Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BB2/5D4CC2F608C811ED944F2566C4F9AE02/F06FFC3408CC11EDA7130E70C4F9AE02.roa
File:                     F06FFC3408CC11EDA7130E70C4F9AE02.roa (raw, json)
Hash identifier:          zP7Qj62dnFLaMrA991axjn4W/OgaLaxsWCrYSOqldyQ=
Subject key identifier:   2A:1D:CD:95:48:F3:BB:02:A6:57:18:62:9A:2B:02:E4:55:12:EB:62
Certificate issuer:       /CN=A91C6BB2/serialNumber=03BC749AC1682C4B46DA259AB7EB662AA225B0EE
Certificate serial:       01F1
Authority key identifier: 03:BC:74:9A:C1:68:2C:4B:46:DA:25:9A:B7:EB:66:2A:A2:25:B0:EE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A7x0msFoLEtG2iWat-tmKqIlsO4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6BB2/5D4CC2F608C811ED944F2566C4F9AE02/F06FFC3408CC11EDA7130E70C4F9AE02.roa
Signing time:             Wed 07 Aug 2024 03:24:55 +0000
ROA not before:           Wed 07 Aug 2024 03:24:55 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     134186
IP address blocks:        45.117.60.0/22 maxlen: 22
                          45.117.60.0/24 maxlen: 24
                          45.117.61.0/24 maxlen: 24
                          45.117.62.0/24 maxlen: 24
                          45.117.63.0/24 maxlen: 24
                          103.57.120.0/22 maxlen: 22
                          103.57.120.0/24 maxlen: 24
                          103.57.121.0/24 maxlen: 24
                          103.57.122.0/24 maxlen: 24
                          103.57.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Aug 2024 15:34:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 497 (0x1f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6BB2/serialNumber=03BC749AC1682C4B46DA259AB7EB662AA225B0EE
        Validity
            Not Before: Aug  7 03:24:55 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=66b2e906-4ff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a4:59:c9:af:c8:e3:33:84:03:a8:d2:f6:f4:
                    66:2d:a5:30:80:e4:3b:8d:f3:f9:52:ce:56:1d:64:
                    c8:9d:6d:ed:a4:78:6e:08:3f:7e:32:bd:60:07:90:
                    b7:8f:c1:e8:c3:45:e2:d7:93:82:84:42:31:ba:23:
                    09:b2:09:00:5f:f6:6e:31:47:93:1e:f2:c8:f0:ef:
                    b3:aa:6e:2d:cb:10:21:0d:dc:c6:03:75:52:32:4f:
                    ff:6e:1c:cc:7b:b0:90:6b:1f:52:c6:63:c4:15:58:
                    49:d1:6a:a7:b2:42:ea:1d:3a:52:26:9d:b5:38:3c:
                    e4:1b:4e:9f:e3:55:db:55:4c:3f:c8:a1:72:a0:b8:
                    0d:72:39:5e:9a:6f:f3:40:22:7a:02:5c:1c:d2:79:
                    d6:99:29:ff:63:dc:ff:2b:ca:97:44:fe:7d:a7:02:
                    eb:3c:44:6e:4a:35:5f:0b:b6:de:55:b9:85:a4:3c:
                    46:a3:5a:62:7a:21:6d:fb:df:92:c0:bf:53:79:8f:
                    55:26:62:7a:90:f4:52:7d:02:d3:2f:a5:52:5c:be:
                    80:ed:a3:68:81:0d:9d:bf:e8:57:1d:13:84:b3:5b:
                    b3:cd:eb:60:89:cc:1e:97:b7:83:e2:c8:b2:fb:8d:
                    ca:ec:92:b4:73:92:ec:95:3d:e2:dd:1c:d2:42:7c:
                    ca:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:1D:CD:95:48:F3:BB:02:A6:57:18:62:9A:2B:02:E4:55:12:EB:62
            X509v3 Authority Key Identifier:
                keyid:03:BC:74:9A:C1:68:2C:4B:46:DA:25:9A:B7:EB:66:2A:A2:25:B0:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6BB2/5D4CC2F608C811ED944F2566C4F9AE02/A7x0msFoLEtG2iWat-tmKqIlsO4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A7x0msFoLEtG2iWat-tmKqIlsO4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BB2/5D4CC2F608C811ED944F2566C4F9AE02/F06FFC3408CC11EDA7130E70C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.117.60.0/22
                  103.57.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:36:9a:a2:4d:86:73:95:89:34:3f:60:54:ca:df:9f:fd:97:
         57:8b:d6:b0:04:d7:7b:47:79:58:50:21:c4:93:25:21:11:82:
         f0:f6:49:76:84:52:28:9d:a6:84:57:d7:4c:df:b4:c3:b4:7b:
         f4:9c:e3:ba:38:75:cc:66:5b:bf:e4:ad:ad:18:7f:14:95:f3:
         bc:fc:e9:5d:1b:33:6a:34:d7:4a:5d:45:1e:be:ce:31:9c:38:
         19:8c:a9:7a:9e:60:06:6c:7c:98:1e:06:00:cd:b6:53:54:fb:
         a4:1d:0f:a0:b2:0f:40:dc:44:ba:ae:df:4b:64:76:8c:23:ec:
         3b:3a:73:c9:f3:94:ac:d3:42:7c:d1:cf:ce:a3:1c:ae:d6:f1:
         ac:49:cf:ff:b0:65:cf:eb:1d:48:8d:a3:ff:6f:74:fa:67:52:
         33:4f:4d:af:eb:88:50:64:61:79:6e:da:ad:43:1e:7e:22:48:
         15:fb:f5:66:92:ff:16:f6:ac:d7:05:a6:e6:10:c3:52:96:18:
         8c:de:89:84:2e:7a:c8:6b:42:b7:60:3b:f2:2b:c5:3d:35:85:
         7d:16:45:29:b3:0b:cb:35:42:99:a4:08:40:87:dd:8e:53:be:
         a9:cb:e2:30:f1:60:ff:fc:07:88:a5:d6:f8:d0:6a:ea:b8:e4:
         74:e7:f8:cf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCQjIxMTAvBgNVBAUTKDAzQkM3NDlBQzE2ODJDNEI0NkRBMjU5QUI3RUI2NjJB
QTIyNUIwRUUwHhcNMjQwODA3MDMyNDU1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIyZTkwNi00ZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqqRZya/I4zOEA6jS9vRmLaUwgOQ7jfP5Us5WHWTInW3tpHhuCD9+Mr1gB5C3
j8How0Xi15OChEIxuiMJsgkAX/ZuMUeTHvLI8O+zqm4tyxAhDdzGA3VSMk//bhzM
e7CQax9SxmPEFVhJ0WqnskLqHTpSJp21ODzkG06f41XbVUw/yKFyoLgNcjlemm/z
QCJ6Alwc0nnWmSn/Y9z/K8qXRP59pwLrPERuSjVfC7beVbmFpDxGo1pieiFt+9+S
wL9TeY9VJmJ6kPRSfQLTL6VSXL6A7aNogQ2dv+hXHROEs1uzzetgicwel7eD4siy
+43K7JK0c5LslT3i3RzSQnzKYwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCodzZVI
87sCplcYYporAuRVEutiMB8GA1UdIwQYMBaAFAO8dJrBaCxLRtolmrfrZiqiJbDu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJCMi81RDRDQzJGNjA4
QzgxMUVEOTQ0RjI1NjZDNEY5QUUwMi9BN3gwbXNGb0xFdEcyaVdhdC10bUtxSWxz
TzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0E3eDBtc0ZvTEV0RzJpV2F0LXRtS3FJbHNPNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCQjIvNUQ0Q0MyRjYwOEM4MTFFRDk0NEYyNTY2QzRGOUFFMDIvRjA2RkZDMzQw
OENDMTFFREE3MTMwRTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItdTwDBAJnOXgwDQYJKoZIhvcNAQELBQADggEBAFk2mqJN
hnOViTQ/YFTK35/9l1eL1rAE13tHeVhQIcSTJSERgvD2SXaEUiidpoRX10zftMO0
e/Sc47o4dcxmW7/kra0YfxSV87z86V0bM2o010pdRR6+zjGcOBmMqXqeYAZsfJge
BgDNtlNU+6QdD6CyD0DcRLqu30tkdowj7Ds6c8nzlKzTQnzRz86jHK7W8axJz/+w
Zc/rHUiNo/9vdPpnUjNPTa/riFBkYXlu2q1DHn4iSBX79WaS/xb2rNcFpuYQw1KW
GIzeiYQueshrQrdgO/IrxT01hX0WRSmzC8s1QpmkCECH3Y5TvqnL4jDxYP/8B4il
1vjQauq45HTn+M8=
-----END CERTIFICATE-----