Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/9261E554464611EE84B7C534C4F9AE02.roa
File:                     9261E554464611EE84B7C534C4F9AE02.roa (raw, json)
Hash identifier:          RQkpjAEPSIXuK/BiHvIA2kEzoD/SEAoinsprxJbyxW0=
Subject key identifier:   B4:87:9C:B9:E1:DB:2F:5C:CD:C4:D4:6E:74:0E:C4:E2:26:D4:14:7C
Certificate issuer:       /CN=A91C8BB4/serialNumber=1D1217EF8FE84B582551671BCA35E68448692497
Certificate serial:       0A7B
Authority key identifier: 1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/9261E554464611EE84B7C534C4F9AE02.roa
Signing time:             Sat 30 Aug 2025 20:11:35 +0000
ROA not before:           Sat 30 Aug 2025 20:11:35 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     58895
IP address blocks:        103.117.160.0/24 maxlen: 24
                          103.117.161.0/24 maxlen: 24
                          103.117.162.0/24 maxlen: 24
                          103.117.163.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 04 Nov 2025 14:10:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2683 (0xa7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8BB4, serialNumber=1D1217EF8FE84B582551671BCA35E68448692497
        Validity
            Not Before: Aug 30 20:11:35 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=68b35af6-72b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:16:46:e9:94:bc:1c:61:43:04:23:ac:b6:34:
                    28:d1:81:c1:90:b6:5d:ab:16:7e:3c:19:d3:08:8a:
                    8e:32:89:04:e7:43:6a:16:a2:ca:34:80:69:d1:01:
                    91:4c:38:0a:45:33:4d:37:6f:2f:f4:8e:11:69:b5:
                    68:62:d0:36:af:7c:3b:dc:c0:1e:97:db:5a:82:ee:
                    fe:77:4a:bb:20:d7:c6:fa:5b:98:3d:5c:e4:30:3f:
                    d8:74:10:c4:c2:5a:5c:b6:01:5f:79:1d:6e:fe:5f:
                    c8:8d:03:d8:f1:16:66:37:0f:bb:98:41:09:85:ad:
                    53:7f:7e:2f:79:60:6a:20:78:5e:47:05:a2:83:6d:
                    eb:17:f6:ee:c7:bf:7f:b1:77:50:1d:ef:c9:25:16:
                    dc:8e:a2:90:fe:fd:9e:fe:19:e9:c2:a9:21:c8:95:
                    db:79:15:0e:d7:25:ac:c2:ab:94:01:d9:fc:ea:f8:
                    aa:15:69:c9:d4:71:a5:c0:2b:78:00:32:ec:52:f4:
                    78:98:92:81:3d:91:5a:fb:47:e1:5a:b5:0b:85:81:
                    8c:a2:07:b4:5a:a5:81:76:6b:0c:9c:0a:1e:6a:1b:
                    d0:32:bc:83:29:9e:c9:ba:0d:de:f5:4f:68:e6:4f:
                    3e:99:38:ef:4b:13:fe:b6:5d:b5:b3:d0:90:77:62:
                    a0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:87:9C:B9:E1:DB:2F:5C:CD:C4:D4:6E:74:0E:C4:E2:26:D4:14:7C
            X509v3 Authority Key Identifier:
                keyid:1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/9261E554464611EE84B7C534C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:98:5d:11:e3:af:26:c3:f6:e9:52:55:16:51:96:44:94:bb:
         d8:30:e7:49:54:c5:44:66:58:87:2f:6a:88:74:64:f9:03:be:
         6f:f4:de:dc:aa:03:c3:a0:6b:76:5e:40:dc:08:41:5e:c2:91:
         7f:12:8f:84:0d:a4:b9:eb:0c:22:2e:b6:8b:0b:68:f6:b9:e7:
         3f:8c:6e:97:0a:01:aa:04:36:84:d0:62:c6:6e:a9:29:16:54:
         7e:e9:63:39:a2:78:cf:22:39:6e:99:8d:05:49:cd:93:c1:80:
         c3:45:77:e7:24:cc:7b:84:37:f6:da:58:61:52:4a:93:55:44:
         7a:49:21:10:ba:e9:d4:8f:d1:a8:e5:82:34:aa:46:57:72:10:
         75:b2:e0:a5:a5:db:dd:16:91:c6:bf:3c:a7:49:10:b2:5a:19:
         49:34:8a:a6:ee:ed:c8:80:a2:7a:6d:95:b2:0f:50:a9:2a:0b:
         7e:4a:77:85:b3:f8:12:3d:a0:a7:db:bc:1e:7b:ba:7a:92:ad:
         15:de:07:a0:75:98:39:dc:e5:6c:cf:22:1a:82:de:97:d0:ec:
         c8:5b:d8:45:6a:21:0b:b1:46:73:32:68:b2:e3:2b:7d:27:02:
         7f:4c:04:c8:71:e2:19:d6:ad:43:5c:1d:3e:a6:59:37:6b:09:
         53:a0:8e:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhCQjQxMTAvBgNVBAUTKDFEMTIxN0VGOEZFODRCNTgyNTUxNjcxQkNBMzVFNjg0
NDg2OTI0OTcwHhcNMjUwODMwMjAxMTM1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIzNWFmNi03MmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzBZG6ZS8HGFDBCOstjQo0YHBkLZdqxZ+PBnTCIqOMokE50NqFqLKNIBp0QGR
TDgKRTNNN28v9I4RabVoYtA2r3w73MAel9tagu7+d0q7INfG+luYPVzkMD/YdBDE
wlpctgFfeR1u/l/IjQPY8RZmNw+7mEEJha1Tf34veWBqIHheRwWig23rF/bux79/
sXdQHe/JJRbcjqKQ/v2e/hnpwqkhyJXbeRUO1yWswquUAdn86viqFWnJ1HGlwCt4
ADLsUvR4mJKBPZFa+0fhWrULhYGMoge0WqWBdmsMnAoeahvQMryDKZ7Jug3e9U9o
5k8+mTjvSxP+tl21s9CQd2Kg8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLSHnLnh
2y9czcTUbnQOxOIm1BR8MB8GA1UdIwQYMBaAFB0SF++P6EtYJVFnG8o15oRIaSSX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEJCNC9EOTU0QkFCRTY5
QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1MxZ2xVV2NieWpYbWhFaHBK
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hSSVg3NF9vUzFnbFVXY2J5alhtaEVocEpKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhCQjQvRDk1NEJBQkU2OUI3MTFFQTg4RTcyRTU5QzRGOUFFMDIvOTI2MUU1NTQ0
NjQ2MTFFRTg0QjdDNTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndaAwDQYJKoZIhvcNAQELBQADggEBABiYXRHjrybD9ulS
VRZRlkSUu9gw50lUxURmWIcvaoh0ZPkDvm/03tyqA8Oga3ZeQNwIQV7CkX8Sj4QN
pLnrDCIutosLaPa55z+MbpcKAaoENoTQYsZuqSkWVH7pYzmieM8iOW6ZjQVJzZPB
gMNFd+ckzHuEN/baWGFSSpNVRHpJIRC66dSP0ajlgjSqRldyEHWy4KWl290Wkca/
PKdJELJaGUk0iqbu7ciAonptlbIPUKkqC35Kd4Wz+BI9oKfbvB57unqSrRXeB6B1
mDnc5WzPIhqC3pfQ7Mhb2EVqIQuxRnMyaLLjK30nAn9MBMhx4hnWrUNcHT6mWTdr
CVOgjiI=
-----END CERTIFICATE-----