Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/F96ABCB62DE811EDB4B69F0EC4F9AE02.roa
File:                     F96ABCB62DE811EDB4B69F0EC4F9AE02.roa (raw, json)
Hash identifier:          zkjdws0L9T0Gr7PqWvDrN/quBbJKHNUyZf5XQ7ifFLE=
Subject key identifier:   FD:57:70:A9:BA:BF:4F:E5:B0:02:AC:A6:20:99:5F:8E:2F:C8:37:A1
Certificate issuer:       /CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E
Certificate serial:       0ADB
Authority key identifier: 9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/F96ABCB62DE811EDB4B69F0EC4F9AE02.roa
Signing time:             Mon 04 Dec 2023 19:47:19 +0000
ROA not before:           Mon 04 Dec 2023 19:47:19 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     138024
IP address blocks:        103.195.0.0/24 maxlen: 24
                          103.195.1.0/24 maxlen: 24
                          103.195.2.0/24 maxlen: 24
                          103.195.3.0/24 maxlen: 24
                          139.5.132.0/24 maxlen: 24
                          139.5.133.0/24 maxlen: 24
                          139.5.134.0/24 maxlen: 24
                          139.5.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 23:19:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2779 (0xadb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E
        Validity
            Not Before: Dec  4 19:47:19 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=656e2cc6-14cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:22:22:02:b9:ee:b8:82:31:b4:c2:bb:18:65:
                    c5:97:f0:16:ab:4c:6b:70:46:84:e5:ac:19:84:b1:
                    f7:18:73:94:1d:5d:d8:43:36:cc:fa:31:36:7b:32:
                    4c:db:cd:3b:37:33:6a:24:7f:d3:21:ea:c1:10:c2:
                    9f:01:fc:d1:b6:10:04:31:7b:3a:03:d4:8f:6b:1d:
                    1c:c1:78:b1:10:01:b6:49:1c:4f:75:7f:4f:93:3a:
                    a2:59:6c:7b:05:97:8b:ab:1e:c5:8e:02:65:19:49:
                    a1:6d:5f:da:9a:94:5a:2c:bf:50:0b:7f:4d:d3:18:
                    78:cf:56:e9:b9:a1:b6:18:d0:67:99:84:74:25:d8:
                    74:95:c6:5c:5a:af:34:cd:26:e9:eb:8e:8b:6f:86:
                    c3:d5:4c:0f:31:56:ec:a6:f2:90:38:eb:e2:d5:2e:
                    8c:43:ba:87:9c:76:5d:72:7c:42:3c:34:f6:04:88:
                    74:26:05:ae:26:9c:d4:48:48:4a:ce:7f:d6:6e:b5:
                    f5:3f:7a:7b:ec:19:20:b6:a8:64:0f:74:5b:95:91:
                    31:b5:73:ef:41:23:89:ca:69:49:49:67:71:30:8d:
                    ee:6f:c2:c3:e1:52:f8:52:d6:a8:7c:b6:8c:98:25:
                    7e:ce:6d:b3:c1:c4:22:bf:9d:1b:0e:6e:2e:86:54:
                    05:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:57:70:A9:BA:BF:4F:E5:B0:02:AC:A6:20:99:5F:8E:2F:C8:37:A1
            X509v3 Authority Key Identifier:
                keyid:9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/F96ABCB62DE811EDB4B69F0EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.195.0.0/22
                  139.5.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:42:9b:73:56:82:59:bc:6c:76:8f:c4:20:41:65:6e:56:97:
         95:a2:79:34:de:3d:c3:72:1f:48:7f:a7:b1:e1:c7:46:71:71:
         c6:22:3e:08:75:7f:92:4e:85:ed:ee:b6:cd:c3:ba:2e:7f:1d:
         2e:b7:01:b1:2f:89:7e:23:f5:cb:15:20:62:be:98:99:fd:f3:
         f0:0d:36:ac:f7:2d:4b:38:8f:25:bd:b5:4e:c3:66:62:24:2e:
         2a:4b:dc:c3:90:e1:24:9a:65:9e:ff:43:03:ea:36:bd:3b:86:
         6a:61:3f:92:21:da:73:c1:cb:3c:a8:00:bc:80:d3:ac:9d:4b:
         59:a2:2a:72:a3:ee:17:c4:21:e6:bc:db:ef:de:ec:7b:c9:ef:
         97:9d:9b:0c:85:b3:3b:44:1c:9f:f4:ea:22:07:d9:ee:fa:76:
         99:01:67:6f:7f:aa:79:82:44:ba:00:b8:de:db:72:2a:ae:f1:
         29:61:29:d4:13:0d:b8:75:b3:ae:ca:10:bf:36:bf:a9:89:e2:
         26:37:92:3a:95:4e:fc:bc:be:9e:22:60:c6:76:f5:1d:60:1d:
         c0:0a:31:0a:c6:a4:8c:4e:9c:f2:2e:ae:56:70:b0:e0:16:c3:
         ac:a7:90:ac:bc:e8:04:31:0b:df:99:10:5e:a7:b8:59:8b:e7:
         02:96:a7:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0JEQzgxMTAvBgNVBAUTKDlCNjdDODcyMTRFRDk5NjU0MDcxMTkwQkVCQ0YwQjhE
OUZBMUFGNEUwHhcNMjMxMjA0MTk0NzE5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZlMmNjNi0xNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyIiArnuuIIxtMK7GGXFl/AWq0xrcEaE5awZhLH3GHOUHV3YQzbM+jE2ezJM
2807NzNqJH/TIerBEMKfAfzRthAEMXs6A9SPax0cwXixEAG2SRxPdX9PkzqiWWx7
BZeLqx7FjgJlGUmhbV/ampRaLL9QC39N0xh4z1bpuaG2GNBnmYR0Jdh0lcZcWq80
zSbp646Lb4bD1UwPMVbspvKQOOvi1S6MQ7qHnHZdcnxCPDT2BIh0JgWuJpzUSEhK
zn/WbrX1P3p77BkgtqhkD3RblZExtXPvQSOJymlJSWdxMI3ub8LD4VL4UtaofLaM
mCV+zm2zwcQiv50bDm4uhlQFIwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP1XcKm6
v0/lsAKspiCZX44vyDehMB8GA1UdIwQYMBaAFJtnyHIU7ZllQHEZC+vPC42foa9O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkRDOC82Njk3NjNGMDE4
RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1XVkFjUmtMNjg4TGpaLWhy
MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20yZkljaFR0bVdWQWNSa0w2ODhMalotaHIwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0JEQzgvNjY5NzYzRjAxOEUwMTFFQUEwQzM4RTdCQzRGOUFFMDIvRjk2QUJDQjYy
REU4MTFFREI0QjY5RjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnwwADBAKLBYQwDQYJKoZIhvcNAQELBQADggEBALlCm3NW
glm8bHaPxCBBZW5Wl5WieTTePcNyH0h/p7Hhx0ZxccYiPgh1f5JOhe3uts3Dui5/
HS63AbEviX4j9csVIGK+mJn98/ANNqz3LUs4jyW9tU7DZmIkLipL3MOQ4SSaZZ7/
QwPqNr07hmphP5Ih2nPByzyoALyA06ydS1miKnKj7hfEIea82+/e7HvJ75edmwyF
sztEHJ/06iIH2e76dpkBZ29/qnmCRLoAuN7bciqu8SlhKdQTDbh1s67KEL82v6mJ
4iY3kjqVTvy8vp4iYMZ29R1gHcAKMQrGpIxOnPIurlZwsOAWw6ynkKy86AQxC9+Z
EF6nuFmL5wKWpxE=
-----END CERTIFICATE-----