Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C87B72F203D411F0A45DE87CC4F9AE02.roa
File:                     C87B72F203D411F0A45DE87CC4F9AE02.roa (raw, json)
Hash identifier:          zO4x8jnvLSUiSXgrQEt7aw1ygQ7cpT3OtnkIhXq9cDU=
Subject key identifier:   D9:18:2D:E0:94:7B:23:9A:34:70:13:40:4B:9D:8C:32:15:42:50:30
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       24B2
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C87B72F203D411F0A45DE87CC4F9AE02.roa
Signing time:             Tue 18 Mar 2025 08:41:28 +0000
ROA not before:           Tue 18 Mar 2025 08:41:28 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        115.167.15.0/24 maxlen: 24
                          115.167.101.0/24 maxlen: 24
                          115.167.117.0/24 maxlen: 24
                          223.29.237.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 09:55:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9394 (0x24b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Mar 18 08:41:28 2025 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67d931b8-762e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:17:3f:bb:af:07:2a:67:f4:c9:2f:3a:ee:f1:
                    77:c0:10:a0:50:5c:e7:d3:5a:84:84:32:90:6e:f2:
                    92:95:80:bd:08:92:3b:4e:02:22:d2:ff:c4:18:77:
                    b4:81:bd:d0:64:de:97:8e:d4:5e:b5:98:62:b2:b6:
                    cc:e2:3a:56:84:fe:f3:3e:94:76:f5:41:97:65:6d:
                    04:89:2c:94:eb:f6:25:91:63:07:7d:76:52:07:b1:
                    46:c4:99:8d:ab:55:ee:2c:49:8e:39:82:7d:38:d1:
                    da:6b:60:64:5d:c4:07:5c:e8:c5:d5:23:ff:ae:39:
                    07:33:4d:83:be:86:30:87:b4:41:f3:55:2a:08:ea:
                    6c:ad:c6:c6:62:d8:c2:2c:7e:d6:39:75:99:9e:65:
                    ab:f9:fc:77:d3:ee:c5:46:c4:94:dc:fb:02:ae:8e:
                    bd:cb:66:b0:dd:7a:01:87:0c:71:3a:80:a0:2a:10:
                    40:9f:24:d2:41:0a:b1:bd:18:f8:09:08:02:b2:01:
                    28:17:96:58:b6:37:ac:4a:57:18:36:51:ce:61:b4:
                    ce:aa:55:04:99:60:8a:1b:2e:de:44:98:26:17:cf:
                    6d:00:a0:87:4c:d4:8a:b8:24:28:67:98:4c:55:5f:
                    08:ed:17:7f:60:fe:ae:3d:13:a7:db:65:81:b1:ec:
                    a1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:18:2D:E0:94:7B:23:9A:34:70:13:40:4B:9D:8C:32:15:42:50:30
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C87B72F203D411F0A45DE87CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.167.15.0/24
                  115.167.101.0/24
                  115.167.117.0/24
                  223.29.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:fe:8d:95:2e:c2:b2:1a:b9:a0:b2:e3:c9:c5:e0:b2:5a:0b:
         34:86:f7:12:be:39:e4:af:b9:c1:08:61:51:81:cd:01:01:49:
         a3:ac:1a:05:92:d5:d8:b8:90:cd:58:19:49:23:85:07:20:42:
         d3:13:6e:fd:12:99:18:d1:98:eb:fb:05:cb:b5:67:dc:0c:05:
         04:52:15:e7:dd:ac:0b:6b:99:82:ef:05:df:60:29:50:0f:05:
         b8:71:0d:b0:3d:52:c2:27:a7:6f:97:f7:52:13:4e:c1:ab:e7:
         35:3d:1a:ec:9f:3c:e5:4c:b7:ba:e6:17:e6:9e:5a:2e:9f:b8:
         cf:ec:c9:9e:f6:2b:0b:b5:29:e4:32:15:50:d6:db:1d:44:ee:
         a0:a7:34:31:ec:ba:3f:77:8d:66:b5:87:5b:fc:37:4c:c6:a0:
         19:a1:fa:8a:04:e1:d0:28:48:bf:ba:b8:72:f7:5d:d6:66:71:
         d7:81:18:5e:45:34:e4:a5:e2:68:13:78:3e:a9:5e:08:50:1c:
         15:8c:c5:2e:89:21:12:f8:40:42:05:91:4c:36:06:2a:e2:0e:
         9b:4a:de:2b:c4:d3:e4:ac:77:e4:48:81:0e:19:c1:c4:3d:e9:
         0a:16:f4:db:ae:46:8b:74:3e:9f:5c:b8:30:17:1a:e0:13:57:
         bf:bd:7d:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICJLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwMzE4MDg0MTI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5MzFiOC03NjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyBc/u68HKmf0yS867vF3wBCgUFzn01qEhDKQbvKSlYC9CJI7TgIi0v/EGHe0
gb3QZN6XjtRetZhisrbM4jpWhP7zPpR29UGXZW0EiSyU6/YlkWMHfXZSB7FGxJmN
q1XuLEmOOYJ9ONHaa2BkXcQHXOjF1SP/rjkHM02DvoYwh7RB81UqCOpsrcbGYtjC
LH7WOXWZnmWr+fx30+7FRsSU3PsCro69y2aw3XoBhwxxOoCgKhBAnyTSQQqxvRj4
CQgCsgEoF5ZYtjesSlcYNlHOYbTOqlUEmWCKGy7eRJgmF89tAKCHTNSKuCQoZ5hM
VV8I7Rd/YP6uPROn22WBseyhPQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNkYLeCU
eyOaNHATQEudjDIVQlAwMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQzg3QjcyRjIw
M0Q0MTFGMEE0NURFODdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABzpw8DBABzp2UDBABzp3UDBADfHe0wDQYJKoZIhvcNAQEL
BQADggEBAB/+jZUuwrIauaCy48nF4LJaCzSG9xK+OeSvucEIYVGBzQEBSaOsGgWS
1di4kM1YGUkjhQcgQtMTbv0SmRjRmOv7Bcu1Z9wMBQRSFefdrAtrmYLvBd9gKVAP
BbhxDbA9UsInp2+X91ITTsGr5zU9GuyfPOVMt7rmF+aeWi6fuM/syZ72Kwu1KeQy
FVDW2x1E7qCnNDHsuj93jWa1h1v8N0zGoBmh+ooE4dAoSL+6uHL3XdZmcdeBGF5F
NOSl4mgTeD6pXghQHBWMxS6JIRL4QEIFkUw2BiriDptK3ivE0+Ssd+RIgQ4ZwcQ9
6QoW9NuuRot0Pp9cuDAXGuATV7+9fec=
-----END CERTIFICATE-----