Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/ABDB7C06419611EA81031A61C4F9AE02.roa
File:                     ABDB7C06419611EA81031A61C4F9AE02.roa (raw, json)
Hash identifier:          oKYHKmX27RFJFbZkvNTeeF7GAUpjb9AIJR6nzAIWRz8=
Subject key identifier:   6E:EA:D5:63:66:1B:31:CB:62:FC:52:C6:5A:C3:20:B0:0C:E8:7B:27
Certificate issuer:       /CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
Certificate serial:       0A10
Authority key identifier: 01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/ABDB7C06419611EA81031A61C4F9AE02.roa
Signing time:             Sat 02 Dec 2023 20:28:13 +0000
ROA not before:           Sat 02 Dec 2023 20:28:13 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     17408
IP address blocks:        43.239.104.0/24 maxlen: 24
                          43.239.105.0/24 maxlen: 24
                          43.239.106.0/24 maxlen: 24
                          45.124.205.0/24 maxlen: 24
                          45.124.207.0/24 maxlen: 24
                          103.23.128.0/22 maxlen: 22
                          103.244.220.0/24 maxlen: 24
                          103.244.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 05:06:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2576 (0xa10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
        Validity
            Not Before: Dec  2 20:28:13 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=656b935c-3a48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:35:f2:fb:64:5c:56:c6:58:a5:cc:ee:8b:9c:
                    20:5a:b4:89:49:c6:96:0e:fd:8b:8e:9f:39:66:0c:
                    1b:ee:33:68:b4:f1:f1:ff:39:f1:dc:d2:84:b9:91:
                    d5:68:ad:50:be:d4:25:c0:2d:9b:b8:66:9f:de:16:
                    28:61:b4:f8:19:ee:68:1b:f9:1f:17:6a:b6:b9:1e:
                    73:3f:29:a3:28:83:78:d5:85:b8:c4:f7:d0:fc:da:
                    e9:be:d3:29:5c:7f:fd:5f:5d:26:b2:a6:5b:7f:10:
                    57:c8:2c:13:18:1c:d1:0c:e8:60:63:75:4d:2d:17:
                    c5:c7:79:31:af:6c:c0:73:f9:52:f0:81:2b:b9:85:
                    3f:ad:e2:33:0e:09:95:08:68:e6:b2:3b:55:78:1d:
                    33:58:8e:94:ec:1c:e9:b1:30:25:1c:fd:2d:92:84:
                    a3:2f:6a:5b:a9:d0:50:fa:50:68:e2:9a:85:c4:f9:
                    e5:56:b2:3f:1f:e1:83:e9:bb:73:33:18:96:2f:08:
                    17:5a:05:2e:2d:6a:2e:aa:44:e8:30:18:3a:87:08:
                    c6:83:70:23:99:5c:50:6a:3a:44:8e:b8:a2:ab:bf:
                    33:0b:ff:e6:9d:6c:ce:ac:ec:46:34:95:75:54:74:
                    a3:f3:58:60:b5:8b:b2:46:7c:b8:ee:d8:22:35:b8:
                    45:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:EA:D5:63:66:1B:31:CB:62:FC:52:C6:5A:C3:20:B0:0C:E8:7B:27
            X509v3 Authority Key Identifier:
                keyid:01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/ABDB7C06419611EA81031A61C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.239.104.0-43.239.106.255
                  45.124.205.0/24
                  45.124.207.0/24
                  103.23.128.0/22
                  103.244.220.0/24
                  103.244.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:68:a5:32:e2:a7:55:db:96:6f:17:67:5a:61:cb:7a:5b:b3:
         da:d0:82:01:0c:b5:79:df:a0:20:11:84:0b:a8:e8:ef:ff:87:
         70:95:90:31:c7:9e:7d:4d:f0:4e:90:af:11:cf:7c:67:8b:b2:
         35:c2:e6:b8:76:91:d9:b8:93:19:76:36:54:a9:e6:dd:ac:2b:
         e7:b0:81:d9:4f:77:d5:28:41:3a:a7:1b:fd:b0:19:e4:63:8e:
         83:94:23:9d:b1:d6:75:33:09:17:a2:fa:76:8a:ed:4f:94:4f:
         5d:0f:3f:b8:e1:a1:e1:65:b9:c4:05:d6:8e:59:84:d7:9b:1e:
         77:81:9f:9b:48:be:38:9e:11:85:58:bc:83:55:d1:9d:9c:24:
         d5:98:38:6d:ed:2e:d9:61:4d:44:f8:b4:f0:0a:4c:c9:48:b9:
         9b:5c:6e:e8:4e:17:3e:d6:64:e6:df:2f:a7:92:62:f3:e2:6c:
         51:ec:67:9b:57:3c:f2:39:3f:a0:ca:d1:a3:66:93:ca:75:39:
         36:41:10:d2:6d:9c:28:74:d0:2c:d1:ea:2f:43:d9:18:34:05:
         d6:b5:74:98:a3:31:0e:66:f5:88:a2:ee:6c:f6:10:66:5c:66:
         91:3e:be:88:de:e8:52:a2:4a:d6:11:81:3f:19:7f:54:c7:b8:
         7d:96:25:cb
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICChAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgyQUE5N0IzMThG
NTA5RUE2RUUwHhcNMjMxMjAyMjAyODEzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZiOTM1Yy0zYTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/TXy+2RcVsZYpczui5wgWrSJScaWDv2Ljp85Zgwb7jNotPHx/znx3NKEuZHV
aK1QvtQlwC2buGaf3hYoYbT4Ge5oG/kfF2q2uR5zPymjKIN41YW4xPfQ/NrpvtMp
XH/9X10msqZbfxBXyCwTGBzRDOhgY3VNLRfFx3kxr2zAc/lS8IEruYU/reIzDgmV
CGjmsjtVeB0zWI6U7BzpsTAlHP0tkoSjL2pbqdBQ+lBo4pqFxPnlVrI/H+GD6btz
MxiWLwgXWgUuLWouqkToMBg6hwjGg3AjmVxQajpEjriiq78zC//mnWzOrOxGNJV1
VHSj81hgtYuyRny47tgiNbhF2QIDAQABo4ICuzCCArcwHQYDVR0OBBYEFG7q1WNm
GzHLYvxSxlrDILAM6HsnMB8GA1UdIwQYMBaAFAHuCJ3UhnsssnZYKql7MY9Qnqbu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0QzMC9FM0RGNDY5QzQx
NjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRTR2V5eXlkbGdxcVhzeGoxQ2Vw
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FlNEluZFNHZXl5eWRsZ3FxWHN4ajFDZXB1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNEMzAvRTNERjQ2OUM0MTY4MTFFQUFFOEE3NzUwQzRGOUFFMDIvQUJEQjdDMDY0
MTk2MTFFQTgxMDMxQTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwwDAMEAyvvaAMEACvvagMEAC18zQMEAC18zwMEAmcXgAMEAGf0
3AMEAGf03jANBgkqhkiG9w0BAQsFAAOCAQEANmilMuKnVduWbxdnWmHLeluz2tCC
AQy1ed+gIBGEC6jo7/+HcJWQMceefU3wTpCvEc98Z4uyNcLmuHaR2biTGXY2VKnm
3awr57CB2U931ShBOqcb/bAZ5GOOg5QjnbHWdTMJF6L6dortT5RPXQ8/uOGh4WW5
xAXWjlmE15sed4Gfm0i+OJ4RhVi8g1XRnZwk1Zg4be0u2WFNRPi08ApMyUi5m1xu
6E4XPtZk5t8vp5Ji8+JsUexnm1c88jk/oMrRo2aTynU5NkEQ0m2cKHTQLNHqL0PZ
GDQF1rV0mKMxDmb1iKLubPYQZlxmkT6+iN7oUqJK1hGBPxl/VMe4fZYlyw==
-----END CERTIFICATE-----