Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/33CE9F44F29A11EF8326535AC4F9AE02.roa
File:                     33CE9F44F29A11EF8326535AC4F9AE02.roa (raw, json)
Hash identifier:          7VizR7SztpOmm4ZjUqEM1MftuyUlWWbPZBd/KQGYQwM=
Subject key identifier:   CD:5B:2D:94:0F:E1:0A:83:F0:F5:63:71:F6:CF:A6:AF:0E:BD:61:37
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       23E0
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/33CE9F44F29A11EF8326535AC4F9AE02.roa
Signing time:             Mon 24 Feb 2025 10:30:28 +0000
ROA not before:           Mon 24 Feb 2025 10:30:28 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     208485
IP address blocks:        103.151.26.0/24 maxlen: 24
                          113.203.246.0/24 maxlen: 24
                          113.203.255.0/24 maxlen: 24
                          115.167.56.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Wed 26 Feb 2025 04:58:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9184 (0x23e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Feb 24 10:30:28 2025 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67bc4a44-26a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:19:2f:66:6e:1c:bf:39:56:7e:d0:8a:7b:87:
                    b9:f2:e0:ce:73:f6:5b:1a:01:ff:6e:6c:19:36:ca:
                    ee:b8:b1:a7:46:0f:dc:05:6a:3f:50:2e:e2:b9:70:
                    ce:ea:7d:93:3d:00:9b:1c:b0:38:8a:09:ca:53:52:
                    5e:f5:e0:8c:79:39:b7:55:57:97:46:12:f2:77:c5:
                    af:00:5d:be:81:1c:51:f8:28:9a:67:d3:a2:32:85:
                    b8:64:92:85:61:ff:aa:73:c9:2b:fe:f1:01:51:b1:
                    27:62:70:6b:b4:e2:b7:d8:da:44:0f:bc:ed:0b:f9:
                    49:64:03:9c:a2:96:7a:93:71:18:a8:1e:5f:4c:fe:
                    56:d9:a0:e1:43:db:e1:2f:63:78:07:37:9a:a3:62:
                    c0:f1:2f:bd:70:39:fc:2d:57:9c:85:30:29:bf:e1:
                    0d:47:31:a2:85:26:ea:98:3b:7b:f7:a8:ac:1c:12:
                    78:0f:1d:5d:49:d5:cc:2a:de:2a:9b:72:eb:98:f0:
                    5a:c1:a9:fa:1b:bb:72:50:c4:fa:44:d7:ac:0d:30:
                    a8:e3:3c:a0:7a:cf:a8:d9:3c:25:42:89:54:3b:dd:
                    36:c1:66:56:a3:9d:ae:3c:32:10:d6:08:c3:f4:8b:
                    a3:7c:0c:4a:5e:9d:a2:4c:cf:b7:a8:63:03:1b:18:
                    e7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:5B:2D:94:0F:E1:0A:83:F0:F5:63:71:F6:CF:A6:AF:0E:BD:61:37
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/33CE9F44F29A11EF8326535AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.26.0/24
                  113.203.246.0/24
                  113.203.255.0/24
                  115.167.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:5c:e8:e8:06:9f:1a:9e:79:10:dd:5d:3e:7e:d1:68:72:9c:
         12:0e:61:c6:34:73:41:ef:c5:6b:5a:49:00:da:e1:4a:37:d0:
         6c:04:65:36:6f:ca:9a:16:26:43:ac:28:93:eb:9f:69:c0:fe:
         50:bb:c1:7d:cb:eb:31:2d:b2:e3:0d:7b:31:9d:1b:1c:52:fb:
         41:e0:13:b2:cd:cd:bd:8e:b8:60:22:7a:2f:de:99:de:17:45:
         0f:13:84:57:0d:b1:b2:2b:d1:e3:c5:51:6c:5d:0e:60:c0:36:
         31:da:06:99:41:37:01:a6:88:81:0f:7d:a1:c7:1b:ba:f1:a0:
         a8:de:7b:db:01:e8:ad:ca:27:99:c3:13:ad:88:ac:33:d4:b1:
         b9:2f:35:c2:28:9c:05:ec:64:7c:32:db:38:e1:d4:75:9d:0d:
         67:20:74:96:c2:87:6d:03:f2:a7:68:4e:22:f6:95:37:0d:97:
         5e:6b:82:09:1d:21:f6:55:90:4a:6d:b0:4c:7f:bd:02:83:25:
         3c:6b:4f:da:44:af:ad:7c:86:83:ec:16:ba:dd:bf:42:00:ff:
         8f:c3:18:dd:44:66:da:c1:b4:3d:a5:ac:58:30:29:85:8c:4e:
         66:36:48:d3:39:f8:64:3a:31:ea:8f:16:2d:92:9f:c4:20:44:
         9b:c8:0b:c4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICI+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMjI0MTAzMDI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JjNGE0NC0yNmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhkvZm4cvzlWftCKe4e58uDOc/ZbGgH/bmwZNsruuLGnRg/cBWo/UC7iuXDO
6n2TPQCbHLA4ignKU1Je9eCMeTm3VVeXRhLyd8WvAF2+gRxR+CiaZ9OiMoW4ZJKF
Yf+qc8kr/vEBUbEnYnBrtOK32NpED7ztC/lJZAOcopZ6k3EYqB5fTP5W2aDhQ9vh
L2N4Bzeao2LA8S+9cDn8LVechTApv+ENRzGihSbqmDt796isHBJ4Dx1dSdXMKt4q
m3LrmPBawan6G7tyUMT6RNesDTCo4zyges+o2TwlQolUO902wWZWo52uPDIQ1gjD
9IujfAxKXp2iTM+3qGMDGxjnfQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM1bLZQP
4QqD8PVjcfbPpq8OvWE3MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMzNDRTlGNDRG
MjlBMTFFRjgzMjY1MzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnlxoDBABxy/YDBABxy/8DBAJzpzgwDQYJKoZIhvcNAQEL
BQADggEBACFc6OgGnxqeeRDdXT5+0WhynBIOYcY0c0HvxWtaSQDa4Uo30GwEZTZv
ypoWJkOsKJPrn2nA/lC7wX3L6zEtsuMNezGdGxxS+0HgE7LNzb2OuGAiei/emd4X
RQ8ThFcNsbIr0ePFUWxdDmDANjHaBplBNwGmiIEPfaHHG7rxoKjee9sB6K3KJ5nD
E62IrDPUsbkvNcIonAXsZHwy2zjh1HWdDWcgdJbCh20D8qdoTiL2lTcNl15rggkd
IfZVkEptsEx/vQKDJTxrT9pEr618hoPsFrrdv0IA/4/DGN1EZtrBtD2lrFgwKYWM
TmY2SNM5+GQ6MeqPFi2Sn8QgRJvIC8Q=
-----END CERTIFICATE-----