Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EDE82A92977011EF8EA73174C4F9AE02.roa
File:                     EDE82A92977011EF8EA73174C4F9AE02.roa (raw, json)
Hash identifier:          Q7Xe7HXEId8+2MKsMcceYY22PfeNFdpPUU1Ne1yhTXQ=
Subject key identifier:   DD:33:1A:69:8C:AF:C0:E7:15:A6:77:8A:C0:86:E8:30:41:20:D3:C8
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       1B23
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EDE82A92977011EF8EA73174C4F9AE02.roa
Signing time:             Thu 31 Oct 2024 11:21:25 +0000
ROA not before:           Thu 31 Oct 2024 11:21:25 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        115.167.29.0/24 maxlen: 24
                          115.167.30.0/24 maxlen: 24
                          115.167.31.0/24 maxlen: 24
                          115.167.48.0/24 maxlen: 24
                          115.167.64.0/24 maxlen: 24
                          115.167.66.0/24 maxlen: 24
                          115.167.73.0/24 maxlen: 24
                          115.167.77.0/24 maxlen: 24
                          115.167.125.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 04 Nov 2024 11:30:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6947 (0x1b23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Oct 31 11:21:25 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67236835-576d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:00:5b:cf:ff:47:3e:a0:60:5c:74:19:df:79:
                    f8:ef:9f:8a:f9:dd:11:38:c1:18:a3:de:83:95:8e:
                    50:ec:cd:d5:53:df:71:d5:d6:bf:ff:74:f3:87:25:
                    58:a6:fc:c4:88:45:a2:6b:00:a4:67:53:a4:c4:ab:
                    f9:8e:81:f1:55:0a:d3:11:fa:1a:c3:03:b5:87:c2:
                    b1:6b:89:08:82:65:17:95:f8:d3:10:f8:91:9b:f0:
                    a4:90:e8:3d:17:ab:29:28:80:7f:f6:c5:75:75:a2:
                    80:7d:ab:62:2e:c0:14:19:aa:61:f5:ae:9a:74:82:
                    8c:c7:df:c3:38:d2:13:2e:34:0b:a6:8e:22:5d:8e:
                    15:34:cb:7a:ac:7f:50:be:11:31:5d:49:ea:d0:37:
                    61:fa:44:d5:4f:c5:07:1f:87:52:d1:7b:8e:66:81:
                    07:cc:0c:7a:e7:5c:a1:10:04:d5:bc:b8:a7:15:0e:
                    be:63:f3:1e:fb:92:6c:9b:22:a5:c2:9c:cb:b0:69:
                    92:4b:25:74:b1:05:f0:a8:9a:ab:45:b0:0b:e2:09:
                    0a:b0:09:88:e0:3d:35:d6:74:76:25:77:40:76:df:
                    8d:70:05:ec:23:a7:46:a1:a7:40:06:79:39:d5:da:
                    13:86:fb:25:aa:f5:02:6c:a3:97:9d:e4:ac:68:46:
                    58:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:33:1A:69:8C:AF:C0:E7:15:A6:77:8A:C0:86:E8:30:41:20:D3:C8
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EDE82A92977011EF8EA73174C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.167.29.0-115.167.31.255
                  115.167.48.0/24
                  115.167.64.0/24
                  115.167.66.0/24
                  115.167.73.0/24
                  115.167.77.0/24
                  115.167.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:e5:65:29:bb:d4:60:74:42:e3:4d:d4:b6:cc:a4:aa:f3:f3:
         e5:3a:5f:bf:73:28:3d:31:23:9c:c7:e4:7a:8f:21:81:98:2a:
         ea:8e:ec:88:19:82:a5:08:a7:81:30:5e:bb:02:2d:14:38:15:
         5c:a9:90:90:c1:62:24:0e:08:2e:3b:25:48:98:89:8c:74:e2:
         da:c0:a8:64:e0:df:ca:24:4e:c6:aa:77:05:30:78:ad:b5:ab:
         8c:1d:0d:47:71:8f:10:f3:75:81:d0:67:f1:e4:3e:f2:f5:b9:
         e2:1a:1d:d3:85:54:2e:3a:b0:47:1f:94:76:eb:36:68:aa:8f:
         c0:ed:0d:0c:58:8a:54:ed:5d:10:a1:04:4b:94:d1:55:a5:17:
         12:3a:61:5c:ac:e3:31:c8:4f:06:2c:49:a4:f9:06:ac:52:e7:
         97:29:f9:9c:5e:a9:3f:51:ab:45:63:33:db:ff:17:fd:da:e6:
         ac:7c:fb:e9:0e:5f:c7:49:7e:5f:18:63:49:5d:fd:de:3e:4f:
         72:ed:37:21:81:eb:08:a9:7c:ac:fd:79:a4:fb:17:70:bf:bb:
         3e:aa:5d:ec:72:11:c2:13:7c:d4:77:6d:37:e9:2a:25:54:70:
         74:11:98:e4:b7:44:e6:80:48:84:88:12:23:02:38:1a:ba:da:
         a0:b7:58:d6
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICGyMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMDMxMTEyMTI1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzNjgzNS01NzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApQBbz/9HPqBgXHQZ33n475+K+d0ROMEYo96DlY5Q7M3VU99x1da//3TzhyVY
pvzEiEWiawCkZ1OkxKv5joHxVQrTEfoawwO1h8Kxa4kIgmUXlfjTEPiRm/CkkOg9
F6spKIB/9sV1daKAfatiLsAUGaph9a6adIKMx9/DONITLjQLpo4iXY4VNMt6rH9Q
vhExXUnq0Ddh+kTVT8UHH4dS0XuOZoEHzAx651yhEATVvLinFQ6+Y/Me+5JsmyKl
wpzLsGmSSyV0sQXwqJqrRbAL4gkKsAmI4D011nR2JXdAdt+NcAXsI6dGoadABnk5
1doThvslqvUCbKOXneSsaEZYOwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFN0zGmmM
r8DnFaZ3isCG6DBBINPIMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRURFODJBOTI5
NzcwMTFFRjhFQTczMTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIwDAMEAHOnHQMEBXOnAAMEAHOnMAMEAHOnQAMEAHOnQgMEAHOn
SQMEAHOnTQMEAHOnfTANBgkqhkiG9w0BAQsFAAOCAQEAGuVlKbvUYHRC403Utsyk
qvPz5Tpfv3MoPTEjnMfkeo8hgZgq6o7siBmCpQingTBeuwItFDgVXKmQkMFiJA4I
LjslSJiJjHTi2sCoZODfyiROxqp3BTB4rbWrjB0NR3GPEPN1gdBn8eQ+8vW54hod
04VULjqwRx+Udus2aKqPwO0NDFiKVO1dEKEES5TRVaUXEjphXKzjMchPBixJpPkG
rFLnlyn5nF6pP1GrRWMz2/8X/drmrHz76Q5fx0l+XxhjSV393j5Pcu03IYHrCKl8
rP15pPsXcL+7Pqpd7HIRwhN81HdtN+kqJVRwdBGY5LdE5oBIhIgSIwI4GrraoLdY
1g==
-----END CERTIFICATE-----