Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3367926907511EFBBD8C936C4F9AE02.roa
File:                     D3367926907511EFBBD8C936C4F9AE02.roa (raw, json)
Hash identifier:          LZin/1QzxMdYf50cFC15jv0VX9Z7qCGddZN8Ngf8pMQ=
Subject key identifier:   65:43:74:AD:E2:97:9A:01:0C:05:58:FC:87:D1:E3:BB:E4:8E:04:83
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       18D5
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3367926907511EFBBD8C936C4F9AE02.roa
Signing time:             Tue 22 Oct 2024 13:02:00 +0000
ROA not before:           Tue 22 Oct 2024 13:02:00 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     138241
IP address blocks:        43.226.224.0/22 maxlen: 24
                          103.11.63.0/24 maxlen: 24
                          113.203.252.0/22 maxlen: 24
                          115.167.96.0/22 maxlen: 24
                          115.167.125.0/24 maxlen: 24
                          180.178.142.0/24 maxlen: 24
                          180.178.152.0/21 maxlen: 24
                          180.178.176.0/22 maxlen: 24
                          180.178.180.0/22 maxlen: 24
                          180.178.184.0/22 maxlen: 24
                          202.92.26.0/24 maxlen: 24
                          223.29.235.0/24 maxlen: 24
                          223.29.239.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 23 Oct 2024 11:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6357 (0x18d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Oct 22 13:02:00 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=6717a248-a50a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8a:81:6e:d5:5d:c9:26:2b:50:fa:dc:6d:63:
                    bb:66:5d:7e:68:8b:3a:55:c9:39:36:a7:84:ef:cb:
                    d9:cc:78:bb:cf:0e:5a:0b:d0:2d:52:c1:e7:ae:60:
                    a4:d5:11:0c:ce:4a:65:e7:c1:14:58:54:8b:6d:89:
                    db:d3:88:69:59:35:16:a4:6d:7e:70:df:b4:7b:d7:
                    13:b0:64:3f:f4:13:3d:94:2f:f2:a0:a1:bd:18:86:
                    ec:82:35:40:c7:fb:aa:ee:e4:f4:e0:72:48:01:75:
                    77:fb:6e:94:2c:e9:87:d6:ea:fb:f7:d9:18:06:23:
                    25:ef:e6:4a:28:ea:d9:02:bc:15:69:a7:ee:41:ff:
                    ff:5f:77:de:d0:cc:fe:bd:51:db:93:49:4c:af:96:
                    72:90:ce:bb:58:d5:8e:3d:c1:90:f7:85:15:19:df:
                    50:0b:24:d7:85:17:25:42:18:b1:f8:38:f6:dd:19:
                    61:40:71:cb:04:f4:a7:5c:4f:4e:73:51:5e:7b:fc:
                    1a:1c:b3:59:b4:ce:f7:09:8e:35:1e:31:81:03:ae:
                    ac:45:91:b4:80:46:16:24:dd:e9:e7:4b:3d:67:6b:
                    e0:af:c0:4a:78:e3:9c:98:bc:04:e2:08:c2:5c:d7:
                    1f:6c:ec:39:eb:9a:11:0f:c5:81:c2:a3:b6:fa:20:
                    3b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:43:74:AD:E2:97:9A:01:0C:05:58:FC:87:D1:E3:BB:E4:8E:04:83
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/D3367926907511EFBBD8C936C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.226.224.0/22
                  103.11.63.0/24
                  113.203.252.0/22
                  115.167.96.0/22
                  115.167.125.0/24
                  180.178.142.0/24
                  180.178.152.0/21
                  180.178.176.0-180.178.187.255
                  202.92.26.0/24
                  223.29.235.0/24
                  223.29.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:46:f5:e1:78:a7:8d:c9:ae:f0:76:5c:b5:2a:df:8a:12:3c:
         c5:23:33:56:8b:59:d5:52:f4:0f:e6:01:a5:73:72:0c:a9:ea:
         29:e3:eb:93:24:86:e1:9d:99:3c:23:a0:7a:9e:45:6b:e2:aa:
         5a:77:85:86:eb:c0:57:89:55:b6:73:ba:64:2a:c2:78:ac:a2:
         65:c4:ee:56:da:85:ab:38:9a:95:61:92:f5:74:47:46:97:1c:
         da:b4:63:17:31:bb:a8:8a:e9:ee:f7:3c:fb:ef:e9:21:e3:8a:
         a1:3d:1b:33:bd:fe:86:71:c2:39:ed:e4:07:28:00:12:c0:16:
         f2:6f:66:b9:8e:46:0d:4a:35:81:04:dc:59:7a:cd:85:ab:38:
         14:97:10:90:ad:66:a0:00:86:2c:c4:94:0e:6b:de:a3:29:1a:
         8d:8d:4a:07:b2:5e:15:d3:4a:b5:99:56:57:f9:88:32:d9:98:
         cc:16:21:45:13:4e:24:53:fc:08:cb:94:36:eb:ee:38:c5:ad:
         4a:6d:a8:06:45:ce:02:49:82:23:3e:83:ae:fb:a9:35:42:91:
         3f:2f:62:f3:24:5b:10:24:c4:d7:f3:4d:dc:7d:a2:9d:14:21:
         d6:35:87:4d:bf:7c:5a:9a:ae:82:fa:54:91:62:b9:06:e3:32:
         a4:c6:25:d9
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICGNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDIyMTMwMjAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE3YTI0OC1hNTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoqBbtVdySYrUPrcbWO7Zl1+aIs6Vck5NqeE78vZzHi7zw5aC9AtUsHnrmCk
1REMzkpl58EUWFSLbYnb04hpWTUWpG1+cN+0e9cTsGQ/9BM9lC/yoKG9GIbsgjVA
x/uq7uT04HJIAXV3+26ULOmH1ur799kYBiMl7+ZKKOrZArwVaafuQf//X3fe0Mz+
vVHbk0lMr5ZykM67WNWOPcGQ94UVGd9QCyTXhRclQhix+Dj23RlhQHHLBPSnXE9O
c1Fee/waHLNZtM73CY41HjGBA66sRZG0gEYWJN3p50s9Z2vgr8BKeOOcmLwE4gjC
XNcfbOw565oRD8WBwqO2+iA7dQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFGVDdK3i
l5oBDAVY/IfR47vkjgSDMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRDMzNjc5MjY5
MDc1MTFFRkJCRDhDOTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAIr4uADBABnCz8DBAJxy/wDBAJzp2ADBABzp30DBAC0so4D
BAO0spgwDAMEBLSysAMEArSyuAMEAMpcGgMEAN8d6wMEAN8d7zANBgkqhkiG9w0B
AQsFAAOCAQEAbkb14Xinjcmu8HZctSrfihI8xSMzVotZ1VL0D+YBpXNyDKnqKePr
kySG4Z2ZPCOgep5Fa+KqWneFhuvAV4lVtnO6ZCrCeKyiZcTuVtqFqzialWGS9XRH
Rpcc2rRjFzG7qIrp7vc8++/pIeOKoT0bM73+hnHCOe3kBygAEsAW8m9muY5GDUo1
gQTcWXrNhas4FJcQkK1moACGLMSUDmveoykajY1KB7JeFdNKtZlWV/mIMtmYzBYh
RRNOJFP8CMuUNuvuOMWtSm2oBkXOAkmCIz6DrvupNUKRPy9i8yRbECTE1/NN3H2i
nRQh1jWHTb98WpqugvpUkWK5BuMypMYl2Q==
-----END CERTIFICATE-----