Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5C61F45AC9CE11EF878BE126C4F9AE02.roa
File:                     5C61F45AC9CE11EF878BE126C4F9AE02.roa (raw, json)
Hash identifier:          53aSGM0vOiQB4awgdGxRp8/AD1tCsCpVtUp1rQ/zciA=
Subject key identifier:   2C:4F:D8:AB:B6:6F:56:7C:5F:86:1C:A0:50:AA:6D:C2:E3:B6:4C:90
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       2135
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5C61F45AC9CE11EF878BE126C4F9AE02.roa
Signing time:             Fri 03 Jan 2025 12:31:45 +0000
ROA not before:           Fri 03 Jan 2025 12:31:45 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     206873
IP address blocks:        103.151.27.0/24 maxlen: 24
                          115.167.3.0/24 maxlen: 24
                          115.167.101.0/24 maxlen: 24
                          115.167.103.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 20 Jan 2025 06:12:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8501 (0x2135)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Jan  3 12:31:45 2025 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6777d8b1-7d76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:87:58:f9:9a:47:0e:1f:c3:b7:08:e2:76:8f:
                    54:3d:d4:d6:1b:8b:78:47:c0:8c:bc:a4:42:2a:4e:
                    6f:e4:4e:cf:db:41:19:3c:69:39:63:3c:ca:c5:f3:
                    8a:52:6c:8b:a1:ea:44:25:79:df:01:38:27:e5:c7:
                    ab:5c:dc:e3:a7:b9:ed:f9:d5:94:40:99:ef:82:7a:
                    87:04:e0:e2:4c:e8:ee:e2:dd:e7:1b:e7:97:86:6e:
                    cb:b1:63:6a:24:2d:83:45:f4:97:c0:8d:23:44:66:
                    77:58:fc:79:6f:94:20:b1:54:6d:35:01:0d:bd:82:
                    2e:c9:40:df:c6:d5:86:66:8f:2f:4c:ac:65:ae:2f:
                    32:a7:e7:a7:99:8a:e3:e1:44:89:24:38:da:2f:58:
                    c1:80:a8:b1:f4:cf:16:b9:12:f2:66:1b:b9:74:8e:
                    5d:30:6d:a1:ab:f8:5a:ca:54:da:4e:64:c1:80:0d:
                    81:a4:80:55:f5:a3:cf:40:f6:64:33:67:ad:64:e6:
                    3f:1c:d3:40:0b:01:eb:45:0f:5f:05:c8:c5:46:68:
                    ce:3c:42:13:5c:b9:78:fc:bd:37:bc:24:6a:b5:ce:
                    6c:36:70:5f:a1:bb:76:82:3e:99:e3:62:e7:fe:83:
                    59:17:a9:4e:52:4c:71:d6:55:e7:cd:4a:9e:a6:62:
                    1e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4F:D8:AB:B6:6F:56:7C:5F:86:1C:A0:50:AA:6D:C2:E3:B6:4C:90
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5C61F45AC9CE11EF878BE126C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.27.0/24
                  115.167.3.0/24
                  115.167.101.0/24
                  115.167.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:89:9e:01:59:7d:62:77:ec:ea:3c:d5:c7:6b:41:db:58:c3:
         4e:46:d6:89:0a:f7:ec:3e:b9:5a:09:49:7b:43:10:bb:4b:ea:
         43:c6:b2:17:5f:31:15:c7:b9:b8:56:ec:36:5d:f5:c0:67:5a:
         99:91:24:91:15:a0:65:18:36:08:3d:07:fd:54:b2:21:90:74:
         85:1d:d7:0e:9c:35:d5:3c:d6:67:2a:23:3d:dc:0d:a5:71:e5:
         84:51:45:42:1c:f1:3f:94:b8:a6:cd:17:a7:71:54:0a:d4:e2:
         d6:0a:3d:9c:41:67:9a:da:1d:3a:df:09:d5:f2:56:2f:49:8f:
         eb:66:d3:64:27:4a:fb:5f:04:fe:2b:cc:e9:31:60:71:98:48:
         7a:02:56:78:ca:38:0d:21:b5:23:1d:17:b3:ab:ca:58:c9:1e:
         93:ce:af:ac:af:6e:ff:36:50:ea:c0:46:0b:98:1b:dd:86:29:
         8b:ab:70:88:13:6f:48:f7:3b:9a:20:dc:df:41:c5:19:a4:d7:
         8e:ca:03:b0:43:66:3c:4f:60:e3:c8:78:64:98:2c:59:5d:04:
         b9:2a:78:56:c6:bb:72:38:13:2c:ce:3d:3d:48:dc:17:29:3c:
         0d:e2:50:e9:6f:12:5f:4d:41:c2:db:e6:d1:90:c4:01:d8:d3:
         2d:02:63:6e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICITUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMTAzMTIzMTQ1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3ZDhiMS03ZDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsIdY+ZpHDh/Dtwjido9UPdTWG4t4R8CMvKRCKk5v5E7P20EZPGk5YzzKxfOK
UmyLoepEJXnfATgn5cerXNzjp7nt+dWUQJnvgnqHBODiTOju4t3nG+eXhm7LsWNq
JC2DRfSXwI0jRGZ3WPx5b5QgsVRtNQENvYIuyUDfxtWGZo8vTKxlri8yp+enmYrj
4USJJDjaL1jBgKix9M8WuRLyZhu5dI5dMG2hq/haylTaTmTBgA2BpIBV9aPPQPZk
M2etZOY/HNNACwHrRQ9fBcjFRmjOPEITXLl4/L03vCRqtc5sNnBfobt2gj6Z42Ln
/oNZF6lOUkxx1lXnzUqepmIe/QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCxP2Ku2
b1Z8X4YcoFCqbcLjtkyQMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNUM2MUY0NUFD
OUNFMTFFRjg3OEJFMTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnlxsDBABzpwMDBABzp2UDBABzp2cwDQYJKoZIhvcNAQEL
BQADggEBAAmJngFZfWJ37Oo81cdrQdtYw05G1okK9+w+uVoJSXtDELtL6kPGshdf
MRXHubhW7DZd9cBnWpmRJJEVoGUYNgg9B/1UsiGQdIUd1w6cNdU81mcqIz3cDaVx
5YRRRUIc8T+UuKbNF6dxVArU4tYKPZxBZ5raHTrfCdXyVi9Jj+tm02QnSvtfBP4r
zOkxYHGYSHoCVnjKOA0htSMdF7OryljJHpPOr6yvbv82UOrARguYG92GKYurcIgT
b0j3O5og3N9BxRmk147KA7BDZjxPYOPIeGSYLFldBLkqeFbGu3I4EyzOPT1I3Bcp
PA3iUOlvEl9NQcLb5tGQxAHY0y0CY24=
-----END CERTIFICATE-----