Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/49DE552E393911EF8DD6460EC4F9AE02.roa
File:                     49DE552E393911EF8DD6460EC4F9AE02.roa (raw, json)
Hash identifier:          1IrRq0XEqzIKBqttV4dbVVUo+Bp7MiTpA0C72LcRF3c=
Subject key identifier:   85:9B:43:A6:41:99:FD:10:C9:26:57:AB:B1:59:6F:86:84:B7:5A:E4
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       1441
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/49DE552E393911EF8DD6460EC4F9AE02.roa
Signing time:             Wed 03 Jul 2024 12:39:29 +0000
ROA not before:           Wed 03 Jul 2024 12:39:29 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     138241
IP address blocks:        115.167.49.0/24 maxlen: 24
                          115.167.60.0/22 maxlen: 22
                          115.167.65.0/24 maxlen: 24
                          115.167.124.0/24 maxlen: 24
                          175.110.68.0/22 maxlen: 22
                          175.110.80.0/22 maxlen: 22
                          180.178.142.0/24 maxlen: 24
                          223.29.225.0/24 maxlen: 24
                          223.29.227.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 04 Jul 2024 05:43:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5185 (0x1441)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Jul  3 12:39:29 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=66854680-26fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2a:16:bd:6c:21:90:75:f3:80:7b:c6:df:55:
                    c8:36:0d:17:7f:43:0a:38:85:36:c7:c9:31:88:42:
                    17:09:29:2d:ab:13:1c:55:bb:99:ce:c7:57:35:59:
                    2f:13:06:0f:fc:0c:fc:49:91:6d:fd:a9:32:8d:f6:
                    d9:65:71:71:a8:7a:16:75:02:5f:58:06:20:d3:8d:
                    37:60:bf:26:bf:87:9a:55:45:af:f2:10:94:c7:8f:
                    3a:7b:8c:5e:98:06:6d:72:da:ec:bf:d7:06:5a:96:
                    f4:24:eb:52:7a:bf:10:1f:4d:07:f3:91:c7:15:0b:
                    28:29:ef:21:ad:e2:64:d8:6f:5b:15:1a:22:be:db:
                    9d:a0:0e:95:fc:ca:b2:bc:4a:44:52:e9:7b:3b:b5:
                    80:42:0a:66:e8:14:ec:3b:ab:44:d0:b4:ca:3d:c8:
                    3a:5d:e9:fb:d5:58:7e:ba:07:b6:f0:20:1d:db:06:
                    0a:99:21:83:ab:46:15:aa:90:05:18:d7:38:ed:55:
                    a7:e5:35:01:97:96:5f:e9:8c:87:30:9f:59:5a:fd:
                    d0:23:73:93:45:27:d6:6f:92:4f:7c:0f:1c:0c:b5:
                    2b:8d:db:97:2f:0e:c6:51:a0:ff:ff:7a:d4:d6:f2:
                    af:8f:0a:58:b2:b3:a0:82:7a:14:07:03:32:81:7f:
                    c2:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:9B:43:A6:41:99:FD:10:C9:26:57:AB:B1:59:6F:86:84:B7:5A:E4
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/49DE552E393911EF8DD6460EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.167.49.0/24
                  115.167.60.0/22
                  115.167.65.0/24
                  115.167.124.0/24
                  175.110.68.0/22
                  175.110.80.0/22
                  180.178.142.0/24
                  223.29.225.0/24
                  223.29.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:8f:ec:5d:e5:79:77:b5:7d:36:b4:2c:05:d5:e5:5b:90:fc:
         c2:d0:16:2f:ca:51:5f:83:de:ab:1e:33:46:05:27:17:61:a5:
         61:61:57:a7:58:51:b0:1f:f6:15:de:28:c0:72:73:d2:66:31:
         48:d7:e7:f9:f9:2c:87:1a:68:a3:a2:7c:99:51:ae:b2:0d:a4:
         8d:4e:73:a9:82:d0:e6:87:e5:fa:49:11:c0:87:6a:46:32:db:
         30:38:0a:1f:47:8b:0f:c5:b7:fb:6c:e4:99:26:5d:b0:07:73:
         5e:d5:85:37:b5:5d:e7:d5:78:c4:10:de:53:60:88:7c:4e:1f:
         75:7c:a3:79:fa:a7:a4:e9:e3:34:42:23:ca:72:cc:a9:94:b4:
         d2:dd:73:fa:c0:e9:b5:d0:0f:cf:5d:82:d0:a2:f7:46:70:6e:
         c9:db:dd:54:a7:07:5d:cb:c2:33:3e:cb:69:cd:b3:96:00:f8:
         7b:cb:f0:27:5e:0c:8a:7e:9e:f8:b2:33:f0:5b:c6:07:9b:96:
         83:72:44:b9:b0:32:8b:74:67:c1:16:32:f2:97:4e:33:5b:43:
         5e:08:ab:86:57:df:80:8d:6d:9d:15:d9:e8:fc:72:38:7f:4e:
         87:58:5e:a1:f0:6e:f0:9a:17:5d:32:94:2c:78:1b:0e:89:ea:
         59:66:65:48
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICFEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNzAzMTIzOTI5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg1NDY4MC0yNmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCoWvWwhkHXzgHvG31XINg0Xf0MKOIU2x8kxiEIXCSktqxMcVbuZzsdXNVkv
EwYP/Az8SZFt/akyjfbZZXFxqHoWdQJfWAYg0403YL8mv4eaVUWv8hCUx486e4xe
mAZtctrsv9cGWpb0JOtSer8QH00H85HHFQsoKe8hreJk2G9bFRoivtudoA6V/Mqy
vEpEUul7O7WAQgpm6BTsO6tE0LTKPcg6Xen71Vh+uge28CAd2wYKmSGDq0YVqpAF
GNc47VWn5TUBl5Zf6YyHMJ9ZWv3QI3OTRSfWb5JPfA8cDLUrjduXLw7GUaD//3rU
1vKvjwpYsrOggnoUBwMygX/C5QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFIWbQ6ZB
mf0QySZXq7FZb4aEt1rkMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDlERTU1MkUz
OTM5MTFFRjhERDY0NjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBABzpzEDBAJzpzwDBABzp0EDBABzp3wDBAKvbkQDBAKvblAD
BAC0so4DBADfHeEDBADfHeMwDQYJKoZIhvcNAQELBQADggEBAAKP7F3leXe1fTa0
LAXV5VuQ/MLQFi/KUV+D3qseM0YFJxdhpWFhV6dYUbAf9hXeKMByc9JmMUjX5/n5
LIcaaKOifJlRrrINpI1Oc6mC0OaH5fpJEcCHakYy2zA4Ch9Hiw/Ft/ts5JkmXbAH
c17VhTe1XefVeMQQ3lNgiHxOH3V8o3n6p6Tp4zRCI8pyzKmUtNLdc/rA6bXQD89d
gtCi90Zwbsnb3VSnB13LwjM+y2nNs5YA+HvL8CdeDIp+nviyM/BbxgebloNyRLmw
Mot0Z8EWMvKXTjNbQ14Iq4ZX34CNbZ0V2ej8cjh/TodYXqHwbvCaF10ylCx4Gw6J
6llmZUg=
-----END CERTIFICATE-----