Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/779DDD6EC6A511EF9C7A8E0DC4F9AE02.roa
File:                     779DDD6EC6A511EF9C7A8E0DC4F9AE02.roa (raw, json)
Hash identifier:          QdJfc7njV4Z/PCSBq+rviKT/zSSSD0DhG1VzSgOYJFo=
Subject key identifier:   48:8D:21:DE:B2:F0:BA:DF:5A:61:58:EA:9A:F1:5E:9B:D6:6B:C1:88
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       20ED
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/779DDD6EC6A511EF9C7A8E0DC4F9AE02.roa
Signing time:             Mon 30 Dec 2024 11:59:05 +0000
ROA not before:           Mon 30 Dec 2024 11:59:05 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     55154
IP address blocks:        43.226.225.0/24 maxlen: 24
                          43.226.226.0/24 maxlen: 24
                          43.226.227.0/24 maxlen: 24
                          115.167.15.0/24 maxlen: 24
                          175.110.111.0/24 maxlen: 24
                          180.178.165.0/24 maxlen: 24
                          180.178.167.0/24 maxlen: 24
                          180.178.168.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 31 Dec 2024 07:45:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8429 (0x20ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Dec 30 11:59:05 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67728b09-b9e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7f:89:2a:f9:51:7a:95:89:92:32:81:c7:3c:
                    75:e3:b6:dc:65:c8:3f:c7:cb:e9:f4:22:79:55:d8:
                    11:85:0f:b3:b8:12:dc:34:93:c9:9c:4a:46:3f:a7:
                    7e:8a:a7:64:17:cc:96:25:f0:c5:62:40:cf:94:59:
                    61:92:c7:52:9c:3e:25:7c:bc:af:d3:8d:59:61:d4:
                    ad:13:e3:87:e9:dc:9b:47:8c:95:71:6b:11:9a:27:
                    15:9e:06:ba:b8:c6:89:27:9b:48:a3:42:f7:95:4e:
                    d0:0d:9a:4c:a6:75:bd:0d:d4:cb:ae:34:b9:9d:91:
                    6b:40:95:09:03:9a:d3:b1:ae:6c:66:6a:19:26:8f:
                    9f:a9:93:1d:35:10:2e:8e:0e:9d:56:dc:c5:13:55:
                    3b:98:e3:a2:8e:36:4e:5f:2f:c6:78:3f:e5:0e:19:
                    b9:ee:73:39:ae:eb:2b:86:ec:63:b7:8a:3f:60:75:
                    5e:31:2f:5a:6b:ae:84:fa:c3:8c:dc:43:41:34:b3:
                    06:48:ea:ab:c4:06:4e:0a:d6:a4:cc:f5:55:f8:dc:
                    ac:c4:65:9f:e3:5c:62:6c:e7:d4:4b:b7:07:fb:71:
                    6d:bc:a5:2d:67:c4:b9:7b:92:f1:37:f7:d9:94:99:
                    55:d4:a1:30:70:cf:73:68:a1:de:b5:8b:2d:30:71:
                    63:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:8D:21:DE:B2:F0:BA:DF:5A:61:58:EA:9A:F1:5E:9B:D6:6B:C1:88
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/779DDD6EC6A511EF9C7A8E0DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.226.225.0-43.226.227.255
                  115.167.15.0/24
                  175.110.111.0/24
                  180.178.165.0/24
                  180.178.167.0-180.178.168.255

    Signature Algorithm: sha256WithRSAEncryption
         77:5a:c7:2b:50:86:35:30:40:f1:cf:9c:46:9b:39:5c:e5:c6:
         7a:8f:78:66:08:58:c8:06:b8:b5:51:0a:96:0d:69:9d:45:8e:
         e8:02:55:19:23:09:f9:fd:21:09:3f:22:85:1c:83:1f:12:a2:
         16:cd:e2:e8:fd:4a:70:57:b3:71:c8:d1:48:1f:e1:04:a1:d3:
         f2:98:38:a6:1a:dc:90:41:d4:25:2a:af:bb:cb:a5:a4:66:8c:
         1f:4a:0d:74:b0:f5:77:fc:31:c0:da:39:b8:01:92:10:d7:d2:
         72:d0:fe:e2:e1:5e:86:30:e9:5f:b7:d7:14:62:40:9d:2a:ab:
         81:a9:cd:68:08:83:96:14:18:88:c3:f6:50:33:d3:b4:b1:24:
         6f:46:0d:ca:f2:f3:68:2f:5b:20:dd:5b:07:0c:30:76:9d:01:
         aa:75:6e:26:7d:e0:3a:0e:ff:36:c9:ba:c0:18:66:3d:0f:e1:
         75:be:ad:7e:0f:9a:e5:83:82:3a:f7:8d:87:41:67:a5:b1:91:
         3e:41:b6:33:c4:cf:ff:1b:03:64:07:59:9d:63:35:f9:0d:f1:
         e8:87:ef:11:d5:7a:43:d7:0c:67:22:c5:fb:ca:8b:24:6a:1a:
         b4:63:34:75:64:d0:52:18:99:f2:ab:d2:7f:19:6b:46:fe:f7:
         b7:5c:25:cd
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICIO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMjMwMTE1OTA1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyOGIwOS1iOWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArn+JKvlRepWJkjKBxzx147bcZcg/x8vp9CJ5VdgRhQ+zuBLcNJPJnEpGP6d+
iqdkF8yWJfDFYkDPlFlhksdSnD4lfLyv041ZYdStE+OH6dybR4yVcWsRmicVnga6
uMaJJ5tIo0L3lU7QDZpMpnW9DdTLrjS5nZFrQJUJA5rTsa5sZmoZJo+fqZMdNRAu
jg6dVtzFE1U7mOOijjZOXy/GeD/lDhm57nM5rusrhuxjt4o/YHVeMS9aa66E+sOM
3ENBNLMGSOqrxAZOCtakzPVV+NysxGWf41xibOfUS7cH+3FtvKUtZ8S5e5LxN/fZ
lJlV1KEwcM9zaKHetYstMHFjVQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEiNId6y
8LrfWmFY6prxXpvWa8GIMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNzc5RERENkVD
NkE1MTFFRjlDN0E4RTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEACvi4QMEAivi4AMEAHOnDwMEAK9ubwMEALSypTAMAwQA
tLKnAwQAtLKoMA0GCSqGSIb3DQEBCwUAA4IBAQB3WscrUIY1MEDxz5xGmzlc5cZ6
j3hmCFjIBri1UQqWDWmdRY7oAlUZIwn5/SEJPyKFHIMfEqIWzeLo/UpwV7NxyNFI
H+EEodPymDimGtyQQdQlKq+7y6WkZowfSg10sPV3/DHA2jm4AZIQ19Jy0P7i4V6G
MOlft9cUYkCdKquBqc1oCIOWFBiIw/ZQM9O0sSRvRg3K8vNoL1sg3VsHDDB2nQGq
dW4mfeA6Dv82ybrAGGY9D+F1vq1+D5rlg4I6942HQWelsZE+QbYzxM//GwNkB1md
YzX5DfHoh+8R1XpD1wxnIsX7yoskahq0YzR1ZNBSGJnyq9J/GWtG/ve3XCXN
-----END CERTIFICATE-----