Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/7AB62B52739311EEA8FC8049C4F9AE02.roa
File:                     7AB62B52739311EEA8FC8049C4F9AE02.roa (raw, json)
Hash identifier:          DLIS3uQgac7pe2NZKSd7lWXHvGMiGP8w/w+xhD6UxnQ=
Subject key identifier:   A4:05:EF:1F:69:A9:31:C5:1C:55:48:DB:CC:11:B6:40:DC:A7:D5:8E
Certificate issuer:       /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial:       AA
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/7AB62B52739311EEA8FC8049C4F9AE02.roa
Signing time:             Thu 26 Oct 2023 00:06:15 +0000
ROA not before:           Thu 26 Oct 2023 00:06:15 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        125.62.78.0/24 maxlen: 24
                          202.134.233.0/24 maxlen: 24
                          202.134.235.0/24 maxlen: 24
                          202.134.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 Nov 2023 15:09:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170 (0xaa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
        Validity
            Not Before: Oct 26 00:06:15 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6539ad77-5d7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ba:fa:0e:49:aa:6e:35:32:54:e3:9b:b2:a5:
                    1b:11:36:27:66:03:48:20:a5:21:db:94:7d:cf:c7:
                    c5:8b:ce:f2:27:5a:31:f8:6b:df:ce:eb:36:23:b6:
                    fc:37:36:78:df:64:5f:fd:af:fc:e8:6a:14:c4:0f:
                    ae:7c:21:c8:fe:0d:e4:9e:52:fe:ac:af:95:74:bd:
                    2f:cd:37:04:2e:35:20:bb:a3:75:91:2f:bb:08:70:
                    17:e3:06:57:b1:6d:19:75:0a:a7:75:f5:03:d9:89:
                    be:e9:a0:af:09:aa:b4:32:01:1f:ce:cb:e5:b3:7c:
                    c5:76:b3:9f:ef:24:e5:ff:cb:d9:12:78:b8:22:f7:
                    20:c9:8b:f4:f2:df:42:27:5a:d2:bb:cb:44:e8:0c:
                    d8:17:dd:fe:3c:8f:31:d8:c1:03:14:77:0e:81:3a:
                    11:95:73:29:06:e5:22:75:94:25:63:2e:54:50:29:
                    d6:6e:e1:f8:5f:03:14:86:64:02:25:32:53:a3:14:
                    03:21:30:75:c0:56:81:6e:5f:f1:b0:a6:3d:be:1e:
                    cf:02:c5:be:93:fe:11:14:c1:fe:04:c1:71:e8:e4:
                    94:d1:fe:89:ec:a0:86:9a:d2:f7:77:4a:2f:8d:2a:
                    0d:d1:52:5b:b2:c9:d1:83:c6:a7:c8:79:d4:c2:81:
                    62:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:05:EF:1F:69:A9:31:C5:1C:55:48:DB:CC:11:B6:40:DC:A7:D5:8E
            X509v3 Authority Key Identifier:
                keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/7AB62B52739311EEA8FC8049C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.62.78.0/24
                  202.134.233.0/24
                  202.134.235.0-202.134.236.255

    Signature Algorithm: sha256WithRSAEncryption
         9d:a9:dc:06:83:1e:db:42:1c:83:05:1d:32:41:ea:38:ce:c2:
         8a:fd:89:cb:3c:13:17:7d:ed:3b:68:e7:10:28:9d:fc:ca:86:
         16:b0:b3:24:05:eb:1c:f1:5e:7d:e6:3c:6b:72:8d:f1:94:f0:
         92:7f:53:ee:58:61:e9:2c:d8:40:c2:ad:67:a6:7a:02:20:f2:
         52:32:f3:1c:7d:c7:26:b6:dc:52:53:77:5e:71:3e:fc:c8:4e:
         b3:ba:8e:13:91:b8:e1:be:a3:53:5c:43:e2:d6:cf:6b:a7:9d:
         de:72:ed:f7:8f:19:a3:ab:2b:4e:d9:a6:01:9c:13:69:e9:2d:
         05:80:7f:ff:5b:8f:46:87:4f:01:52:e9:d6:7e:40:25:a4:38:
         56:45:ed:18:e3:83:cb:88:c3:6a:6b:e1:31:b1:b0:0c:15:84:
         84:79:89:9f:23:1f:0c:36:45:62:50:80:b2:d0:36:0c:a1:fc:
         b5:9c:c2:b9:05:79:d2:4e:c4:e1:00:65:f2:e6:63:18:71:01:
         27:3a:24:b8:1a:d0:94:64:32:b9:db:70:9d:b8:a3:1b:52:cc:
         0f:9c:a4:70:39:b0:d6:fd:90:2e:5d:df:c1:3a:2d:e4:62:ac:
         b0:a9:db:05:a9:2a:93:6b:4d:5f:68:9c:4e:01:62:9b:c2:88:
         0a:e3:b2:a5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMxMDI2MDAwNjE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM5YWQ3Ny01ZDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3br6DkmqbjUyVOObsqUbETYnZgNIIKUh25R9z8fFi87yJ1ox+Gvfzus2I7b8
NzZ432Rf/a/86GoUxA+ufCHI/g3knlL+rK+VdL0vzTcELjUgu6N1kS+7CHAX4wZX
sW0ZdQqndfUD2Ym+6aCvCaq0MgEfzsvls3zFdrOf7yTl/8vZEni4IvcgyYv08t9C
J1rSu8tE6AzYF93+PI8x2MEDFHcOgToRlXMpBuUidZQlYy5UUCnWbuH4XwMUhmQC
JTJToxQDITB1wFaBbl/xsKY9vh7PAsW+k/4RFMH+BMFx6OSU0f6J7KCGmtL3d0ov
jSoN0VJbssnRg8anyHnUwoFiuwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFKQF7x9p
qTHFHFVI28wRtkDcp9WOMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvN0FCNjJCNTI3
MzkzMTFFRUE4RkM4MDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAB9Pk4DBADKhukwDAMEAMqG6wMEAMqG7DANBgkqhkiG9w0B
AQsFAAOCAQEAnancBoMe20IcgwUdMkHqOM7Civ2JyzwTF33tO2jnECid/MqGFrCz
JAXrHPFefeY8a3KN8ZTwkn9T7lhh6SzYQMKtZ6Z6AiDyUjLzHH3HJrbcUlN3XnE+
/MhOs7qOE5G44b6jU1xD4tbPa6ed3nLt948Zo6srTtmmAZwTaektBYB//1uPRodP
AVLp1n5AJaQ4VkXtGOODy4jDamvhMbGwDBWEhHmJnyMfDDZFYlCAstA2DKH8tZzC
uQV50k7E4QBl8uZjGHEBJzokuBrQlGQyudtwnbijG1LMD5ykcDmw1v2QLl3fwTot
5GKssKnbBakqk2tNX2icTgFim8KICuOypQ==
-----END CERTIFICATE-----