Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5AE7CA7E062C11F0A9E11B6FC4F9AE02.roa
File:                     5AE7CA7E062C11F0A9E11B6FC4F9AE02.roa (raw, json)
Hash identifier:          2W5d3nmBu40/XULu219FAuQFLJSag8ieQKDKpyrJ17o=
Subject key identifier:   1A:4C:07:22:7A:C4:8F:33:B6:7F:6A:1D:1A:72:86:D9:6E:5D:AE:08
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       4A69
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5AE7CA7E062C11F0A9E11B6FC4F9AE02.roa
Signing time:             Mon 21 Apr 2025 09:58:18 +0000
ROA not before:           Mon 21 Apr 2025 09:58:18 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     152992
IP address blocks:        103.6.234.0/23 maxlen: 24
                          103.183.112.0/23 maxlen: 24
                          2001:df4:3d40::/48 maxlen: 48
Validation:               Failed, certificate revoked on Fri 25 Apr 2025 02:25:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19049 (0x4a69)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Apr 21 09:58:18 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=680616b9-6193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:fc:77:a9:b2:42:61:a1:ef:9f:0b:a7:04:67:
                    f9:a1:ea:c5:b0:64:68:d7:0b:6b:33:a6:6a:4a:8d:
                    eb:68:e4:4c:dc:b5:90:50:2b:14:ec:02:af:d4:8f:
                    68:3c:bb:a8:9f:91:9e:fb:d1:1c:9e:7e:97:b1:26:
                    ea:4d:d3:b7:b3:a3:5b:c1:40:1d:26:4d:f8:f7:ee:
                    56:4b:e1:74:37:2d:92:05:79:59:43:28:a2:24:5e:
                    e7:be:92:96:c6:54:1c:18:a4:f6:b9:3c:1e:b7:4b:
                    38:f1:88:8d:ee:6a:e2:33:03:4d:14:8c:4f:71:cc:
                    20:eb:8f:92:ca:19:e5:57:f9:09:d2:85:ba:da:ad:
                    16:ba:bc:2f:25:ba:01:e6:d6:07:d4:1a:80:61:f9:
                    f7:16:91:70:dd:dc:8a:89:32:7d:87:49:96:93:be:
                    21:71:4a:30:8e:e1:69:a4:9f:d1:60:a4:c1:d9:86:
                    33:28:c1:dc:52:e2:b1:b3:d9:49:5a:37:d0:78:00:
                    ba:ce:f4:f4:2f:17:52:5a:b6:c3:09:1f:23:ec:32:
                    56:41:46:b8:f6:47:83:e3:8a:6d:b2:98:30:e0:09:
                    16:c8:aa:2b:65:cf:8c:96:86:92:0d:68:ef:e1:ee:
                    01:3f:22:86:03:44:c5:52:41:62:d2:16:1a:45:19:
                    8e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:4C:07:22:7A:C4:8F:33:B6:7F:6A:1D:1A:72:86:D9:6E:5D:AE:08
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5AE7CA7E062C11F0A9E11B6FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.6.234.0/23
                  103.183.112.0/23
                IPv6:
                  2001:df4:3d40::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:e6:14:80:60:e2:7e:06:e1:35:00:04:48:5f:19:d1:98:04:
         94:a3:30:de:f2:31:f2:70:bc:b2:46:b9:64:c2:57:f5:c9:e8:
         27:68:d1:cc:5c:d7:95:44:6f:be:27:b6:e8:e2:66:7b:da:43:
         67:79:4d:31:4c:52:86:72:be:0c:ee:10:b7:e2:52:ac:1b:73:
         6c:65:71:f0:9d:fc:10:51:e0:66:91:e7:be:75:32:2d:4d:2f:
         65:1d:4e:67:7b:86:5a:ab:26:06:0b:b0:4f:84:29:68:32:24:
         d1:84:d8:85:9c:be:40:39:9a:2d:26:13:fa:65:87:73:04:a1:
         f2:52:d7:4e:a3:d8:60:e8:f0:20:73:2e:90:a8:34:64:5f:31:
         8b:89:ae:3c:ae:87:c2:ba:da:17:1e:0e:98:81:22:55:f1:83:
         c5:2b:c8:b6:67:15:0a:b1:7c:2b:0c:37:e9:52:17:33:61:8e:
         36:bc:bc:1b:90:36:01:03:5f:e6:87:2c:97:df:0a:bb:ec:b7:
         8d:cb:15:68:e6:4d:ce:50:1c:3e:c6:cb:4b:99:50:05:48:0e:
         3b:bc:30:10:b1:92:42:95:fd:7a:2a:56:9f:95:12:b4:bd:47:
         74:34:60:45:43:0c:a8:25:19:3e:f3:9b:f5:98:64:29:c5:a2:
         2d:62:ca:b8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICSmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNDIxMDk1ODE4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA2MTZiOS02MTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvx3qbJCYaHvnwunBGf5oerFsGRo1wtrM6ZqSo3raORM3LWQUCsU7AKv1I9o
PLuon5Ge+9Ecnn6XsSbqTdO3s6NbwUAdJk349+5WS+F0Ny2SBXlZQyiiJF7nvpKW
xlQcGKT2uTwet0s48YiN7mriMwNNFIxPccwg64+SyhnlV/kJ0oW62q0WurwvJboB
5tYH1BqAYfn3FpFw3dyKiTJ9h0mWk74hcUowjuFppJ/RYKTB2YYzKMHcUuKxs9lJ
WjfQeAC6zvT0LxdSWrbDCR8j7DJWQUa49keD44ptspgw4AkWyKorZc+MloaSDWjv
4e4BPyKGA0TFUkFi0hYaRRmOSQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFBpMByJ6
xI8ztn9qHRpyhtluXa4IMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNUFFN0NBN0Uw
NjJDMTFGMEE5RTExQjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnBuoDBAFnt3AwDwQCAAIwCQMHACABDfQ9QDANBgkqhkiG
9w0BAQsFAAOCAQEAdeYUgGDifgbhNQAESF8Z0ZgElKMw3vIx8nC8ska5ZMJX9cno
J2jRzFzXlURvvie26OJme9pDZ3lNMUxShnK+DO4Qt+JSrBtzbGVx8J38EFHgZpHn
vnUyLU0vZR1OZ3uGWqsmBguwT4QpaDIk0YTYhZy+QDmaLSYT+mWHcwSh8lLXTqPY
YOjwIHMukKg0ZF8xi4muPK6HwrraFx4OmIEiVfGDxSvItmcVCrF8Kww36VIXM2GO
Nry8G5A2AQNf5ocsl98Ku+y3jcsVaOZNzlAcPsbLS5lQBUgOO7wwELGSQpX9eipW
n5UStL1HdDRgRUMMqCUZPvOb9ZhkKcWiLWLKuA==
-----END CERTIFICATE-----