Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/4D86EB72DCDA11EC97E4BC48C4F9AE02.roa
File:                     4D86EB72DCDA11EC97E4BC48C4F9AE02.roa (raw, json)
Hash identifier:          PgL9j7BhIYD2T3Wfnln9B8r0qZtGlTZPYPMCtQw+BYw=
Subject key identifier:   42:32:F5:40:BF:C4:72:A0:4B:BD:DD:3E:83:B1:E3:26:08:B3:C1:44
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       23E6
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/4D86EB72DCDA11EC97E4BC48C4F9AE02.roa
Signing time:             Mon 24 Feb 2025 12:49:49 +0000
ROA not before:           Mon 24 Feb 2025 12:49:49 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     13213
IP address blocks:        115.167.7.0/24 maxlen: 24
                          115.167.20.0/22 maxlen: 22
                          115.167.48.0/24 maxlen: 24
                          115.167.51.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 26 Feb 2025 11:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9190 (0x23e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Feb 24 12:49:49 2025 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67bc6aed-4ad7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:06:83:ff:a8:5f:d4:74:bd:b2:cb:31:a3:93:
                    27:27:23:87:66:6a:ca:c0:33:38:eb:33:0f:71:82:
                    3b:c9:9d:d4:cf:da:cd:ef:b2:de:ff:ae:23:58:1e:
                    81:fa:d0:7b:54:84:62:89:30:b2:9b:f0:e1:76:c7:
                    c2:46:be:4c:41:f6:8f:df:b7:68:9f:6e:ee:37:30:
                    52:7a:01:8f:6c:cb:fa:8e:b3:d0:f1:8a:0a:11:7e:
                    06:83:86:68:43:1f:a6:91:ce:86:ed:31:0d:7e:3e:
                    fb:b8:c1:dc:41:6f:8c:4c:4e:ac:a1:59:f6:02:cf:
                    27:c1:1e:f8:9e:28:10:f1:a7:bb:35:35:d7:d4:25:
                    e7:29:ff:ec:95:5d:8f:ba:bf:09:03:13:88:8f:e9:
                    33:32:4d:11:8d:d5:99:a0:2f:8a:4b:e4:7d:5c:12:
                    24:89:d8:21:37:21:5f:e8:c0:23:ee:a4:42:5b:12:
                    35:5d:0f:c9:03:37:4f:de:43:97:a3:7e:f3:19:fe:
                    a2:00:21:a0:74:a7:ad:4f:f6:8e:6d:a7:ae:ec:f3:
                    b4:d9:8a:1a:57:b6:b6:7d:37:bb:4f:ac:0b:32:c5:
                    a2:8b:6b:1a:45:f3:e4:fb:77:c5:3b:33:c1:d7:73:
                    be:4f:60:fc:52:66:52:95:8e:de:a8:2c:54:ae:51:
                    f4:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:32:F5:40:BF:C4:72:A0:4B:BD:DD:3E:83:B1:E3:26:08:B3:C1:44
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/4D86EB72DCDA11EC97E4BC48C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.167.7.0/24
                  115.167.20.0/22
                  115.167.48.0/24
                  115.167.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:f7:e5:0d:d7:96:8e:43:d7:7e:ec:64:a1:7d:9d:f9:e6:bc:
         5c:7e:fd:29:cd:30:7e:02:14:5c:75:ff:bd:4a:7f:3d:9f:ed:
         5c:15:22:61:41:8c:f4:67:ae:2b:d3:45:ec:b1:be:da:00:f2:
         7d:70:d5:09:17:65:06:93:83:11:e8:7c:32:fc:c3:14:ba:05:
         89:77:c8:eb:35:5d:63:46:6d:10:b4:90:c5:67:e7:58:6f:d7:
         dd:90:f8:5c:6b:13:1d:e0:cb:c5:85:df:7e:83:bf:fc:da:07:
         a0:10:69:15:bf:91:7c:3a:07:f7:8f:de:c9:a0:29:46:c0:a9:
         4a:99:58:96:0d:6a:6a:af:fa:f0:76:e0:94:d1:95:b0:cf:6d:
         cc:46:71:c4:86:43:a0:db:eb:00:c5:1c:d6:f1:b1:19:a6:c7:
         bd:11:2c:c1:2a:1e:bc:ae:f6:20:46:a0:d1:13:3c:c0:d9:52:
         b6:93:27:bb:ec:fc:39:e8:91:37:c2:05:37:3e:3f:2f:fb:37:
         34:0f:6c:61:25:27:75:49:d3:05:66:6c:76:79:87:1e:c4:33:
         55:f5:47:e6:7d:bf:25:c1:51:d5:1f:a7:37:3e:4d:b4:58:43:
         7c:60:dc:8d:e4:34:f2:a2:9f:41:67:97:10:76:45:94:fd:03:
         75:be:24:64
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICI+YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMjI0MTI0OTQ5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JjNmFlZC00YWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQaD/6hf1HS9sssxo5MnJyOHZmrKwDM46zMPcYI7yZ3Uz9rN77Le/64jWB6B
+tB7VIRiiTCym/DhdsfCRr5MQfaP37don27uNzBSegGPbMv6jrPQ8YoKEX4Gg4Zo
Qx+mkc6G7TENfj77uMHcQW+MTE6soVn2As8nwR74nigQ8ae7NTXX1CXnKf/slV2P
ur8JAxOIj+kzMk0RjdWZoC+KS+R9XBIkidghNyFf6MAj7qRCWxI1XQ/JAzdP3kOX
o37zGf6iACGgdKetT/aObaeu7PO02YoaV7a2fTe7T6wLMsWii2saRfPk+3fFOzPB
13O+T2D8UmZSlY7eqCxUrlH03QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFEIy9UC/
xHKgS73dPoOx4yYIs8FEMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNEQ4NkVCNzJE
Q0RBMTFFQzk3RTRCQzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABzpwcDBAJzpxQDBABzpzADBABzpzMwDQYJKoZIhvcNAQEL
BQADggEBAKD35Q3Xlo5D137sZKF9nfnmvFx+/SnNMH4CFFx1/71Kfz2f7VwVImFB
jPRnrivTReyxvtoA8n1w1QkXZQaTgxHofDL8wxS6BYl3yOs1XWNGbRC0kMVn51hv
192Q+FxrEx3gy8WF336Dv/zaB6AQaRW/kXw6B/eP3smgKUbAqUqZWJYNamqv+vB2
4JTRlbDPbcxGccSGQ6Db6wDFHNbxsRmmx70RLMEqHryu9iBGoNETPMDZUraTJ7vs
/DnokTfCBTc+Py/7NzQPbGElJ3VJ0wVmbHZ5hx7EM1X1R+Z9vyXBUdUfpzc+TbRY
Q3xg3I3kNPKin0FnlxB2RZT9A3W+JGQ=
-----END CERTIFICATE-----