Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/50A921EE5EC411EF8A82BA3DC4F9AE02.roa
File:                     50A921EE5EC411EF8A82BA3DC4F9AE02.roa (raw, json)
Hash identifier:          fE5ecRxypv3jBr4cQiB+6rZRL9YwsuEzn4nHAbLRs+c=
Subject key identifier:   96:36:30:28:B1:A6:EE:61:93:3F:1E:8D:F9:6E:B8:4A:9B:7D:3B:D9
Certificate issuer:       /CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Certificate serial:       3457
Authority key identifier: 7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/50A921EE5EC411EF8A82BA3DC4F9AE02.roa
Signing time:             Wed 18 Sep 2024 15:00:37 +0000
ROA not before:           Wed 18 Sep 2024 15:00:37 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     23923
IP address blocks:        116.68.192.0/20 maxlen: 24
                          119.148.0.0/18 maxlen: 24
                          182.252.64.0/20 maxlen: 24
                          182.252.80.0/21 maxlen: 24
                          182.252.88.0/22 maxlen: 24
                          182.252.92.0/24 maxlen: 24
                          202.53.160.0/20 maxlen: 24
                          2401:9c00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 06 Oct 2024 18:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13399 (0x3457)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
        Validity
            Not Before: Sep 18 15:00:37 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66eaeb15-b53f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:25:64:9d:57:e8:f0:1e:f8:2a:20:77:59:21:
                    ac:d5:23:05:40:5e:70:ce:44:c2:a4:25:78:b4:b2:
                    b3:38:dc:2d:44:85:e0:3a:da:74:24:4d:ec:34:0c:
                    d6:be:76:45:a4:93:4e:a7:b8:cc:2d:81:26:d0:5b:
                    56:54:36:62:51:1c:41:f5:25:98:82:53:06:1f:cb:
                    88:f6:a8:d1:08:a4:3f:29:a0:49:f8:8f:0a:fc:b4:
                    ef:ea:26:ca:09:67:00:21:cd:f9:31:bf:74:11:21:
                    eb:7a:23:46:42:c9:40:8c:20:b0:26:14:fb:7c:77:
                    9c:17:cf:aa:89:33:a5:f3:d7:25:99:1b:fb:8f:1f:
                    f9:1f:23:9b:d8:7b:ab:eb:92:70:8c:42:87:12:62:
                    f8:f1:5b:a2:b5:a0:db:bb:eb:37:0b:43:8f:76:89:
                    59:a4:e7:17:fd:c2:28:04:b7:e5:e8:50:41:1f:84:
                    31:8b:c5:5c:04:01:2d:96:8d:7d:39:03:9c:0d:d4:
                    94:b9:6a:73:84:e0:b0:b4:e4:29:32:c3:14:91:35:
                    3d:ab:00:3e:39:77:36:ab:87:29:42:cb:26:a0:71:
                    68:c1:05:16:40:c6:a9:8f:b7:33:8e:59:eb:47:9f:
                    6e:36:de:a8:11:65:25:33:33:75:fc:64:46:8f:64:
                    a2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:36:30:28:B1:A6:EE:61:93:3F:1E:8D:F9:6E:B8:4A:9B:7D:3B:D9
            X509v3 Authority Key Identifier:
                keyid:7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/eqxn28Hrko4pUTYuC8asdnfi3Hs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/50A921EE5EC411EF8A82BA3DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.68.192.0/20
                  119.148.0.0/18
                  182.252.64.0-182.252.92.255
                  202.53.160.0/20
                IPv6:
                  2401:9c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:ad:2d:b5:0f:4e:ec:ab:f7:2b:89:5a:99:1b:ee:b9:56:98:
         18:a8:e1:72:af:2f:61:80:0e:0f:e4:40:26:cd:ad:3d:70:46:
         7c:03:f4:65:a0:d7:75:44:01:ec:b8:0a:45:81:38:f0:16:e2:
         9a:72:f9:c9:c5:7b:a1:47:de:a4:c5:3f:f1:20:3c:71:63:15:
         38:93:4c:2c:f6:92:51:98:bc:3f:46:61:fc:36:aa:e7:4e:8a:
         d6:13:25:59:b6:ca:0a:c9:ed:72:3a:0e:0b:a9:74:c2:cb:75:
         95:8b:19:30:fc:1c:68:e1:ec:15:70:e0:df:46:af:27:78:43:
         a6:28:8d:c3:c0:27:f6:a6:f1:32:91:3a:71:a3:18:d6:61:32:
         d3:af:02:44:e0:7c:5c:b9:9a:13:ff:cc:da:06:b4:32:85:a8:
         0d:70:fc:0a:7e:18:a0:93:1a:39:4b:30:43:1d:43:a4:50:a5:
         5d:2b:7d:5a:10:41:f8:99:36:51:ea:2e:11:ae:e1:50:d9:e1:
         56:a6:d5:72:ed:6e:a9:95:db:44:b4:3c:a3:cd:51:12:05:7d:
         b2:06:68:3c:f5:5c:6a:5a:53:a4:74:ec:e0:b8:f7:cf:ea:47:
         95:2b:f3:3a:21:b1:e7:bd:2c:d4:c6:8e:23:8f:03:fa:30:60:
         d3:85:2f:c8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICNFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUU5QTUxMTAvBgNVBAUTKDdBQUM2N0RCQzFFQjkyOEUyOTUxMzYyRTBCQzZBQzc2
NzdFMkRDN0IwHhcNMjQwOTE4MTUwMDM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVhZWIxNS1iNTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqSVknVfo8B74KiB3WSGs1SMFQF5wzkTCpCV4tLKzONwtRIXgOtp0JE3sNAzW
vnZFpJNOp7jMLYEm0FtWVDZiURxB9SWYglMGH8uI9qjRCKQ/KaBJ+I8K/LTv6ibK
CWcAIc35Mb90ESHreiNGQslAjCCwJhT7fHecF8+qiTOl89clmRv7jx/5HyOb2Hur
65JwjEKHEmL48VuitaDbu+s3C0OPdolZpOcX/cIoBLfl6FBBH4Qxi8VcBAEtlo19
OQOcDdSUuWpzhOCwtOQpMsMUkTU9qwA+OXc2q4cpQssmoHFowQUWQMapj7czjlnr
R59uNt6oEWUlMzN1/GRGj2SiIQIDAQABo4ICvjCCArowHQYDVR0OBBYEFJY2MCix
pu5hkz8ejfluuEqbfTvZMB8GA1UdIwQYMBaAFHqsZ9vB65KOKVE2LgvGrHZ34tx7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTlBNS9BMzJFRkVCODFE
ODkxMUUyOTJFNEZERTIwOEIwMkNEMi9lcXhuMjhIcmtvNHBVVFl1Qzhhc2RuZmkz
SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VxeG4yOEhya280cFVUWXVDOGFzZG5maTNIcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUU5QTUvQTMyRUZFQjgxRDg5MTFFMjkyRTRGREUyMDhCMDJDRDIvNTBBOTIxRUU1
RUM0MTFFRjhBODJCQTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCYEAgABMCADBAR0RMADBAZ3lAAwDAMEBrb8QAMEALb8XAMEBMo1oDANBAIA
AjAHAwUAJAGcADANBgkqhkiG9w0BAQsFAAOCAQEAPq0ttQ9O7Kv3K4lamRvuuVaY
GKjhcq8vYYAOD+RAJs2tPXBGfAP0ZaDXdUQB7LgKRYE48BbimnL5ycV7oUfepMU/
8SA8cWMVOJNMLPaSUZi8P0Zh/Daq506K1hMlWbbKCsntcjoOC6l0wst1lYsZMPwc
aOHsFXDg30avJ3hDpiiNw8An9qbxMpE6caMY1mEy068CROB8XLmaE//M2ga0MoWo
DXD8Cn4YoJMaOUswQx1DpFClXSt9WhBB+Jk2UeouEa7hUNnhVqbVcu1uqZXbRLQ8
o81REgV9sgZoPPVcalpTpHTs4Lj3z+pHlSvzOiGx570s1MaOI48D+jBg04UvyA==
-----END CERTIFICATE-----