Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/BC4CD744D91811ECB93C4C3BC4F9AE02.roa
File:                     BC4CD744D91811ECB93C4C3BC4F9AE02.roa (raw, json)
Hash identifier:          0Z8WNwGoloFt5qW4KneL29IWjwAlEU9RAjOMxAUSFLg=
Subject key identifier:   7B:FB:46:B2:F2:11:49:92:13:7A:88:8A:41:AA:6B:CE:86:72:09:AC
Certificate issuer:       /CN=A91C7B68/serialNumber=C284BA8A88A02116BEE43410E039E909E3029D0D
Certificate serial:       0766
Authority key identifier: C2:84:BA:8A:88:A0:21:16:BE:E4:34:10:E0:39:E9:09:E3:02:9D:0D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woS6ioigIRa-5DQQ4DnpCeMCnQ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/BC4CD744D91811ECB93C4C3BC4F9AE02.roa
Signing time:             Tue 28 Mar 2023 11:10:49 +0000
ROA not before:           Tue 28 Mar 2023 11:10:49 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     135339
IP address blocks:        103.214.156.0/22 maxlen: 22
                          103.214.156.0/23 maxlen: 23
                          103.214.156.0/24 maxlen: 24
                          103.214.157.0/24 maxlen: 24
                          103.214.158.0/24 maxlen: 24
                          103.214.159.0/24 maxlen: 24
                          144.48.112.0/22 maxlen: 22
                          144.48.112.0/23 maxlen: 23
                          144.48.112.0/24 maxlen: 24
                          144.48.113.0/24 maxlen: 24
                          144.48.114.0/24 maxlen: 24
                          144.48.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1894 (0x766)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7B68/serialNumber=C284BA8A88A02116BEE43410E039E909E3029D0D
        Validity
            Not Before: Mar 28 11:10:49 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=6422cb39-f534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ca:e6:52:b7:d1:e3:3b:ae:35:a7:f9:38:81:
                    a7:f8:c1:72:7f:63:6a:84:af:ae:a2:cb:8f:03:9e:
                    1e:55:26:69:87:4e:d2:34:a6:89:b3:44:0b:cb:ec:
                    48:94:e9:97:32:ae:42:b2:ce:83:9d:f0:88:1f:f3:
                    18:82:3c:46:d0:73:ea:bf:c2:5b:3b:fd:f2:b0:75:
                    97:f2:a6:39:84:22:0b:f1:f3:84:29:3e:1b:2e:ba:
                    f9:bd:54:01:98:92:b7:8c:56:81:f0:0a:ff:88:40:
                    f1:d7:5e:03:86:3d:a9:c5:13:99:2d:21:0b:17:d3:
                    ce:25:e7:a2:64:49:ce:3c:f8:00:d9:7b:ba:d4:02:
                    42:16:a6:8d:7e:15:32:b6:52:14:01:9e:fa:40:5c:
                    02:a6:1f:2b:94:5f:74:be:66:1c:a7:a4:e8:85:85:
                    b1:37:a2:58:47:28:93:56:5f:34:ea:cd:21:5c:52:
                    f1:02:9f:b9:73:a6:39:0c:03:15:b3:a0:8f:f0:e0:
                    d6:40:1d:b4:51:c0:71:02:cf:07:f2:35:dd:93:fd:
                    e1:f7:80:2d:92:b2:03:7f:d1:66:e2:dc:a0:07:41:
                    85:2d:e6:28:38:18:c2:6c:31:21:1d:b1:41:3b:a4:
                    3b:bf:ce:df:d5:8a:ef:c4:15:a5:22:e1:d5:a4:b2:
                    72:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:FB:46:B2:F2:11:49:92:13:7A:88:8A:41:AA:6B:CE:86:72:09:AC
            X509v3 Authority Key Identifier:
                keyid:C2:84:BA:8A:88:A0:21:16:BE:E4:34:10:E0:39:E9:09:E3:02:9D:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/woS6ioigIRa-5DQQ4DnpCeMCnQ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woS6ioigIRa-5DQQ4DnpCeMCnQ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/BC4CD744D91811ECB93C4C3BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.214.156.0/22
                  144.48.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:f7:69:9c:d7:1c:1a:6a:f4:94:96:f3:86:ef:b0:9b:14:dd:
         81:fd:37:8d:83:1a:dc:cf:c6:7d:c3:a4:99:55:b0:9e:34:80:
         29:5b:70:e0:7c:f6:f6:0b:dd:82:68:41:9e:e9:79:ce:10:1e:
         7b:41:bd:05:b2:f7:7d:ef:10:cc:09:49:a2:1e:29:b5:28:cc:
         67:15:20:35:2c:07:08:10:70:94:49:f5:e3:38:ec:dc:cc:36:
         8b:ce:b7:ec:9f:18:40:b2:c1:1d:ee:55:d4:74:88:35:9d:cf:
         b8:e2:ac:29:61:be:02:18:83:cb:98:eb:b3:56:ca:61:4b:7b:
         62:97:81:5c:29:b7:0b:94:49:fb:36:ec:bf:81:89:1d:c2:b7:
         24:16:68:77:d2:2b:63:5d:7e:fd:41:52:cb:17:cd:b4:88:a0:
         1c:34:ba:95:7f:97:69:ae:84:8f:ae:86:84:35:3b:f2:a0:3f:
         67:56:8c:b9:81:f7:c8:3b:bb:64:00:1b:bb:65:7a:39:bb:9d:
         25:39:2b:6f:c0:9b:e3:fc:07:69:62:b2:20:c4:20:61:ce:e9:
         2e:3b:40:e2:d3:df:78:7b:35:78:48:ca:69:d7:50:da:37:8c:
         5a:77:24:81:40:2e:ed:56:ed:43:0b:68:51:7d:2b:40:bc:86:
         c3:9c:45:c1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCNjgxMTAvBgNVBAUTKEMyODRCQThBODhBMDIxMTZCRUU0MzQxMEUwMzlFOTA5
RTMwMjlEMEQwHhcNMjMwMzI4MTExMDQ5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIyY2IzOS1mNTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsMrmUrfR4zuuNaf5OIGn+MFyf2NqhK+uosuPA54eVSZph07SNKaJs0QLy+xI
lOmXMq5Css6DnfCIH/MYgjxG0HPqv8JbO/3ysHWX8qY5hCIL8fOEKT4bLrr5vVQB
mJK3jFaB8Ar/iEDx114Dhj2pxROZLSELF9POJeeiZEnOPPgA2Xu61AJCFqaNfhUy
tlIUAZ76QFwCph8rlF90vmYcp6TohYWxN6JYRyiTVl806s0hXFLxAp+5c6Y5DAMV
s6CP8ODWQB20UcBxAs8H8jXdk/3h94AtkrIDf9Fm4tygB0GFLeYoOBjCbDEhHbFB
O6Q7v87f1YrvxBWlIuHVpLJyUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHv7RrLy
EUmSE3qIikGqa86GcgmsMB8GA1UdIwQYMBaAFMKEuoqIoCEWvuQ0EOA56QnjAp0N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0I2OC81M0E3QjkyQ0Iw
QTUxMUVBOEY5MkVEMTdDNEY5QUUwMi93b1M2aW9pZ0lSYS01RFFRNERucENlTUNu
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dvUzZpb2lnSVJhLTVEUVE0RG5wQ2VNQ25RMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCNjgvNTNBN0I5MkNCMEE1MTFFQThGOTJFRDE3QzRGOUFFMDIvQkM0Q0Q3NDRE
OTE4MTFFQ0I5M0M0QzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn1pwDBAKQMHAwDQYJKoZIhvcNAQELBQADggEBAGb3aZzX
HBpq9JSW84bvsJsU3YH9N42DGtzPxn3DpJlVsJ40gClbcOB89vYL3YJoQZ7pec4Q
HntBvQWy933vEMwJSaIeKbUozGcVIDUsBwgQcJRJ9eM47NzMNovOt+yfGECywR3u
VdR0iDWdz7jirClhvgIYg8uY67NWymFLe2KXgVwptwuUSfs27L+BiR3CtyQWaHfS
K2Ndfv1BUssXzbSIoBw0upV/l2muhI+uhoQ1O/KgP2dWjLmB98g7u2QAG7tlejm7
nSU5K2/Am+P8B2lisiDEIGHO6S47QOLT33h7NXhIymnXUNo3jFp3JIFALu1W7UML
aFF9K0C8hsOcRcE=
-----END CERTIFICATE-----