2f:
         51:1f:65:77:22:95:b5:e6:bc:56:51:98:8f:cb:72:41:97:a4:
         57:6e:cd:ad:19:68:ab:e2:57:d9:56:5f:78:28:97:21:64:c9:
         4a:c9:25:c4:a8:02:9e:71:74:f5:37:0b:89:9f:d9:70:d6:a8:
         2c:77:14:02:b8:f8:9b:f2:00:c9:17:35:14:0f:54:11:af:ba:
         92:64:38:64:53:aa:7d:96:be:d7:12:b0:dd:89:1a:99:ce:96:
         b0:d1:38:ec:30:b1:7a:d6:82:5e:53:a0:b2:9f:1d:f2:8d:45:
         eb:dd:9d:51:33:79:ed:97:8f:13:9f:f8:c7:7c:18:ce:d8:a2:
         2f:34:06:e9:e6:b1:ac:58:89:ac:ed:42:6c:51:10:00:cd:ee:
         c9:cb:a5:95:81:a0:3d:24:80:8b:2d:5c:54:bf:39:79:b6:44:
         56:ee:4f:78
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICHZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0YwRTMxMTAvBgNVBAUTKDhFODM3NzgxMENGOUMyMDRCQjEyNTg0RjNFNUI1RjA1
MDM2ODI0NkYwHhcNMjMxMDI4MTYyMzI2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNkMzU3ZS1kNDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwqrzlS2+DKHOT/0QmpXzl2ypTAJtjDBat+TdrBWNN8kosfVVEGRx2kjDquhN
czQxROLaHZj8cN9LGqAAi+94lJc0EyArV1RBx26PbcFUltGcIrtZuAUDm/WixoR/
8ZRAt2BuoqHq1JySYvP2mrg5WPlR0H+SZX2gLKvzcAVNYGSb3sVx63bfwluVzjMF
9UQ4pKSyWhaqoH07yaMH+7sd5HyhByD3blAvfDRitpIG80/d9wfjsPcWbzZgEOlq
fi4BS1JaMVFtuSn5UdQDBCAft9r845YtECJR08/AmpPnt2sbwh+AEroBcmmo8wom
n+z12BDdkT2U/pmUNZ2GNoC5lQIDAQABo4ICvjCCArowHQYDVR0OBBYEFLYal8BF
aqOGAaFq+3cT312Gmz4sMB8GA1UdIwQYMBaAFI6Dd4EM+cIEuxJYTz5bXwUDaCRv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjBFMy8yOTE1NzZCRTZC
MzQxMUU2OTE4NEI2NkNDNEY5QUUwMi9qb04zZ1F6NXdnUzdFbGhQUGx0ZkJRTm9K
RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pvTjNnUXo1d2dTN0VsaFBQbHRmQlFOb0pHOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0YwRTMvMjkxNTc2QkU2QjM0MTFFNjkxODRCNjZDQzRGOUFFMDIvNEQyNDA1MjJD
OTI3MTFFREFFM0FCODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MBIEAgABMAwDBABnBRwDBABnwMUwIQQCAAIwGwMHACABDfACRzAQAwUFJADH
YAMHACQAx2AAAjANBgkqhkiG9w0BAQsFAAOCAQEAkOmfAMWmRR49F9B/RMg5mXRo
+TNK06OeMR16Cf3dSzoSlJ4MKVLPc4bobkTJQUn06xjaAo13EecNidwS9Pgom63u
gM7GyNgLIOfPbe3MwhelIhICT8ZZ56IvUR9ldyKVtea8VlGYj8tyQZekV27NrRlo
q+JX2VZfeCiXIWTJSsklxKgCnnF09TcLiZ/ZcNaoLHcUArj4m/IAyRc1FA9UEa+6
kmQ4ZFOqfZa+1xKw3Ykamc6WsNE47DCxetaCXlOgsp8d8o1F692dUTN57ZePE5/4
x3wYztiiLzQG6eaxrFiJrO1CbFEQAM3uycullYGgPSSAiy1cVL85ebZEVu5PeA==
-----END CERTIFICATE-----