Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/1CAE3086115B11EDAB116778C4F9AE02.roa
File:                     1CAE3086115B11EDAB116778C4F9AE02.roa (raw, json)
Hash identifier:          B9npWD6VEF50A2n+Y4STSwdNfFxriQY/dLtbkEzaBUE=
Subject key identifier:   FB:9E:FD:2C:A3:00:C6:F3:AA:A7:55:59:43:D3:49:8F:F9:62:DF:28
Certificate issuer:       /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial:       0577
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/1CAE3086115B11EDAB116778C4F9AE02.roa
Signing time:             Wed 25 Jan 2023 00:50:26 +0000
ROA not before:           Wed 25 Jan 2023 00:50:26 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        202.139.240.0/23 maxlen: 24
                          202.139.248.0/24 maxlen: 24
                          203.32.10.0/23 maxlen: 24
                          203.147.139.0/24 maxlen: 24
                          210.247.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1399 (0x577)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
        Validity
            Not Before: Jan 25 00:50:26 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63d07cd2-f010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:85:77:a8:1c:b6:9b:b2:68:5d:8c:b1:a7:e2:
                    5b:64:21:28:7a:ad:41:c6:6b:59:75:38:b4:c6:5c:
                    c6:b2:f4:0c:0e:8c:ca:bc:8e:44:f0:78:86:63:55:
                    17:a7:8c:a2:85:80:c8:df:9a:b4:6b:71:eb:b5:7a:
                    2a:63:14:5d:6c:4e:2a:e5:ea:a8:dc:ae:fb:4f:59:
                    5c:56:37:91:4d:a6:c0:dc:b1:2a:02:64:d7:57:c6:
                    e4:d4:cf:36:73:d5:a7:3c:90:79:5e:c4:8c:c9:41:
                    58:63:a0:fd:57:4c:aa:8e:77:b4:e1:38:d9:b7:45:
                    1b:e0:d6:34:11:76:1b:25:b7:c8:4a:91:23:01:02:
                    4e:e2:e8:b5:6a:85:dc:51:35:01:26:96:20:91:84:
                    b0:ac:e5:b1:2a:70:c6:10:ce:18:68:1a:57:3a:f5:
                    50:6f:27:bb:1a:1b:d1:a9:06:b2:ca:c1:22:47:f1:
                    a9:5d:4b:d1:fc:77:a6:8d:1b:7b:ed:de:c2:2d:42:
                    c7:2f:d6:81:90:d3:67:2c:ab:39:7b:71:c5:d4:57:
                    df:3a:c5:c9:a1:02:3f:aa:eb:6b:e3:a1:a2:f1:99:
                    3b:a1:c5:fd:be:26:bb:54:52:cf:81:1d:a3:ca:af:
                    2d:03:e1:0b:64:e0:55:22:ae:a3:de:2e:9f:c5:d0:
                    be:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9E:FD:2C:A3:00:C6:F3:AA:A7:55:59:43:D3:49:8F:F9:62:DF:28
            X509v3 Authority Key Identifier:
                keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/1CAE3086115B11EDAB116778C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.139.240.0/23
                  202.139.248.0/24
                  203.32.10.0/23
                  203.147.139.0/24
                  210.247.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:9a:d6:a2:cc:cc:81:ab:97:52:f6:13:1d:87:3f:e8:18:ed:
         98:7c:fa:59:f5:f9:4e:32:71:4b:57:e7:d4:49:89:89:0f:1c:
         db:56:b9:2f:23:9a:b4:8d:4f:17:15:d3:79:cd:80:62:f4:aa:
         ab:e0:f9:62:98:18:a6:b5:8b:34:df:de:5b:b4:71:8d:72:05:
         cc:b0:97:ee:b2:d1:37:1a:0c:8e:ed:59:31:68:41:bd:7d:a1:
         c5:6d:77:63:21:d4:6c:c1:bb:ed:14:f9:73:98:12:f0:76:8a:
         9c:d6:5e:4a:34:8a:d1:48:c5:74:84:6b:fe:d6:da:d0:a8:d4:
         9d:f8:5d:8d:70:01:27:0f:74:48:4c:4a:e0:a2:24:81:3e:fd:
         10:45:56:a2:37:1c:ca:58:77:b9:07:4f:47:a3:de:1e:6a:0e:
         e0:eb:42:b9:cd:b9:30:5d:c7:10:fe:4c:05:64:b5:7f:28:1f:
         b6:ec:bd:46:9f:84:66:a7:3d:f6:0f:44:af:58:ba:7f:ce:88:
         52:e9:a6:b3:40:57:b2:fc:0d:4d:ef:e0:27:7e:31:b7:85:34:
         06:ab:cb:39:88:32:5f:12:02:9e:3e:aa:e6:e2:ea:60:a2:3b:
         0d:19:1e:ae:03:f1:e3:1b:fc:b2:ab:16:2e:af:de:64:79:7a:
         86:c3:80:27
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwMTI1MDA1MDI2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QwN2NkMi1mMDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIV3qBy2m7JoXYyxp+JbZCEoeq1BxmtZdTi0xlzGsvQMDozKvI5E8HiGY1UX
p4yihYDI35q0a3HrtXoqYxRdbE4q5eqo3K77T1lcVjeRTabA3LEqAmTXV8bk1M82
c9WnPJB5XsSMyUFYY6D9V0yqjne04TjZt0Ub4NY0EXYbJbfISpEjAQJO4ui1aoXc
UTUBJpYgkYSwrOWxKnDGEM4YaBpXOvVQbye7GhvRqQayysEiR/GpXUvR/HemjRt7
7d7CLULHL9aBkNNnLKs5e3HF1FffOsXJoQI/qutr46Gi8Zk7ocX9via7VFLPgR2j
yq8tA+ELZOBVIq6j3i6fxdC+7wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPue/Syj
AMbzqqdVWUPTSY/5Yt8oMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMUNBRTMwODYx
MTVCMTFFREFCMTE2Nzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAHKi/ADBADKi/gDBAHLIAoDBADLk4sDBADS99kwDQYJKoZI
hvcNAQELBQADggEBAEma1qLMzIGrl1L2Ex2HP+gY7Zh8+ln1+U4ycUtX59RJiYkP
HNtWuS8jmrSNTxcV03nNgGL0qqvg+WKYGKa1izTf3lu0cY1yBcywl+6y0TcaDI7t
WTFoQb19ocVtd2Mh1GzBu+0U+XOYEvB2ipzWXko0itFIxXSEa/7W2tCo1J34XY1w
AScPdEhMSuCiJIE+/RBFVqI3HMpYd7kHT0ej3h5qDuDrQrnNuTBdxxD+TAVktX8o
H7bsvUafhGanPfYPRK9Yun/OiFLpprNAV7L8DU3v4Cd+MbeFNAaryzmIMl8SAp4+
qubi6mCiOw0ZHq4D8eMb/LKrFi6v3mR5eobDgCc=
-----END CERTIFICATE-----