Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/E4FF061450E111EBB1404B4AC4F9AE02.roa
File:                     E4FF061450E111EBB1404B4AC4F9AE02.roa (raw, json)
Hash identifier:          7bIozrzdjkQ/rP1HGbZoy/E6gIf1RTDfdRMDEmHpaBI=
Subject key identifier:   F1:00:F4:57:5D:2D:CA:2A:65:B4:44:48:F6:79:99:84:3E:5D:93:2B
Certificate issuer:       /CN=A9175299/serialNumber=81A7151B177592F86823B69F437624E9C002DE41
Certificate serial:       0A09
Authority key identifier: 81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/E4FF061450E111EBB1404B4AC4F9AE02.roa
Signing time:             Sun 24 Dec 2023 20:27:52 +0000
ROA not before:           Sun 24 Dec 2023 20:27:52 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     138385
IP address blocks:        103.124.52.0/22 maxlen: 24
                          2403:da40::/32 maxlen: 32
                          2403:da40::/33 maxlen: 33
                          2403:da40:100::/40 maxlen: 40
                          2403:da40:102::/48 maxlen: 48
                          2403:da40:103::/48 maxlen: 48
                          2403:da40:8000::/33 maxlen: 33

Validation:               Failed, certificate revoked on Thu 18 Jan 2024 09:04:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2569 (0xa09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9175299/serialNumber=81A7151B177592F86823B69F437624E9C002DE41
        Validity
            Not Before: Dec 24 20:27:52 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65889448-3f67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b6:f6:10:73:96:99:fb:fb:be:e0:7a:93:14:
                    5e:9d:2e:7d:d3:ce:93:42:43:42:f2:14:e5:6a:8c:
                    06:a0:a7:08:b1:83:64:e0:d6:34:81:f1:89:66:76:
                    30:ec:90:67:40:ee:4f:27:f1:79:d1:00:c8:f0:5f:
                    1c:64:d8:09:f8:c8:08:e5:8e:19:fb:9f:67:b8:20:
                    85:f8:4e:b5:7b:05:8c:df:85:cb:23:25:33:3c:44:
                    fa:02:c8:19:c5:bd:76:76:4d:d7:92:6f:72:d8:d0:
                    0f:32:b6:62:90:c9:ec:c1:08:9b:1b:c0:e7:c0:05:
                    51:81:98:19:6c:52:25:2d:94:13:8e:b8:f0:91:99:
                    06:fd:37:49:4b:b6:1c:e2:39:55:6f:ab:c2:ee:bd:
                    79:a1:4c:c9:25:36:ee:53:7f:74:4d:f7:24:14:9c:
                    51:76:cc:9a:d9:9d:8a:d1:94:dc:f6:31:34:01:30:
                    30:29:62:7a:ab:0d:29:e8:07:cb:b1:96:f0:64:cc:
                    9c:20:14:a4:f7:ce:92:42:7a:30:2d:4c:e0:cc:61:
                    55:10:01:08:44:b0:ae:57:25:c2:2d:07:a6:5f:ab:
                    9e:28:1a:c3:b8:0e:11:e5:d5:32:70:04:eb:6c:20:
                    80:c6:e4:89:bd:2e:e9:29:b8:7c:99:17:fb:a0:f1:
                    bd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:00:F4:57:5D:2D:CA:2A:65:B4:44:48:F6:79:99:84:3E:5D:93:2B
            X509v3 Authority Key Identifier:
                keyid:81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/E4FF061450E111EBB1404B4AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.124.52.0/22
                IPv6:
                  2403:da40::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:34:63:2e:d0:97:49:f3:ae:64:66:d2:82:6e:40:a3:12:22:
         c7:b5:22:24:f8:b8:75:0e:07:4f:73:d2:9e:8b:9b:4e:9c:79:
         d0:f9:54:2d:54:6d:53:6b:63:b0:5a:20:44:eb:a7:75:60:3b:
         3c:6f:30:fe:66:ad:22:8a:ad:cc:da:5c:94:7b:c6:54:10:f1:
         20:ea:2e:c3:20:f7:b4:31:f1:f3:94:59:6d:f7:e0:9d:79:cd:
         cd:a1:02:16:8a:7f:36:65:48:c2:d9:c5:20:fc:8b:8d:18:f2:
         47:80:50:9d:32:e7:89:4e:37:e2:e8:2d:0e:d7:80:4b:ed:e1:
         54:bc:19:aa:85:38:23:42:f4:f8:35:6d:a1:0f:3b:aa:c6:5d:
         b7:06:a2:23:ef:ef:ee:04:9d:76:ce:88:48:d2:e9:61:b6:cb:
         58:2b:fd:38:02:ef:fc:d9:81:07:27:c1:1c:a9:70:d1:50:62:
         98:d8:b3:e3:e2:4c:ee:58:f5:ed:7e:d2:72:7e:cd:78:f7:e7:
         67:7f:4e:e5:8a:4b:ca:15:37:c6:b4:24:24:6c:bf:92:99:b2:
         05:77:e6:b2:ab:bd:87:70:10:75:51:32:9b:e0:57:4b:0a:31:
         07:0f:53:6f:fd:9d:3d:c5:78:48:8f:77:bd:ff:e9:04:3f:6e:
         71:dc:18:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUyOTkxMTAvBgNVBAUTKDgxQTcxNTFCMTc3NTkyRjg2ODIzQjY5RjQzNzYyNEU5
QzAwMkRFNDEwHhcNMjMxMjI0MjAyNzUyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg4OTQ0OC0zZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2rb2EHOWmfv7vuB6kxRenS59086TQkNC8hTlaowGoKcIsYNk4NY0gfGJZnYw
7JBnQO5PJ/F50QDI8F8cZNgJ+MgI5Y4Z+59nuCCF+E61ewWM34XLIyUzPET6AsgZ
xb12dk3Xkm9y2NAPMrZikMnswQibG8DnwAVRgZgZbFIlLZQTjrjwkZkG/TdJS7Yc
4jlVb6vC7r15oUzJJTbuU390TfckFJxRdsya2Z2K0ZTc9jE0ATAwKWJ6qw0p6AfL
sZbwZMycIBSk986SQnowLUzgzGFVEAEIRLCuVyXCLQemX6ueKBrDuA4R5dUycATr
bCCAxuSJvS7pKbh8mRf7oPG9LwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPEA9Fdd
LcoqZbRESPZ5mYQ+XZMrMB8GA1UdIwQYMBaAFIGnFRsXdZL4aCO2n0N2JOnAAt5B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTI5OS8yNjg5MEVEQTQy
QzUxMUVBQjI2Q0ZEMUJDNEY5QUUwMi9nYWNWR3hkMWt2aG9JN2FmUTNZazZjQUMz
a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dhY1ZHeGQxa3Zob0k3YWZRM1lrNmNBQzNrRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUyOTkvMjY4OTBFREE0MkM1MTFFQUIyNkNGRDFCQzRGOUFFMDIvRTRGRjA2MTQ1
MEUxMTFFQkIxNDA0QjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfDQwDQQCAAIwBwMFACQD2kAwDQYJKoZIhvcNAQELBQAD
ggEBAEg0Yy7Ql0nzrmRm0oJuQKMSIse1IiT4uHUOB09z0p6Lm06cedD5VC1UbVNr
Y7BaIETrp3VgOzxvMP5mrSKKrczaXJR7xlQQ8SDqLsMg97Qx8fOUWW334J15zc2h
AhaKfzZlSMLZxSD8i40Y8keAUJ0y54lON+LoLQ7XgEvt4VS8GaqFOCNC9Pg1baEP
O6rGXbcGoiPv7+4EnXbOiEjS6WG2y1gr/TgC7/zZgQcnwRypcNFQYpjYs+PiTO5Y
9e1+0nJ+zXj352d/TuWKS8oVN8a0JCRsv5KZsgV35rKrvYdwEHVRMpvgV0sKMQcP
U2/9nT3FeEiPd73/6QQ/bnHcGMM=
-----END CERTIFICATE-----