Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/6A14D330F9AC11EEABC2273CC4F9AE02.roa
File:                     6A14D330F9AC11EEABC2273CC4F9AE02.roa (raw, json)
Hash identifier:          Qc0sdI1e6YQC9UyUu6rpnIVBt7y4UGv5RVVMMNGo8As=
Subject key identifier:   E2:2B:6D:59:EF:ED:22:64:9B:F8:3A:37:D2:72:D7:3F:40:87:34:08
Certificate issuer:       /CN=A91C8347/serialNumber=2ADBB71B11523CA3392E5F37D9DC76B211DBE083
Certificate serial:       35
Authority key identifier: 2A:DB:B7:1B:11:52:3C:A3:39:2E:5F:37:D9:DC:76:B2:11:DB:E0:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ktu3GxFSPKM5Ll832dx2shHb4IM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/6A14D330F9AC11EEABC2273CC4F9AE02.roa
Signing time:             Wed 05 Jun 2024 09:19:45 +0000
ROA not before:           Wed 05 Jun 2024 09:19:45 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     63150
IP address blocks:        103.219.192.0/24 maxlen: 24
                          103.219.193.0/24 maxlen: 24
                          103.219.194.0/24 maxlen: 24
                          2401:7d20:200::/40 maxlen: 40
                          2401:7d20:300::/40 maxlen: 40

Validation:               Failed, certificate revoked on Wed 20 Nov 2024 04:03:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53 (0x35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8347/serialNumber=2ADBB71B11523CA3392E5F37D9DC76B211DBE083
        Validity
            Not Before: Jun  5 09:19:45 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=66602db1-4a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:3c:6f:1f:d5:1c:0f:d4:25:34:cb:0d:fa:76:
                    cf:02:50:ee:91:8a:92:43:d9:e9:40:60:ea:40:e9:
                    b6:41:48:a2:52:49:7f:f9:0f:56:be:b4:bd:a5:3e:
                    f7:80:0a:8f:a2:70:25:9b:c6:01:a6:c6:6a:ab:09:
                    c5:6b:34:19:8e:d8:03:f7:f9:c4:b3:16:df:32:03:
                    ac:9a:99:6c:3a:35:11:b6:e7:2b:4d:10:96:ae:82:
                    74:fb:62:96:d7:04:0b:41:b5:8e:ba:25:38:86:f5:
                    b0:d1:38:88:df:17:e1:0c:bb:4c:b2:88:24:c3:c4:
                    cc:1a:8b:d7:b1:bb:d7:7c:21:3f:87:c6:1b:83:cb:
                    d0:f6:b0:03:ff:7a:d5:0e:8d:ea:0a:6c:c1:79:ae:
                    77:d9:b5:dd:57:59:15:a3:ee:26:1e:1a:6b:3b:8c:
                    ec:cb:dc:56:c0:d0:79:2d:4d:7b:54:c9:bb:48:c7:
                    d4:af:9a:2d:28:e4:e3:55:65:bd:fe:f9:c3:f4:8e:
                    b8:bd:6d:ed:db:a2:f7:0f:6c:74:bd:20:f2:69:0f:
                    6c:dc:15:55:64:1a:a3:66:1e:e2:3c:ec:f7:72:5d:
                    0b:7e:45:17:ca:f0:92:2c:2c:51:f1:25:09:6a:66:
                    af:c1:bc:22:53:b3:10:fd:ae:dd:5c:d4:df:e2:df:
                    f9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:2B:6D:59:EF:ED:22:64:9B:F8:3A:37:D2:72:D7:3F:40:87:34:08
            X509v3 Authority Key Identifier:
                keyid:2A:DB:B7:1B:11:52:3C:A3:39:2E:5F:37:D9:DC:76:B2:11:DB:E0:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/Ktu3GxFSPKM5Ll832dx2shHb4IM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ktu3GxFSPKM5Ll832dx2shHb4IM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8347/C3E72190F9A911EEA82A791AC4F9AE02/6A14D330F9AC11EEABC2273CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.219.192.0-103.219.194.255
                IPv6:
                  2401:7d20:200::/39

    Signature Algorithm: sha256WithRSAEncryption
         4a:8f:52:74:36:e3:9b:12:53:7a:ea:79:fc:94:05:5a:f3:bb:
         95:82:8d:bf:e0:ff:69:70:22:2f:70:8c:9f:0e:23:34:42:bb:
         a8:fd:13:a7:7f:5c:31:3b:44:86:71:2f:1d:be:71:5c:8e:21:
         fc:e8:91:be:39:c6:e9:51:63:5e:20:3f:a4:5a:0e:95:83:e5:
         f7:02:08:e0:a2:b8:e7:dd:26:97:9c:e9:02:17:4f:50:7d:99:
         e0:60:9d:03:e3:14:76:cd:62:79:d2:17:5c:56:4a:14:80:d7:
         4e:bb:5f:e5:7f:25:16:8e:bf:b8:27:a9:9c:42:63:ab:c3:ed:
         58:0e:7b:73:6d:fd:19:c0:ec:2a:ff:a3:d4:6a:42:75:b5:d9:
         fe:59:c1:c7:ba:4c:07:66:43:21:b3:3f:f1:75:c0:5a:d6:b9:
         a6:5d:a2:9c:08:d4:35:cf:9f:2c:73:af:1a:ff:c2:de:71:59:
         e5:5a:3c:01:f8:55:3e:6b:c5:7a:2c:b4:39:d2:e1:b6:ea:ee:
         85:b7:ff:2d:3e:b9:63:42:fd:0e:1c:23:81:49:d6:18:5a:9b:
         9c:ff:6e:9b:2d:26:9e:81:dd:7c:7b:9e:4c:e7:ed:ff:44:75:
         c4:11:47:b6:b4:28:b2:71:6f:34:a8:72:69:38:6a:2d:60:e1:
         15:3f:b9:72
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
ODM0NzExMC8GA1UEBRMoMkFEQkI3MUIxMTUyM0NBMzM5MkU1RjM3RDlEQzc2QjIx
MURCRTA4MzAeFw0yNDA2MDUwOTE5NDVaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjAyZGIxLTRhNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPPG8f1RwP1CU0yw36ds8CUO6RipJD2elAYOpA6bZBSKJSSX/5D1a+tL2lPveA
Co+icCWbxgGmxmqrCcVrNBmO2AP3+cSzFt8yA6yamWw6NRG25ytNEJaugnT7YpbX
BAtBtY66JTiG9bDROIjfF+EMu0yyiCTDxMwai9exu9d8IT+HxhuDy9D2sAP/etUO
jeoKbMF5rnfZtd1XWRWj7iYeGms7jOzL3FbA0HktTXtUybtIx9Svmi0o5ONVZb3+
+cP0jri9be3bovcPbHS9IPJpD2zcFVVkGqNmHuI87PdyXQt+RRfK8JIsLFHxJQlq
Zq/BvCJTsxD9rt1c1N/i3/mfAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQU4ittWe/t
ImSb+Do30nLXP0CHNAgwHwYDVR0jBBgwFoAUKtu3GxFSPKM5Ll832dx2shHb4IMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4MzQ3L0MzRTcyMTkwRjlB
OTExRUVBODJBNzkxQUM0RjlBRTAyL0t0dTNHeEZTUEtNNUxsODMyZHgyc2hIYjRJ
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS3R1M0d4RlNQS001TGw4MzJkeDJzaEhiNElNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
ODM0Ny9DM0U3MjE5MEY5QTkxMUVFQTgyQTc5MUFDNEY5QUUwMi82QTE0RDMzMEY5
QUMxMUVFQUJDMjI3M0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwFAQCAAEwDjAMAwQGZ9vAAwQAZ9vCMA4EAgACMAgDBgEkAX0gAjANBgkqhkiG
9w0BAQsFAAOCAQEASo9SdDbjmxJTeup5/JQFWvO7lYKNv+D/aXAiL3CMnw4jNEK7
qP0Tp39cMTtEhnEvHb5xXI4h/OiRvjnG6VFjXiA/pFoOlYPl9wII4KK4590ml5zp
AhdPUH2Z4GCdA+MUds1iedIXXFZKFIDXTrtf5X8lFo6/uCepnEJjq8PtWA57c239
GcDsKv+j1GpCdbXZ/lnBx7pMB2ZDIbM/8XXAWta5pl2inAjUNc+fLHOvGv/C3nFZ
5Vo8AfhVPmvFeiy0OdLhturuhbf/LT65Y0L9DhwjgUnWGFqbnP9umy0mnoHdfHue
TOft/0R1xBFHtrQosnFvNKhyaThqLWDhFT+5cg==
-----END CERTIFICATE-----