Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/099857F8F12711EE81BAB37DC4F9AE02.roa
File:                     099857F8F12711EE81BAB37DC4F9AE02.roa (raw, json)
Hash identifier:          4C0dk9DsL9gBLfIxDpVx529GYtuQmuNS/j7R4oHM88I=
Subject key identifier:   3C:3A:1B:C5:7E:89:4E:26:96:03:B6:9E:74:13:DE:16:BE:C0:AA:AB
Certificate issuer:       /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial:       0126
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/099857F8F12711EE81BAB37DC4F9AE02.roa
Signing time:             Tue 02 Apr 2024 19:27:26 +0000
ROA not before:           Tue 02 Apr 2024 19:27:26 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        103.85.200.0/24 maxlen: 24
                          103.85.201.0/24 maxlen: 24
                          103.85.202.0/24 maxlen: 24
                          103.85.203.0/24 maxlen: 24
                          110.44.108.0/24 maxlen: 24
                          110.44.109.0/24 maxlen: 24
                          110.44.110.0/24 maxlen: 24
                          110.44.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 15:13:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 294 (0x126)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
        Validity
            Not Before: Apr  2 19:27:26 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=660c5c1e-67c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a6:53:a2:40:d3:fb:e6:1b:df:25:70:84:b5:
                    02:7e:4a:74:66:4c:e8:b3:7d:58:13:5f:57:d8:96:
                    cb:6a:2b:2c:c2:9b:9e:f7:4d:db:41:da:76:9f:6a:
                    2f:16:c1:98:03:2c:f7:16:be:23:71:66:14:f4:a4:
                    82:9a:19:fe:3d:e7:f4:23:d5:78:bf:fc:18:05:fc:
                    36:cd:f2:dc:79:5b:07:ce:34:12:63:2f:74:00:44:
                    d8:67:63:6a:6e:d0:95:18:80:3d:38:bb:d5:76:21:
                    01:9f:be:f8:29:57:13:a6:a7:ff:eb:28:a9:b7:c0:
                    91:5d:20:bf:29:91:ab:5b:06:42:e0:e8:34:e6:36:
                    f9:00:15:5d:05:23:ab:ad:10:f6:60:05:18:87:e5:
                    79:56:8b:5b:76:cd:72:bd:f9:69:13:67:72:e9:df:
                    f9:3a:45:c2:0b:9d:4a:e6:ee:7e:3f:39:27:31:af:
                    1d:95:ff:81:9c:86:73:30:62:0b:b3:23:a4:9b:1e:
                    4e:05:c8:91:20:3e:3f:18:b1:a4:5e:54:8d:98:d5:
                    bd:7d:06:5b:b8:42:c1:36:ec:5d:85:37:0f:cb:e8:
                    5e:c8:a9:1e:6f:9b:57:ee:1f:a6:76:db:32:c8:a7:
                    ca:b2:8b:27:c7:13:82:40:17:9d:be:15:d0:34:d4:
                    f8:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:3A:1B:C5:7E:89:4E:26:96:03:B6:9E:74:13:DE:16:BE:C0:AA:AB
            X509v3 Authority Key Identifier:
                keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/099857F8F12711EE81BAB37DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.200.0/22
                  110.44.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:4a:72:44:74:62:fb:34:9b:c6:b2:70:a2:46:b7:f4:b5:7e:
         f4:8d:77:8b:cb:94:e5:81:10:e4:ef:4e:f3:c8:c2:40:9c:dd:
         c2:6e:ab:9a:ed:85:b6:9c:b2:89:92:21:62:09:fb:93:98:ab:
         20:dd:5c:cc:c3:11:49:8a:a8:c6:b0:68:69:7e:7c:4b:8c:60:
         e3:87:dd:51:b8:a2:7c:62:7d:56:4e:8b:a8:5d:2d:20:97:d3:
         db:ef:ae:22:c7:f0:70:71:16:8f:00:fb:25:20:f8:76:0e:74:
         40:5b:0f:fc:ad:59:f3:e7:39:49:e2:10:bb:40:a0:5d:ff:f2:
         16:f0:af:ec:99:f3:7b:f6:b8:b1:9e:3e:af:f6:2b:75:d4:57:
         56:1f:35:34:b5:e5:14:6a:aa:33:bf:cc:c9:d9:03:98:04:61:
         99:a2:3a:6d:94:09:95:d4:1c:ae:ba:cf:79:dd:6e:a8:c0:8d:
         e0:09:30:77:36:0d:e3:9c:c4:ac:bf:e1:ce:24:9c:30:4f:55:
         da:36:2c:85:c3:b3:9d:2c:bd:2a:eb:01:74:ec:8a:aa:06:74:
         b3:d3:41:f9:69:1c:19:42:19:98:53:d7:18:d5:02:76:df:f1:
         2f:8c:c5:b6:b3:ec:2a:ee:ea:5d:a4:ad:4f:01:62:79:11:e4:
         aa:62:d8:c0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjQwNDAyMTkyNzI2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjNWMxZS02N2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn6ZTokDT++Yb3yVwhLUCfkp0Zkzos31YE19X2JbLaisswpue903bQdp2n2ov
FsGYAyz3Fr4jcWYU9KSCmhn+Pef0I9V4v/wYBfw2zfLceVsHzjQSYy90AETYZ2Nq
btCVGIA9OLvVdiEBn774KVcTpqf/6yipt8CRXSC/KZGrWwZC4Og05jb5ABVdBSOr
rRD2YAUYh+V5Votbds1yvflpE2dy6d/5OkXCC51K5u5+PzknMa8dlf+BnIZzMGIL
syOkmx5OBciRID4/GLGkXlSNmNW9fQZbuELBNuxdhTcPy+heyKkeb5tX7h+mdtsy
yKfKsosnxxOCQBedvhXQNNT4jwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDw6G8V+
iU4mlgO2nnQT3ha+wKqrMB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvMDk5ODU3RjhG
MTI3MTFFRTgxQkFCMzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBAJuLGwwDQYJKoZIhvcNAQELBQADggEBADpKckR0
Yvs0m8aycKJGt/S1fvSNd4vLlOWBEOTvTvPIwkCc3cJuq5rthbacsomSIWIJ+5OY
qyDdXMzDEUmKqMawaGl+fEuMYOOH3VG4onxifVZOi6hdLSCX09vvriLH8HBxFo8A
+yUg+HYOdEBbD/ytWfPnOUniELtAoF3/8hbwr+yZ83v2uLGePq/2K3XUV1YfNTS1
5RRqqjO/zMnZA5gEYZmiOm2UCZXUHK66z3ndbqjAjeAJMHc2DeOcxKy/4c4knDBP
Vdo2LIXDs50svSrrAXTsiqoGdLPTQflpHBlCGZhT1xjVAnbf8S+Mxbaz7Cru6l2k
rU8BYnkR5Kpi2MA=
-----END CERTIFICATE-----