Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/70008BCC4DA611ECB7D1A767C4F9AE02.roa
File:                     70008BCC4DA611ECB7D1A767C4F9AE02.roa (raw, json)
Hash identifier:          EColBqdLLxbkhyCZ+6oSKMGHQWMNYM7kX0yS37c17eg=
Subject key identifier:   3D:44:5A:0F:9A:83:B9:A1:D1:C8:76:75:F4:7B:C7:18:16:FA:FB:AC
Certificate issuer:       /CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Certificate serial:       0ADE
Authority key identifier: 42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/70008BCC4DA611ECB7D1A767C4F9AE02.roa
Signing time:             Thu 06 Jul 2023 19:16:22 +0000
ROA not before:           Thu 06 Jul 2023 19:16:22 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     137883
IP address blocks:        103.116.88.0/22 maxlen: 22
                          103.116.88.0/23 maxlen: 23
                          103.116.88.0/24 maxlen: 24
                          103.116.89.0/24 maxlen: 24
                          103.116.90.0/23 maxlen: 23
                          103.116.90.0/24 maxlen: 24
                          103.116.91.0/24 maxlen: 24
                          2402:f840::/32 maxlen: 32
                          2402:f840:1::/48 maxlen: 48
                          2402:f840:5::/48 maxlen: 48
                          2402:f840:6::/48 maxlen: 48
                          2402:f840:8::/48 maxlen: 48
                          2402:f840:9::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2782 (0xade)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
        Validity
            Not Before: Jul  6 19:16:22 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64a71306-7501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1b:ad:a7:54:73:15:99:5d:f4:2f:9f:b8:c2:
                    5a:90:b8:14:81:41:4e:81:05:a3:41:58:38:f6:2c:
                    13:73:a0:b5:39:47:47:d9:d5:4c:95:d3:58:f3:72:
                    94:87:57:0d:38:2e:67:c6:9a:8f:9c:20:09:d2:ed:
                    b4:a4:8d:c6:72:13:a1:81:f0:c3:94:e1:de:b3:42:
                    fe:03:08:10:04:0b:3a:41:da:b1:90:70:41:d3:8f:
                    87:53:89:ad:8a:cb:bd:cd:93:7e:6e:8e:ac:33:fe:
                    a9:60:4d:29:50:59:81:4b:ed:21:15:99:63:86:94:
                    51:3d:5b:2d:19:11:b4:e7:56:0a:55:11:02:14:ad:
                    0f:b3:8f:1b:f1:9e:b5:b7:81:5d:18:21:80:b8:74:
                    6f:d5:62:98:ab:0f:49:47:b8:a9:37:67:98:2d:94:
                    8d:f1:50:4d:17:d3:f0:67:72:79:b2:25:93:da:57:
                    a7:2c:55:3c:ec:b2:ae:c3:d5:81:bd:a9:60:14:e7:
                    48:9a:d2:23:e5:85:99:7b:f3:e7:79:2a:41:4a:41:
                    2a:e1:79:c1:9e:0f:fb:36:a7:a1:02:5b:69:54:f8:
                    2b:a7:2b:7d:62:9b:cc:f2:cb:d9:fe:50:80:e7:d0:
                    c4:19:a0:86:82:37:db:f3:3f:08:1d:40:2f:fe:b7:
                    d2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:44:5A:0F:9A:83:B9:A1:D1:C8:76:75:F4:7B:C7:18:16:FA:FB:AC
            X509v3 Authority Key Identifier:
                keyid:42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/70008BCC4DA611ECB7D1A767C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.88.0/22
                IPv6:
                  2402:f840::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:4c:37:58:31:69:bd:e9:5c:51:20:b6:0e:1b:ff:79:73:10:
         a5:a8:5f:58:ee:5d:54:77:79:5e:6d:24:a7:07:2a:18:1e:8e:
         93:0f:74:62:02:f2:eb:3b:aa:14:55:56:1f:dd:3f:c4:fb:6c:
         af:53:6f:d8:cf:08:09:79:71:5c:91:a7:a3:67:d0:30:a6:a9:
         0b:e1:54:66:41:5b:44:f5:76:6d:1b:4d:93:42:2a:91:50:4a:
         ab:2e:52:9a:9e:e4:a4:d3:9b:45:db:05:38:02:d1:a7:da:f3:
         6d:fb:fb:7d:60:4a:c8:78:9a:46:6d:d2:f5:f2:8d:66:f7:32:
         ba:02:53:f6:36:7b:93:63:a6:6a:c8:a6:8c:fe:75:5f:85:c7:
         e9:cd:43:50:b6:b3:39:a2:f1:6f:62:6b:49:e1:b3:be:5a:82:
         14:64:e5:c2:d9:92:0d:0d:bf:52:c8:6e:fd:b3:d9:39:73:dc:
         1e:88:ce:82:2b:4d:44:0f:a6:3c:46:7b:5f:24:cf:58:c1:81:
         d0:3b:f6:3d:7b:23:20:c1:74:ad:26:e5:8d:ff:03:ac:2e:5d:
         cc:38:ab:ea:cb:f4:ad:46:94:61:de:d7:a8:62:bc:59:98:10:
         be:b6:ce:3c:f7:21:99:a5:d6:f2:54:43:4c:f3:40:03:6a:63:
         fd:41:ba:5e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCt4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OERCNEUxMTAvBgNVBAUTKDQyNzU4REUwQ0MwQ0Y2MkMyQUVFRTkzRTBFRUU2Nzkw
M0E1MDJDQ0MwHhcNMjMwNzA2MTkxNjIyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3MTMwNi03NTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwxutp1RzFZld9C+fuMJakLgUgUFOgQWjQVg49iwTc6C1OUdH2dVMldNY83KU
h1cNOC5nxpqPnCAJ0u20pI3GchOhgfDDlOHes0L+AwgQBAs6QdqxkHBB04+HU4mt
isu9zZN+bo6sM/6pYE0pUFmBS+0hFZljhpRRPVstGRG051YKVRECFK0Ps48b8Z61
t4FdGCGAuHRv1WKYqw9JR7ipN2eYLZSN8VBNF9PwZ3J5siWT2lenLFU87LKuw9WB
valgFOdImtIj5YWZe/PneSpBSkEq4XnBng/7NqehAltpVPgrpyt9YpvM8svZ/lCA
59DEGaCGgjfb8z8IHUAv/rfS9QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD1EWg+a
g7mh0ch2dfR7xxgW+vusMB8GA1UdIwQYMBaAFEJ1jeDMDPYsKu7pPg7uZ5A6UCzM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4REI0RS83N0U3RjlBMDBD
RTUxMUVBQTIwREREODJDNEY5QUUwMi9RbldONE13TTlpd3E3dWstRHU1bmtEcFFM
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuV040TXdNOWl3cTd1ay1EdTVua0RwUUxNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OERCNEUvNzdFN0Y5QTAwQ0U1MTFFQUEyMERERDgyQzRGOUFFMDIvNzAwMDhCQ0M0
REE2MTFFQ0I3RDFBNzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndFgwDQQCAAIwBwMFACQC+EAwDQYJKoZIhvcNAQELBQAD
ggEBAGtMN1gxab3pXFEgtg4b/3lzEKWoX1juXVR3eV5tJKcHKhgejpMPdGIC8us7
qhRVVh/dP8T7bK9Tb9jPCAl5cVyRp6Nn0DCmqQvhVGZBW0T1dm0bTZNCKpFQSqsu
Upqe5KTTm0XbBTgC0afa8237+31gSsh4mkZt0vXyjWb3MroCU/Y2e5NjpmrIpoz+
dV+Fx+nNQ1C2szmi8W9ia0nhs75aghRk5cLZkg0Nv1LIbv2z2Tlz3B6IzoIrTUQP
pjxGe18kz1jBgdA79j17IyDBdK0m5Y3/A6wuXcw4q+rL9K1GlGHe16hivFmYEL62
zjz3IZml1vJUQ0zzQANqY/1Bul4=
-----END CERTIFICATE-----