Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/97F3D14844EC11F09F53687EC4F9AE02.roa
File:                     97F3D14844EC11F09F53687EC4F9AE02.roa (raw, json)
Hash identifier:          fNYl4lQvJVaS1IGx7O+r3WOftbmCBCZKIKM0IJ9pL3A=
Subject key identifier:   95:7A:42:B2:A9:E4:71:CD:26:7C:8B:19:19:53:1A:17:92:9B:B7:AC
Certificate issuer:       /CN=A91E4E32/serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
Certificate serial:       033B
Authority key identifier: A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/97F3D14844EC11F09F53687EC4F9AE02.roa
Signing time:             Mon 14 Jul 2025 05:58:22 +0000
ROA not before:           Mon 14 Jul 2025 05:58:22 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     834
IP address blocks:        103.26.8.0/24 maxlen: 24
                          103.26.11.0/24 maxlen: 24
                          103.243.117.0/24 maxlen: 24
                          103.243.119.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 07 Aug 2025 09:13:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 827 (0x33b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4E32, serialNumber=A185C0C574829C5FCD71445449E534CDAEF41396
        Validity
            Not Before: Jul 14 05:58:22 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=68749c7d-5be8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:50:2d:ee:20:fc:8d:47:59:b7:1c:99:72:
                    51:16:a3:90:8f:ae:2e:e7:f2:b3:21:48:57:da:e0:
                    43:44:cc:b3:4b:dc:b6:fb:8e:2c:9e:8d:27:54:89:
                    44:36:ab:68:03:22:21:4e:7d:f1:7d:2b:33:b8:69:
                    1e:b3:f7:7f:26:84:c5:da:eb:7a:9f:69:44:f6:a2:
                    b2:68:17:61:bf:bc:e5:b1:1f:c6:c4:c8:17:e3:60:
                    4b:3b:27:40:d2:0d:8b:14:b7:21:1e:8d:9e:fc:2f:
                    e3:1f:60:50:bd:80:44:49:33:e9:21:9a:82:c5:59:
                    f9:48:97:b1:b9:49:c3:60:9f:06:91:7f:1e:dd:dc:
                    fc:e1:b3:dc:01:de:1e:e4:c6:e3:5f:da:f0:80:ce:
                    01:d7:f2:0a:f7:d2:d4:6a:c0:c6:5d:1e:9f:e8:83:
                    72:0f:f2:35:02:19:63:29:e5:62:45:52:25:ae:d3:
                    2e:d1:cd:72:e9:cf:13:ae:cf:ec:7c:e4:f3:1a:68:
                    a5:bb:da:aa:9f:c7:fd:f2:0f:95:6f:3d:ca:42:bd:
                    df:01:9b:cd:c1:da:d0:00:95:a7:d6:1e:d9:6c:d4:
                    97:b7:0f:8e:96:ad:34:1f:92:2a:9c:2b:f6:47:03:
                    ef:8d:95:9f:2f:0f:f4:d2:26:40:ce:8f:66:18:cf:
                    39:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7A:42:B2:A9:E4:71:CD:26:7C:8B:19:19:53:1A:17:92:9B:B7:AC
            X509v3 Authority Key Identifier:
                keyid:A1:85:C0:C5:74:82:9C:5F:CD:71:44:54:49:E5:34:CD:AE:F4:13:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/oYXAxXSCnF_NcURUSeU0za70E5Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYXAxXSCnF_NcURUSeU0za70E5Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4E32/720959FC01C011EDBD7C6F58C4F9AE02/97F3D14844EC11F09F53687EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.26.8.0/24
                  103.26.11.0/24
                  103.243.117.0/24
                  103.243.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:92:0e:db:e7:87:fe:03:03:c8:d3:5a:47:8b:ce:10:68:fc:
         77:6c:58:ab:a9:ff:d4:e4:f2:d7:5c:94:34:bd:53:94:4d:e0:
         9e:d4:49:0e:c6:71:11:e8:d9:3e:af:77:98:4c:99:8a:57:b5:
         e1:e8:ae:7d:aa:b2:77:8f:9e:a0:e1:b4:0d:dd:84:3c:c5:6f:
         cc:da:5d:30:2d:7f:f6:ff:f1:a6:be:bd:eb:1d:06:0a:40:b9:
         de:5f:1a:b9:dd:c8:54:d5:f7:da:bd:aa:70:df:b5:46:85:10:
         4c:4d:63:e3:26:47:a8:75:58:90:fe:3a:6d:cb:61:54:32:a8:
         86:2b:23:ad:19:45:c1:74:f3:b2:6c:da:bb:0e:42:b9:37:34:
         72:f8:bf:5f:34:bc:98:77:ba:79:ae:59:a3:8e:dd:22:6c:0f:
         12:dd:3e:14:91:26:a7:15:5a:a4:75:1e:93:e2:34:ff:57:0c:
         cf:be:a5:49:95:aa:b7:94:c8:65:b0:68:d9:af:82:fc:1d:2e:
         43:e7:a5:1e:d8:e3:6c:79:63:2d:5e:93:34:35:0e:58:ed:e8:
         3f:7c:54:cc:d5:fa:90:10:66:92:46:0f:d9:76:2d:48:1d:2d:
         c1:e2:0c:28:81:59:15:6f:e6:6e:16:3b:81:40:d6:0a:b6:17:
         b0:7f:48:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFMzIxMTAvBgNVBAUTKEExODVDMEM1NzQ4MjlDNUZDRDcxNDQ1NDQ5RTUzNENE
QUVGNDEzOTYwHhcNMjUwNzE0MDU1ODIyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc0OWM3ZC01YmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyxhQLe4g/I1HWbccmXJRFqOQj64u5/KzIUhX2uBDRMyzS9y2+44sno0nVIlE
NqtoAyIhTn3xfSszuGkes/d/JoTF2ut6n2lE9qKyaBdhv7zlsR/GxMgX42BLOydA
0g2LFLchHo2e/C/jH2BQvYBESTPpIZqCxVn5SJexuUnDYJ8GkX8e3dz84bPcAd4e
5MbjX9rwgM4B1/IK99LUasDGXR6f6INyD/I1AhljKeViRVIlrtMu0c1y6c8Trs/s
fOTzGmilu9qqn8f98g+Vbz3KQr3fAZvNwdrQAJWn1h7ZbNSXtw+Olq00H5IqnCv2
RwPvjZWfLw/00iZAzo9mGM85zQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJV6QrKp
5HHNJnyLGRlTGheSm7esMB8GA1UdIwQYMBaAFKGFwMV0gpxfzXFEVEnlNM2u9BOW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEUzMi83MjA5NTlGQzAx
QzAxMUVEQkQ3QzZGNThDNEY5QUUwMi9vWVhBeFhTQ25GX05jVVJVU2VVMHphNzBF
NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ZWEF4WFNDbkZfTmNVUlVTZVUwemE3MEU1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFMzIvNzIwOTU5RkMwMUMwMTFFREJEN0M2RjU4QzRGOUFFMDIvOTdGM0QxNDg0
NEVDMTFGMDlGNTM2ODdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnGggDBABnGgsDBABn83UDBABn83cwDQYJKoZIhvcNAQEL
BQADggEBAHuSDtvnh/4DA8jTWkeLzhBo/HdsWKup/9Tk8tdclDS9U5RN4J7USQ7G
cRHo2T6vd5hMmYpXteHorn2qsnePnqDhtA3dhDzFb8zaXTAtf/b/8aa+vesdBgpA
ud5fGrndyFTV99q9qnDftUaFEExNY+MmR6h1WJD+Om3LYVQyqIYrI60ZRcF087Js
2rsOQrk3NHL4v180vJh3unmuWaOO3SJsDxLdPhSRJqcVWqR1HpPiNP9XDM++pUmV
qreUyGWwaNmvgvwdLkPnpR7Y42x5Yy1ekzQ1Dljt6D98VMzV+pAQZpJGD9l2LUgd
LcHiDCiBWRVv5m4WO4FA1gq2F7B/SAQ=
-----END CERTIFICATE-----