Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/DA188758928611EAB3DEF47DC4F9AE02.roa
File:                     DA188758928611EAB3DEF47DC4F9AE02.roa (raw, json)
Hash identifier:          nryJigoAuRQgGD73SrhfP+woRo09QaukUPIgqtUUp1I=
Subject key identifier:   AB:24:06:45:B3:39:6E:15:19:0C:D1:AE:18:63:14:37:FC:96:BD:99
Certificate issuer:       /CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
Certificate serial:       081D
Authority key identifier: 39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/DA188758928611EAB3DEF47DC4F9AE02.roa
Signing time:             Sun 22 Jan 2023 01:08:18 +0000
ROA not before:           Sun 22 Jan 2023 01:08:18 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     138167
IP address blocks:        103.121.224.0/24 maxlen: 24
                          103.121.225.0/24 maxlen: 24
                          103.121.226.0/24 maxlen: 24
                          103.121.227.0/24 maxlen: 24
                          2403:72c0::/64 maxlen: 64
                          2403:72c0:1::/64 maxlen: 64

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2077 (0x81d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
        Validity
            Not Before: Jan 22 01:08:18 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=63cc8c82-2a9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:40:cd:b1:f7:37:af:0c:23:46:9c:73:ba:86:
                    dc:3a:ae:3d:33:0c:10:e9:17:38:1e:11:6d:cd:b6:
                    0a:60:eb:aa:55:09:98:08:7d:d3:79:8b:e7:1a:f9:
                    00:8b:75:56:ee:a0:ae:3c:94:50:98:07:49:71:29:
                    1e:e0:0a:65:77:31:c6:99:a2:ac:d3:1d:39:ee:a4:
                    b0:cc:27:4f:88:c2:20:ee:52:93:4a:2e:d1:ae:50:
                    52:dc:dc:84:57:94:e5:20:97:38:4d:46:58:75:a0:
                    cb:ea:fd:2f:87:e1:ae:bd:ce:e1:49:ac:f4:ee:74:
                    0b:c9:81:1c:e9:94:d3:0a:d1:94:43:3d:8c:59:eb:
                    70:d6:51:8f:85:21:ca:3d:b9:b2:a4:75:3b:0b:2d:
                    7e:a5:53:c6:49:35:1a:2c:1d:02:1b:1c:80:3d:8f:
                    7e:df:eb:40:dc:ac:be:b8:6f:c4:6f:9a:cc:e1:5d:
                    95:90:6d:89:6b:93:5c:35:e9:88:8b:51:f4:44:6d:
                    55:f1:ab:3f:38:96:82:10:89:67:1a:c9:04:8f:94:
                    9a:06:da:85:2d:c8:e3:48:d3:55:b8:6b:4b:d9:91:
                    f0:70:f4:58:71:65:f2:98:39:b1:97:cd:f2:07:97:
                    5f:3d:f2:70:ec:62:4d:d2:37:29:40:97:1b:6f:12:
                    09:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:24:06:45:B3:39:6E:15:19:0C:D1:AE:18:63:14:37:FC:96:BD:99
            X509v3 Authority Key Identifier:
                keyid:39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/DA188758928611EAB3DEF47DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.224.0/22
                IPv6:
                  2403:72c0::/64
                  2403:72c0:1::/64

    Signature Algorithm: sha256WithRSAEncryption
         24:49:3e:aa:60:9d:85:d1:64:60:ce:85:5e:d3:5a:74:0a:f5:
         3a:56:63:0e:a7:78:dd:47:f1:a6:80:3c:54:ca:0d:a0:6b:db:
         f7:75:47:ab:2c:97:81:ff:94:6b:7a:63:2b:32:25:14:ff:a0:
         c9:2d:06:15:8b:7e:aa:20:9b:87:3c:54:48:3f:3c:34:19:94:
         5b:5a:0a:08:7b:0c:21:29:19:c5:af:f8:01:d0:4b:d5:98:11:
         50:27:bc:ce:c0:19:78:aa:7b:e1:3f:d2:9d:f8:de:69:a9:85:
         be:72:2e:68:9b:23:81:a3:0d:82:c1:dd:bc:5f:6f:eb:ba:cc:
         81:68:26:9e:d7:04:40:fe:47:86:76:74:96:f6:cd:0a:dc:9b:
         8e:0f:c0:ba:7a:9f:ad:67:e0:b4:f9:4f:39:87:3e:ce:99:23:
         07:dd:2c:6f:83:6d:79:96:c0:cb:bb:21:7d:b6:b9:82:e1:07:
         e0:f6:64:fc:df:b3:82:4c:94:3a:ea:c7:5d:1c:05:d3:1f:8d:
         51:c3:3d:40:7f:f3:8e:4d:70:1a:81:aa:2e:3d:78:c3:de:77:
         e0:0c:3b:65:f4:f2:26:fb:dc:c2:c5:54:40:80:fc:69:3f:62:
         0d:35:50:85:c6:5d:a5:98:68:72:2d:ea:5e:8e:9a:24:2b:cb:
         de:90:fc:d6
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKDM5ODkxMTMwMDEwNEQ3QzU4QjMyNkU1NjY0QjNENzlB
MkQ0NjQ2RTAwHhcNMjMwMTIyMDEwODE4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NjOGM4Mi0yYTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0DNsfc3rwwjRpxzuobcOq49MwwQ6Rc4HhFtzbYKYOuqVQmYCH3TeYvnGvkA
i3VW7qCuPJRQmAdJcSke4ApldzHGmaKs0x057qSwzCdPiMIg7lKTSi7RrlBS3NyE
V5TlIJc4TUZYdaDL6v0vh+Guvc7hSaz07nQLyYEc6ZTTCtGUQz2MWetw1lGPhSHK
PbmypHU7Cy1+pVPGSTUaLB0CGxyAPY9+3+tA3Ky+uG/Eb5rM4V2VkG2Ja5NcNemI
i1H0RG1V8as/OJaCEIlnGskEj5SaBtqFLcjjSNNVuGtL2ZHwcPRYcWXymDmxl83y
B5dfPfJw7GJN0jcpQJcbbxIJowIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKskBkWz
OW4VGQzRrhhjFDf8lr2ZMB8GA1UdIwQYMBaAFDmJETABBNfFizJuVmSz15otRkbg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi9PWWtSTUFFRTE4V0xNbTVXWkxQWG1pMUdS
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Za1JNQUVFMThXTE1tNVdaTFBYbWkxR1J1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEYxQzkvNkE1N0FCOEM3Rjk1MTFFQUIwRUQ4NTM3QzRGOUFFMDIvREExODg3NTg5
Mjg2MTFFQUIzREVGNDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMAwEAgABMAYDBAJneeAwHAQCAAIwFgMJACQDcsAAAAAAAwkAJANywAABAAAw
DQYJKoZIhvcNAQELBQADggEBACRJPqpgnYXRZGDOhV7TWnQK9TpWYw6neN1H8aaA
PFTKDaBr2/d1R6ssl4H/lGt6YysyJRT/oMktBhWLfqogm4c8VEg/PDQZlFtaCgh7
DCEpGcWv+AHQS9WYEVAnvM7AGXiqe+E/0p343mmphb5yLmibI4GjDYLB3bxfb+u6
zIFoJp7XBED+R4Z2dJb2zQrcm44PwLp6n61n4LT5TzmHPs6ZIwfdLG+DbXmWwMu7
IX22uYLhB+D2ZPzfs4JMlDrqx10cBdMfjVHDPUB/845NcBqBqi49eMPed+AMO2X0
8ib73MLFVECA/Gk/Yg01UIXGXaWYaHIt6l6OmiQry96Q/NY=
-----END CERTIFICATE-----