Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/64348648D29811EF9FF5C45AC4F9AE02.roa
File:                     64348648D29811EF9FF5C45AC4F9AE02.roa (raw, json)
Hash identifier:          r8vKFC50S4u1DHN5P9xZL8vrmnVJt2LocEu9+sq2hBY=
Subject key identifier:   70:90:39:11:63:65:15:2F:78:B2:6C:E1:2D:C9:C6:5B:81:0B:2C:C0
Certificate issuer:       /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial:       0C05
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/64348648D29811EF9FF5C45AC4F9AE02.roa
Signing time:             Tue 14 Jan 2025 16:55:43 +0000
ROA not before:           Tue 14 Jan 2025 16:55:43 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     208485
IP address blocks:        14.192.136.0/24 maxlen: 24
                          14.192.138.0/24 maxlen: 24
                          14.192.139.0/24 maxlen: 24
                          14.192.143.0/24 maxlen: 24
                          14.192.145.0/24 maxlen: 24
                          14.192.158.0/24 maxlen: 24
                          14.192.159.0/24 maxlen: 24
                          43.247.123.0/24 maxlen: 24
                          103.20.133.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 15 Jan 2025 16:03:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3077 (0xc05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915A0CD
        Validity
            Not Before: Jan 14 16:55:43 2025 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=6786970f-5000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:74:29:33:ce:30:2e:4d:e5:9b:bf:e0:33:47:
                    b5:70:64:8c:2f:bf:2f:07:e2:b8:97:30:71:ca:ba:
                    7e:f8:9f:f1:e3:be:b7:37:3b:14:35:2d:01:68:8a:
                    6f:b8:fa:24:ba:f3:43:36:79:39:51:5b:79:e6:0f:
                    12:cb:09:53:e5:fb:86:39:dc:17:ce:a7:8e:a6:2a:
                    d3:72:ba:a7:63:32:18:8e:3f:1c:d7:52:bf:c2:a8:
                    a5:61:ef:54:43:f6:84:6a:dd:7a:4e:b4:6e:e1:d5:
                    55:71:d3:ac:9e:e2:0f:f8:c7:d1:74:cb:ad:2d:51:
                    e4:06:96:81:b3:46:07:61:4a:3f:67:ab:51:40:73:
                    81:1e:e7:5e:9b:cf:91:24:d3:28:9a:f4:1f:2e:e7:
                    c9:c8:f1:80:53:4a:68:40:ee:43:20:dd:22:c5:ad:
                    c4:64:f6:36:34:2d:4f:04:cc:66:e2:40:37:99:e0:
                    10:34:ee:9d:0a:a7:ee:9c:f4:6c:ed:66:d4:15:23:
                    a5:f7:a7:97:f2:17:e2:5e:05:de:6f:0f:39:11:ad:
                    c4:f2:89:3d:00:9e:d2:5b:c2:d0:cf:8c:df:82:9e:
                    a9:75:2f:c3:35:25:f6:41:e2:bd:b3:cc:7b:91:fb:
                    ca:2d:eb:9e:f7:93:c9:0f:e9:b5:5e:9c:8a:cb:b5:
                    ca:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:90:39:11:63:65:15:2F:78:B2:6C:E1:2D:C9:C6:5B:81:0B:2C:C0
            X509v3 Authority Key Identifier:
                keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/64348648D29811EF9FF5C45AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.192.136.0/24
                  14.192.138.0/23
                  14.192.143.0/24
                  14.192.145.0/24
                  14.192.158.0/23
                  43.247.123.0/24
                  103.20.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:f1:f9:9e:4c:38:92:2c:fd:b9:c3:75:16:26:81:b8:46:f0:
         31:57:e1:91:67:10:62:01:b9:47:a4:3e:b0:e1:32:99:76:2e:
         8d:4e:4d:0b:53:fc:67:43:17:de:7a:d0:c4:55:68:71:cc:21:
         04:ee:bf:52:59:0c:f8:cc:37:44:65:76:8c:53:d0:43:97:ad:
         c5:62:5f:0f:58:06:2c:29:38:a4:31:9d:aa:54:a7:b5:ec:95:
         86:e2:81:af:a2:c5:4b:f5:37:ad:cb:54:36:ea:85:d6:56:98:
         b3:eb:50:a3:83:c3:2a:35:08:7b:b2:b1:e0:e4:9c:eb:47:0a:
         9c:ad:39:29:e1:4f:49:b6:60:90:11:c3:8c:a0:a7:76:b2:1a:
         2d:e7:83:6f:e2:94:a8:fa:02:2f:0f:bf:4f:50:7b:cb:b3:64:
         7f:a6:3d:b9:c1:49:32:16:66:4f:c6:e8:02:4f:23:6d:69:a4:
         25:37:76:90:3d:79:ba:0c:6c:8a:2a:46:e4:68:05:07:19:54:
         31:5d:0e:27:ed:a8:75:35:da:65:ca:08:0c:34:74:3f:9f:df:
         51:20:be:16:3e:eb:3c:0e:64:6d:0d:47:89:9c:83:85:c6:7d:
         1d:61:f6:28:b7:03:a8:89:01:f2:54:74:9c:05:7f:36:bd:ba:
         9a:86:91:cf
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICDAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMTE0MTY1NTQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OTcwZi01MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnQpM84wLk3lm7/gM0e1cGSML78vB+K4lzBxyrp++J/x4763NzsUNS0BaIpv
uPokuvNDNnk5UVt55g8SywlT5fuGOdwXzqeOpirTcrqnYzIYjj8c11K/wqilYe9U
Q/aEat16TrRu4dVVcdOsnuIP+MfRdMutLVHkBpaBs0YHYUo/Z6tRQHOBHudem8+R
JNMomvQfLufJyPGAU0poQO5DIN0ixa3EZPY2NC1PBMxm4kA3meAQNO6dCqfunPRs
7WbUFSOl96eX8hfiXgXebw85Ea3E8ok9AJ7SW8LQz4zfgp6pdS/DNSX2QeK9s8x7
kfvKLeue95PJD+m1XpyKy7XK4QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFHCQORFj
ZRUveLJs4S3JxluBCyzAMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNjQzNDg2NDhE
Mjk4MTFFRjlGRjVDNDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAAOwIgDBAEOwIoDBAAOwI8DBAAOwJEDBAEOwJ4DBAAr93sD
BABnFIUwDQYJKoZIhvcNAQELBQADggEBAAjx+Z5MOJIs/bnDdRYmgbhG8DFX4ZFn
EGIBuUekPrDhMpl2Lo1OTQtT/GdDF9560MRVaHHMIQTuv1JZDPjMN0RldoxT0EOX
rcViXw9YBiwpOKQxnapUp7XslYbiga+ixUv1N63LVDbqhdZWmLPrUKODwyo1CHuy
seDknOtHCpytOSnhT0m2YJARw4ygp3ayGi3ng2/ilKj6Ai8Pv09Qe8uzZH+mPbnB
STIWZk/G6AJPI21ppCU3dpA9eboMbIoqRuRoBQcZVDFdDiftqHU12mXKCAw0dD+f
31EgvhY+6zwOZG0NR4mcg4XGfR1h9ii3A6iJAfJUdJwFfza9upqGkc8=
-----END CERTIFICATE-----