Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/37591AAA6B5811EF9619A436C4F9AE02.roa
File:                     37591AAA6B5811EF9619A436C4F9AE02.roa (raw, json)
Hash identifier:          02gGB02SyA9O2LE62xWTSPDCBWC0WfyqA4ZrW71y+eg=
Subject key identifier:   95:14:25:5E:99:81:8B:E3:8C:79:10:61:11:2E:12:F0:C7:CA:B0:C6
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       150A
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/37591AAA6B5811EF9619A436C4F9AE02.roa
Signing time:             Thu 05 Sep 2024 07:26:50 +0000
ROA not before:           Thu 05 Sep 2024 07:26:50 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     6079
IP address blocks:        113.203.229.0/24 maxlen: 24
                          113.203.230.0/24 maxlen: 24
                          113.203.231.0/24 maxlen: 24
                          180.178.185.0/24 maxlen: 24
                          180.178.186.0/24 maxlen: 24
                          180.178.187.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 05 Sep 2024 16:17:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5386 (0x150a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Sep  5 07:26:50 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=66d95d3a-260f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b8:0d:95:e8:e7:53:d8:4b:9a:05:e6:d0:54:
                    e3:c2:92:91:79:88:d1:52:d9:47:d9:ae:a2:70:99:
                    1f:c9:07:66:a9:ea:90:35:20:a0:2f:ab:ab:23:6c:
                    57:fd:2f:4f:e3:30:48:52:4b:55:b8:09:22:59:f6:
                    8b:76:cf:d3:e3:2d:f7:41:7c:61:de:55:ee:c0:da:
                    3c:ce:9d:96:db:4c:8d:f9:30:25:7c:03:ac:e4:b7:
                    ea:ea:03:bc:cd:22:d3:36:c7:a2:cb:32:4d:03:07:
                    55:d1:7d:b3:11:af:b3:7c:4a:f2:8e:94:58:b4:bc:
                    b2:d3:b0:c3:52:43:a3:58:62:f0:40:1b:bf:61:cc:
                    b6:12:53:0b:69:ca:3f:33:e6:d9:3a:e8:fa:b4:ba:
                    e5:d5:0c:db:77:bb:ad:21:7c:04:52:fe:7c:1f:eb:
                    46:ad:85:d6:68:5e:e9:ff:53:bd:36:fb:73:e0:3d:
                    5d:fa:41:5b:76:e5:1b:46:fd:cb:45:5b:8f:e4:d6:
                    86:37:ba:a0:49:9d:9d:f8:16:00:3a:31:d4:b6:b4:
                    07:1b:f0:fa:a4:a9:de:a9:10:88:14:ee:3b:e9:21:
                    50:f7:62:33:bb:3f:22:1a:ad:52:a2:d3:67:48:51:
                    f7:7f:0b:52:8f:d0:fb:1b:24:0b:4c:71:8c:8b:df:
                    b7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:14:25:5E:99:81:8B:E3:8C:79:10:61:11:2E:12:F0:C7:CA:B0:C6
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/37591AAA6B5811EF9619A436C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.229.0-113.203.231.255
                  180.178.185.0-180.178.187.255

    Signature Algorithm: sha256WithRSAEncryption
         b6:f8:94:aa:31:4a:0d:dc:e2:a0:41:39:71:e1:68:3d:eb:4e:
         32:3f:53:31:9f:a7:a5:fd:a1:9a:50:71:48:6e:bd:f2:ba:18:
         f8:99:e7:a8:a2:f7:22:31:ca:ec:46:2a:df:2c:36:52:96:c0:
         95:c1:c9:d4:fa:91:24:8f:9b:d2:a1:53:97:51:dd:58:53:72:
         8c:f8:5d:a1:eb:18:9b:3f:b4:b8:bc:0d:83:b5:0d:0b:bf:ed:
         86:23:9f:b9:bc:6a:04:9d:0e:25:59:7b:32:9d:29:2e:e9:88:
         de:9c:bc:08:49:9c:e9:df:85:3a:53:4c:62:42:ea:af:de:cc:
         e4:1f:b2:6e:ee:be:88:c1:00:18:6e:37:cb:5c:c0:f1:8c:90:
         6c:7b:6f:e5:f9:8e:da:bb:a4:26:3b:20:ef:d4:80:a6:28:df:
         8f:df:4f:9a:80:cf:cd:2c:7c:ea:89:85:f0:fb:05:3f:3c:2c:
         9c:bd:77:72:15:01:60:80:ed:56:a6:66:da:97:3c:41:ba:11:
         0a:fc:68:a7:b1:11:57:00:fc:90:34:50:c1:6a:3e:a7:cb:4b:
         e4:1b:2e:8b:30:22:b9:d0:07:9e:b7:fd:50:62:08:9d:62:d7:
         57:c7:01:4d:f6:bc:bf:9c:84:13:9b:18:91:90:ba:2c:34:c8:
         59:03:3b:62
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICFQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwOTA1MDcyNjUwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5NWQzYS0yNjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAorgNlejnU9hLmgXm0FTjwpKReYjRUtlH2a6icJkfyQdmqeqQNSCgL6urI2xX
/S9P4zBIUktVuAkiWfaLds/T4y33QXxh3lXuwNo8zp2W20yN+TAlfAOs5Lfq6gO8
zSLTNseiyzJNAwdV0X2zEa+zfEryjpRYtLyy07DDUkOjWGLwQBu/Ycy2ElMLaco/
M+bZOuj6tLrl1Qzbd7utIXwEUv58H+tGrYXWaF7p/1O9Nvtz4D1d+kFbduUbRv3L
RVuP5NaGN7qgSZ2d+BYAOjHUtrQHG/D6pKneqRCIFO476SFQ92Izuz8iGq1SotNn
SFH3fwtSj9D7GyQLTHGMi9+3pQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJUUJV6Z
gYvjjHkQYREuEvDHyrDGMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMzc1OTFBQUE2
QjU4MTFFRjk2MTlBNDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAHHL5QMEA3HL4DAMAwQAtLK5AwQCtLK4MA0GCSqGSIb3
DQEBCwUAA4IBAQC2+JSqMUoN3OKgQTlx4Wg9604yP1Mxn6el/aGaUHFIbr3yuhj4
meeoovciMcrsRirfLDZSlsCVwcnU+pEkj5vSoVOXUd1YU3KM+F2h6xibP7S4vA2D
tQ0Lv+2GI5+5vGoEnQ4lWXsynSku6YjenLwISZzp34U6U0xiQuqv3szkH7Ju7r6I
wQAYbjfLXMDxjJBse2/l+Y7au6QmOyDv1ICmKN+P30+agM/NLHzqiYXw+wU/PCyc
vXdyFQFggO1WpmbalzxBuhEK/GinsRFXAPyQNFDBaj6ny0vkGy6LMCK50Aeet/1Q
YgidYtdXxwFN9ry/nIQTmxiRkLosNMhZAzti
-----END CERTIFICATE-----