Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2FB3A63AC0F311EFBE625E63C4F9AE02.roa
File:                     2FB3A63AC0F311EFBE625E63C4F9AE02.roa (raw, json)
Hash identifier:          ZyRTrXDLFvzOB+xJPjBseXwWzj6eSKe9/G5f6Cyf6k8=
Subject key identifier:   4E:1A:F4:B8:AB:EA:0E:6E:59:75:FD:9C:E5:14:C6:E6:23:A4:2C:83
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       201F
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2FB3A63AC0F311EFBE625E63C4F9AE02.roa
Signing time:             Mon 23 Dec 2024 06:00:18 +0000
ROA not before:           Mon 23 Dec 2024 06:00:18 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     205220
IP address blocks:        113.203.226.0/24 maxlen: 24
                          113.203.228.0/24 maxlen: 24
                          113.203.244.0/24 maxlen: 24
                          113.203.252.0/22 maxlen: 22
                          115.167.119.0/24 maxlen: 24
                          175.110.90.0/24 maxlen: 24
                          202.92.18.0/24 maxlen: 24
                          202.92.20.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 30 Dec 2024 11:19:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8223 (0x201f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Dec 23 06:00:18 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6768fc72-ac1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:74:17:8c:d9:f6:d4:0e:86:73:52:fc:8c:96:
                    ab:0c:c3:f1:76:c1:30:ae:76:0b:9f:81:a0:5e:cd:
                    02:1f:6f:ad:58:14:2e:14:b7:66:33:c7:8c:fa:c0:
                    7d:7d:99:c4:1d:21:1f:bd:ca:98:c6:2e:6d:a6:17:
                    7b:51:21:07:2f:e2:43:c7:2b:22:9c:d8:d8:dc:76:
                    3a:97:fb:e4:16:cc:e2:6d:10:4e:1b:30:41:f5:b8:
                    b3:53:94:5b:1e:f9:ab:76:d9:33:91:ad:39:83:45:
                    61:7d:45:19:d9:2c:c4:82:39:a7:6f:ce:dd:c8:ab:
                    fa:3f:f1:f0:4c:ef:83:2b:5a:0f:7a:14:9a:1d:81:
                    0b:64:58:a9:f6:59:5a:35:74:0f:1e:d1:11:ef:4f:
                    4f:39:a7:68:cd:31:69:de:96:20:ff:68:b1:5b:9d:
                    68:19:25:74:dc:4a:40:c4:fe:0b:63:78:e6:a5:52:
                    60:bb:46:8c:1a:8d:ae:3b:07:b1:85:8c:d0:2d:dc:
                    02:d2:7c:16:72:c0:34:05:0c:75:c2:46:03:ba:20:
                    92:ea:d1:f3:23:0c:67:6e:6c:93:97:61:40:2a:12:
                    17:f6:e9:06:c9:c0:20:74:94:7c:0a:58:90:f7:92:
                    26:72:02:e3:53:bd:0f:af:98:ed:25:da:bd:b3:36:
                    e4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1A:F4:B8:AB:EA:0E:6E:59:75:FD:9C:E5:14:C6:E6:23:A4:2C:83
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2FB3A63AC0F311EFBE625E63C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.226.0/24
                  113.203.228.0/24
                  113.203.244.0/24
                  113.203.252.0/22
                  115.167.119.0/24
                  175.110.90.0/24
                  202.92.18.0/24
                  202.92.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:62:54:73:5d:3e:78:23:99:e4:ef:3b:29:60:79:f2:c9:cb:
         4e:eb:52:f9:e6:1f:bf:fe:20:26:21:bb:b6:2c:7f:72:87:50:
         c1:84:53:9a:12:dc:14:aa:a3:dc:ae:56:63:52:02:a8:2b:7a:
         3a:ab:5a:78:ce:54:d2:35:84:94:96:ea:34:da:de:99:56:17:
         d8:67:f9:5e:a3:b6:93:82:b8:87:6a:a7:5c:ce:12:b9:99:d7:
         d7:60:85:c4:cc:bb:92:8c:8d:f9:2f:41:59:f6:3b:0a:01:06:
         8f:19:bc:0a:17:c2:6c:b9:a1:f5:58:72:9c:64:78:aa:a8:5e:
         78:b8:82:0b:d4:e3:49:5f:88:49:4c:64:e3:12:73:15:6a:d2:
         a8:69:8a:bf:0c:36:a0:a8:2e:25:52:e5:c1:e8:c9:53:59:1e:
         47:ba:a1:e1:ca:be:7c:97:25:28:7f:ae:0c:13:eb:57:5a:34:
         d4:61:79:0a:ab:4f:aa:44:08:43:29:41:6c:ec:b6:8b:aa:ad:
         fb:89:d9:9a:3a:95:62:66:ca:ea:9c:f6:66:a8:25:a0:79:a5:
         a2:b3:0e:30:54:3b:d3:c2:7a:53:b4:18:82:41:ba:90:d2:26:
         34:b6:4a:4c:c8:12:57:26:85:32:63:e9:d0:56:7f:22:a9:8a:
         c5:56:5d:ac
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICIB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjIzMDYwMDE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4ZmM3Mi1hYzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunQXjNn21A6Gc1L8jJarDMPxdsEwrnYLn4GgXs0CH2+tWBQuFLdmM8eM+sB9
fZnEHSEfvcqYxi5tphd7USEHL+JDxysinNjY3HY6l/vkFszibRBOGzBB9bizU5Rb
Hvmrdtkzka05g0VhfUUZ2SzEgjmnb87dyKv6P/HwTO+DK1oPehSaHYELZFip9lla
NXQPHtER709POadozTFp3pYg/2ixW51oGSV03EpAxP4LY3jmpVJgu0aMGo2uOwex
hYzQLdwC0nwWcsA0BQx1wkYDuiCS6tHzIwxnbmyTl2FAKhIX9ukGycAgdJR8CliQ
95ImcgLjU70Pr5jtJdq9szbkeQIDAQABo4ICvzCCArswHQYDVR0OBBYEFE4a9Lir
6g5uWXX9nOUUxuYjpCyDMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMkZCM0E2M0FD
MEYzMTFFRkJFNjI1RTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBABxy+IDBABxy+QDBABxy/QDBAJxy/wDBABzp3cDBACvbloD
BADKXBIDBADKXBQwDQYJKoZIhvcNAQELBQADggEBAHdiVHNdPngjmeTvOylgefLJ
y07rUvnmH7/+ICYhu7Ysf3KHUMGEU5oS3BSqo9yuVmNSAqgrejqrWnjOVNI1hJSW
6jTa3plWF9hn+V6jtpOCuIdqp1zOErmZ19dghcTMu5KMjfkvQVn2OwoBBo8ZvAoX
wmy5ofVYcpxkeKqoXni4ggvU40lfiElMZOMScxVq0qhpir8MNqCoLiVS5cHoyVNZ
Hke6oeHKvnyXJSh/rgwT61daNNRheQqrT6pECEMpQWzstouqrfuJ2Zo6lWJmyuqc
9maoJaB5paKzDjBUO9PCelO0GIJBupDSJjS2SkzIElcmhTJj6dBWfyKpisVWXaw=
-----END CERTIFICATE-----