Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE9860A0A1AE11EFB03BE733C4F9AE02.roa
File:                     DE9860A0A1AE11EFB03BE733C4F9AE02.roa (raw, json)
Hash identifier:          YkRUnvotIfPqBecWvJRfKFGJSwlct8TWlbhxsVmmKo8=
Subject key identifier:   DC:24:EB:7F:08:29:9C:F6:97:15:CE:53:C3:21:A9:D2:66:D5:6B:FE
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       1C96
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE9860A0A1AE11EFB03BE733C4F9AE02.roa
Signing time:             Wed 13 Nov 2024 11:16:36 +0000
ROA not before:           Wed 13 Nov 2024 11:16:36 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        113.203.208.0/24 maxlen: 24
                          113.203.212.0/24 maxlen: 24
                          113.203.233.0/24 maxlen: 24
                          113.203.242.0/24 maxlen: 24
                          113.203.245.0/24 maxlen: 24
                          115.167.6.0/24 maxlen: 24
                          115.167.16.0/22 maxlen: 22
                          115.167.102.0/24 maxlen: 24
                          175.110.64.0/22 maxlen: 22
                          175.110.89.0/24 maxlen: 24
                          175.110.91.0/24 maxlen: 24
                          180.178.146.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 19 Nov 2024 07:51:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7318 (0x1c96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Nov 13 11:16:36 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67348a94-6c3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:46:1d:24:c4:72:7a:2d:d3:8f:2c:1e:ad:dc:
                    c0:52:6e:cd:83:86:18:84:87:fa:ea:38:08:31:b3:
                    5b:4a:34:01:f4:92:51:d7:59:4c:87:1f:c6:15:7b:
                    fe:b3:cd:ff:b7:07:5d:32:6b:b0:06:b5:14:0e:dd:
                    fc:41:ff:e9:e3:92:e4:e5:c2:b1:34:cb:7a:6c:da:
                    ad:9f:be:3b:77:4a:97:79:d5:7a:de:13:60:8d:b7:
                    54:d0:6b:db:f1:87:dd:89:35:9d:13:2e:51:2f:ec:
                    21:95:53:ee:57:3a:40:94:57:89:6a:f8:27:8e:ab:
                    3a:32:bd:33:b7:6f:46:c1:fc:83:92:45:90:81:d1:
                    ce:0e:2a:6d:96:e9:91:5e:d4:37:2d:9c:2b:58:a5:
                    0d:e7:00:1c:2f:05:a0:3b:f0:05:93:84:87:3a:81:
                    50:b1:b1:be:6f:e1:a0:27:c6:12:87:93:03:2f:28:
                    dc:d6:be:14:f9:43:fe:3d:9c:e0:da:c0:f8:e0:41:
                    f8:32:d0:3c:87:c9:91:b2:86:f6:f9:a8:aa:a7:45:
                    8b:bf:b3:57:a8:6c:c5:28:22:57:75:13:1a:a6:bb:
                    d9:6c:6a:2e:0c:1f:3e:61:45:c4:32:e4:fd:e5:ab:
                    48:95:a8:b5:75:1d:ab:1b:f5:ca:10:5a:5b:4e:f3:
                    98:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:24:EB:7F:08:29:9C:F6:97:15:CE:53:C3:21:A9:D2:66:D5:6B:FE
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE9860A0A1AE11EFB03BE733C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.208.0/24
                  113.203.212.0/24
                  113.203.233.0/24
                  113.203.242.0/24
                  113.203.245.0/24
                  115.167.6.0/24
                  115.167.16.0/22
                  115.167.102.0/24
                  175.110.64.0/22
                  175.110.89.0/24
                  175.110.91.0/24
                  180.178.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:18:66:45:5e:1b:6e:7a:92:b4:cc:ed:d4:8e:2f:c5:05:4e:
         93:79:cc:29:2f:2a:fc:f3:ca:15:6d:7a:5e:ef:e8:fe:06:46:
         be:60:b2:da:58:79:de:1d:e1:ea:38:d2:7b:60:43:a7:f7:46:
         bd:bc:59:81:0a:a8:4c:ee:53:40:a2:69:a2:54:29:5c:1a:47:
         ac:cf:98:8b:31:86:02:4a:fb:0e:ad:f0:df:91:40:ab:be:f1:
         5c:f7:43:a6:a1:3c:65:32:08:6a:37:65:d2:fc:3f:93:4f:8c:
         e9:a0:94:7a:a8:df:96:8e:3c:b9:46:8d:64:3a:e2:93:57:0a:
         2f:03:4f:7e:5c:61:84:7e:e2:3b:1a:45:64:a5:a5:5d:87:18:
         47:7d:7d:b9:77:e9:07:8c:85:b2:82:72:68:dd:84:b6:b2:97:
         f1:0c:a4:9a:8e:6a:47:b3:3a:22:5f:b5:da:6b:cc:d0:44:12:
         49:d0:8b:1e:d9:29:1e:94:9d:3d:b8:b8:94:a3:08:49:d6:23:
         7d:8f:c3:1e:fa:73:0c:3b:e1:76:d8:f7:00:1c:d5:d7:ab:3e:
         5c:73:86:25:41:d0:2e:90:a9:4c:f6:e6:bb:bc:c0:d4:0d:ee:
         4b:ee:60:b2:ec:4e:dd:29:8f:87:76:7f:14:16:fd:89:6e:14:
         8b:e4:9f:6a
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICHJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTEzMTExNjM2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM0OGE5NC02YzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA40YdJMRyei3TjywerdzAUm7Ng4YYhIf66jgIMbNbSjQB9JJR11lMhx/GFXv+
s83/twddMmuwBrUUDt38Qf/p45Lk5cKxNMt6bNqtn747d0qXedV63hNgjbdU0Gvb
8YfdiTWdEy5RL+whlVPuVzpAlFeJavgnjqs6Mr0zt29GwfyDkkWQgdHODiptlumR
XtQ3LZwrWKUN5wAcLwWgO/AFk4SHOoFQsbG+b+GgJ8YSh5MDLyjc1r4U+UP+PZzg
2sD44EH4MtA8h8mRsob2+aiqp0WLv7NXqGzFKCJXdRMaprvZbGouDB8+YUXEMuT9
5atIlai1dR2rG/XKEFpbTvOYWQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFNwk638I
KZz2lxXOU8MhqdJm1Wv+MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvREU5ODYwQTBB
MUFFMTFFRkIwM0JFNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBABxy9ADBABxy9QDBABxy+kDBABxy/IDBABxy/UDBABzpwYD
BAJzpxADBABzp2YDBAKvbkADBACvblkDBACvblsDBAC0spIwDQYJKoZIhvcNAQEL
BQADggEBACoYZkVeG256krTM7dSOL8UFTpN5zCkvKvzzyhVtel7v6P4GRr5gstpY
ed4d4eo40ntgQ6f3Rr28WYEKqEzuU0CiaaJUKVwaR6zPmIsxhgJK+w6t8N+RQKu+
8Vz3Q6ahPGUyCGo3ZdL8P5NPjOmglHqo35aOPLlGjWQ64pNXCi8DT35cYYR+4jsa
RWSlpV2HGEd9fbl36QeMhbKCcmjdhLayl/EMpJqOakezOiJftdprzNBEEknQix7Z
KR6UnT24uJSjCEnWI32Pwx76cww74XbY9wAc1derPlxzhiVB0C6QqUz25ru8wNQN
7kvuYLLsTt0pj4d2fxQW/YluFIvkn2o=
-----END CERTIFICATE-----