Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBE4E/DB03F65A52C911EE90328F14C4F9AE02/14E02ACCF3FC11EF966FB82FC4F9AE02.roa
File:                     14E02ACCF3FC11EF966FB82FC4F9AE02.roa (raw, json)
Hash identifier:          qo4EZxYT9wJihxb79YV9fmaYmiL4q7ck2i7pIBW09p4=
Subject key identifier:   E7:90:ED:3C:FA:E7:B7:0B:8C:C2:21:EC:C0:11:3C:02:FD:10:C6:DC
Certificate issuer:       /CN=A91CBE4E/serialNumber=6FF1A24E7F54F2EF0C605E0E06FC8A46C544D6D3
Certificate serial:       0116
Authority key identifier: 6F:F1:A2:4E:7F:54:F2:EF:0C:60:5E:0E:06:FC:8A:46:C5:44:D6:D3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_GiTn9U8u8MYF4OBvyKRsVE1tM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CBE4E/DB03F65A52C911EE90328F14C4F9AE02/14E02ACCF3FC11EF966FB82FC4F9AE02.roa
Signing time:             Wed 26 Feb 2025 04:42:28 +0000
ROA not before:           Wed 26 Feb 2025 04:42:28 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     151809
IP address blocks:        103.218.136.0/24 maxlen: 24
                          103.218.137.0/24 maxlen: 24
                          2001:df2:ee40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 26 Feb 2025 04:42:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 278 (0x116)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CBE4E/serialNumber=6FF1A24E7F54F2EF0C605E0E06FC8A46C544D6D3
        Validity
            Not Before: Feb 26 04:42:28 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=67be9bb4-7960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:eb:86:c2:cb:44:13:70:76:a4:dd:05:ea:aa:
                    ed:2c:3f:ca:f0:f8:b2:02:01:3a:9a:f9:51:81:54:
                    32:b0:30:03:e8:2f:1e:a0:3d:4e:4a:9e:64:b2:f5:
                    1e:f3:69:d0:56:8f:dc:ac:24:6a:fb:c3:a3:0c:fb:
                    bb:76:b2:b7:1f:7b:3f:ef:b0:30:52:50:57:0e:e5:
                    a6:95:22:54:8c:41:93:77:99:f3:96:ee:25:86:cb:
                    c9:50:61:29:ce:03:22:7d:a1:cd:25:f3:82:3e:b9:
                    c8:86:58:e4:05:67:7f:5c:2f:05:4f:51:3a:69:b8:
                    bc:27:56:17:3a:e2:2b:33:d2:b0:05:73:30:73:58:
                    2a:e7:97:13:41:11:88:eb:ee:da:4a:aa:5e:3c:03:
                    42:47:82:ca:12:4d:13:1e:2a:4a:a9:a5:00:b4:6e:
                    8b:7f:49:7b:dc:49:8b:96:b2:ac:ab:5a:5b:dc:6d:
                    81:df:9a:e7:a7:07:00:ae:23:d6:05:6a:3e:59:1f:
                    1e:70:2e:15:32:d4:97:63:ed:49:94:05:d2:5d:88:
                    56:c5:16:a8:5f:e7:d1:8c:63:35:cd:fd:27:2e:78:
                    cd:79:64:9a:18:42:6f:a2:4c:48:45:1c:2e:12:89:
                    08:ec:f6:9b:01:a2:f4:09:72:af:b4:da:ab:22:44:
                    a0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:90:ED:3C:FA:E7:B7:0B:8C:C2:21:EC:C0:11:3C:02:FD:10:C6:DC
            X509v3 Authority Key Identifier:
                keyid:6F:F1:A2:4E:7F:54:F2:EF:0C:60:5E:0E:06:FC:8A:46:C5:44:D6:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CBE4E/DB03F65A52C911EE90328F14C4F9AE02/b_GiTn9U8u8MYF4OBvyKRsVE1tM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_GiTn9U8u8MYF4OBvyKRsVE1tM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBE4E/DB03F65A52C911EE90328F14C4F9AE02/14E02ACCF3FC11EF966FB82FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.218.136.0/23
                IPv6:
                  2001:df2:ee40::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:1d:c7:c8:97:85:e3:cf:8d:b1:48:62:3e:b4:a2:2f:ac:79:
         1f:76:4a:92:78:79:51:de:1b:ec:96:40:d2:c2:38:32:ed:48:
         c0:e9:80:91:dd:a8:19:27:03:17:08:63:5a:4a:2a:5a:a7:ba:
         25:5d:ee:19:6f:74:d6:52:d5:02:25:53:fa:f7:21:3c:7f:db:
         02:33:99:2f:66:ad:6b:f5:95:45:bf:a8:d7:f0:54:2c:14:62:
         92:36:85:c0:f1:42:97:24:e1:44:86:bd:6a:67:25:be:d3:ed:
         b0:2d:0b:5d:eb:9f:17:1e:bd:24:fe:e5:38:b0:6d:c6:81:d2:
         82:32:4b:29:e2:27:d9:25:52:06:c0:aa:4a:f7:b9:37:a3:27:
         f4:1d:3b:65:32:f0:17:1f:55:48:38:dc:05:21:f2:ce:a0:77:
         3c:e6:48:67:df:0a:83:e3:e8:fb:b4:f4:1e:df:4d:c4:4c:da:
         0d:e1:a7:66:cb:c1:ea:26:b0:02:e3:84:03:9e:9b:fc:9d:58:
         50:a6:3c:4d:a5:41:ee:c0:7b:63:51:97:fb:f8:4f:54:f7:38:
         51:57:1c:c7:70:30:74:06:64:e6:58:88:23:4a:e1:74:d4:d3:
         b9:f6:56:f1:55:2f:d1:d2:af:49:16:c5:cb:e4:1e:cd:8c:ed:
         10:86:db:35
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICARYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0JFNEUxMTAvBgNVBAUTKDZGRjFBMjRFN0Y1NEYyRUYwQzYwNUUwRTA2RkM4QTQ2
QzU0NEQ2RDMwHhcNMjUwMjI2MDQ0MjI4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JlOWJiNC03OTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyeuGwstEE3B2pN0F6qrtLD/K8PiyAgE6mvlRgVQysDAD6C8eoD1OSp5ksvUe
82nQVo/crCRq+8OjDPu7drK3H3s/77AwUlBXDuWmlSJUjEGTd5nzlu4lhsvJUGEp
zgMifaHNJfOCPrnIhljkBWd/XC8FT1E6abi8J1YXOuIrM9KwBXMwc1gq55cTQRGI
6+7aSqpePANCR4LKEk0THipKqaUAtG6Lf0l73EmLlrKsq1pb3G2B35rnpwcAriPW
BWo+WR8ecC4VMtSXY+1JlAXSXYhWxRaoX+fRjGM1zf0nLnjNeWSaGEJvokxIRRwu
EokI7PabAaL0CXKvtNqrIkSgoQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOeQ7Tz6
57cLjMIh7MARPAL9EMbcMB8GA1UdIwQYMBaAFG/xok5/VPLvDGBeDgb8ikbFRNbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkU0RS9EQjAzRjY1QTUy
QzkxMUVFOTAzMjhGMTRDNEY5QUUwMi9iX0dpVG45VTh1OE1ZRjRPQnZ5S1JzVkUx
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfR2lUbjlVOHU4TVlGNE9CdnlLUnNWRTF0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0JFNEUvREIwM0Y2NUE1MkM5MTFFRTkwMzI4RjE0QzRGOUFFMDIvMTRFMDJBQ0NG
M0ZDMTFFRjk2NkZCODJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn2ogwDwQCAAIwCQMHACABDfLuQDANBgkqhkiG9w0BAQsF
AAOCAQEAdh3HyJeF48+NsUhiPrSiL6x5H3ZKknh5Ud4b7JZA0sI4Mu1IwOmAkd2o
GScDFwhjWkoqWqe6JV3uGW901lLVAiVT+vchPH/bAjOZL2ata/WVRb+o1/BULBRi
kjaFwPFClyThRIa9amclvtPtsC0LXeufFx69JP7lOLBtxoHSgjJLKeIn2SVSBsCq
Sve5N6Mn9B07ZTLwFx9VSDjcBSHyzqB3POZIZ98Kg+Po+7T0Ht9NxEzaDeGnZsvB
6iawAuOEA56b/J1YUKY8TaVB7sB7Y1GX+/hPVPc4UVccx3AwdAZk5liII0rhdNTT
ufZW8VUv0dKvSRbFy+QezYztEIbbNQ==
-----END CERTIFICATE-----