Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4979BDF29B7811EFA642D740C4F9AE02.roa
File:                     4979BDF29B7811EFA642D740C4F9AE02.roa (raw, json)
Hash identifier:          TeBnVv+wr/h1nuLXum6SodMAEgNFvi2PNtQ0T9uqSyI=
Subject key identifier:   9B:36:25:E9:65:A4:8F:FA:96:6E:B5:2E:55:37:6E:3E:40:80:F6:24
Certificate issuer:       /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial:       0B9F
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4979BDF29B7811EFA642D740C4F9AE02.roa
Signing time:             Tue 05 Nov 2024 13:28:28 +0000
ROA not before:           Tue 05 Nov 2024 13:28:28 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     138241
IP address blocks:        139.190.32.0/22 maxlen: 22
                          139.190.36.0/22 maxlen: 24
                          139.190.40.0/22 maxlen: 24
                          139.190.44.0/22 maxlen: 22
                          139.190.48.0/22 maxlen: 24
                          139.190.52.0/22 maxlen: 22
                          139.190.56.0/22 maxlen: 22
                          139.190.60.0/22 maxlen: 24
                          139.190.239.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 06 Nov 2024 10:15:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2975 (0xb9f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134
        Validity
            Not Before: Nov  5 13:28:28 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=672a1d7c-b1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:67:b0:84:1a:17:5b:51:1c:28:47:d4:60:f5:
                    0f:af:d4:74:f3:7d:14:24:5d:00:cf:d6:5a:eb:71:
                    1b:0a:4a:cf:f9:64:b2:d3:cf:7c:76:e4:e0:78:44:
                    93:82:1c:50:9b:f2:97:e8:88:b1:cf:db:21:00:51:
                    df:24:43:d7:b4:69:c0:ba:68:de:8f:89:bc:95:25:
                    56:63:10:f6:98:f0:d9:4c:a1:bc:34:13:1e:fb:6e:
                    00:47:9a:4b:84:a9:a3:f5:c5:06:93:1e:67:84:20:
                    3e:06:82:d0:37:6b:cb:71:77:b4:37:40:62:66:7c:
                    ba:2f:d5:16:3c:8b:d3:e6:0f:dd:5f:ee:15:6c:f7:
                    19:2e:e9:72:43:50:63:5c:5f:80:fd:44:9d:a7:44:
                    f3:d6:00:7d:13:a2:b0:fe:20:fa:9a:2a:47:d4:71:
                    dc:cd:18:d9:6a:65:de:41:cb:33:b1:6e:f6:7c:7d:
                    dc:9c:25:b5:69:92:b7:ab:b2:71:fc:65:c2:80:52:
                    8b:c6:6d:23:a2:28:ec:ca:fe:a9:62:46:e4:fc:23:
                    dd:45:52:66:67:97:fe:08:68:c9:25:88:33:92:66:
                    64:68:b2:0e:f0:cd:7e:c8:a4:11:87:ee:84:8b:34:
                    97:3c:77:26:91:75:18:09:cf:a0:b9:10:53:ab:78:
                    77:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:36:25:E9:65:A4:8F:FA:96:6E:B5:2E:55:37:6E:3E:40:80:F6:24
            X509v3 Authority Key Identifier:
                keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4979BDF29B7811EFA642D740C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.190.32.0/19
                  139.190.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:44:2f:64:1a:7e:f1:f8:c6:30:73:1a:4e:33:b7:b0:6f:6f:
         c8:f6:e6:da:9c:d3:1e:95:a2:46:63:24:66:db:a8:05:91:a1:
         0e:fc:1d:bd:4c:70:97:f8:c0:a7:59:82:4e:3c:c8:f1:e9:3f:
         2a:27:bf:76:bd:87:e8:b7:cf:de:a7:56:6a:86:16:e7:8a:d9:
         cf:82:d9:07:74:90:8b:f4:1e:d7:3f:0b:64:a4:85:bf:e0:24:
         94:e3:61:69:1a:aa:a7:a1:56:7f:90:53:5e:05:9b:86:bd:44:
         f7:a0:60:39:0b:f4:18:86:6a:43:5c:66:e8:fc:4b:9c:cd:78:
         40:c7:88:36:e7:74:8c:47:1d:a0:6c:09:5d:9d:31:39:64:22:
         3a:96:0c:1c:75:65:48:bb:d7:a4:24:b1:44:b7:8d:61:b9:ae:
         14:ef:a4:c2:a2:9d:72:d1:2f:4c:d2:e4:f7:3b:48:58:79:50:
         3f:ad:76:c3:2e:4d:12:06:2f:da:2a:5d:e5:7a:b7:38:b9:e6:
         1e:a3:90:24:03:a0:68:9b:7e:04:e5:3c:e3:a9:d1:6c:7b:b0:
         58:ef:49:74:58:d0:05:f1:0b:4b:c4:ce:aa:e2:9b:9f:29:ec:
         03:90:78:7b:b9:12:aa:3b:b5:9e:41:06:93:1a:54:40:21:26:
         b9:fe:73:e9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTA1MTMyODI4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJhMWQ3Yy1iMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzGewhBoXW1EcKEfUYPUPr9R0830UJF0Az9Za63EbCkrP+WSy0898duTgeEST
ghxQm/KX6Iixz9shAFHfJEPXtGnAumjej4m8lSVWYxD2mPDZTKG8NBMe+24AR5pL
hKmj9cUGkx5nhCA+BoLQN2vLcXe0N0BiZny6L9UWPIvT5g/dX+4VbPcZLulyQ1Bj
XF+A/USdp0Tz1gB9E6Kw/iD6mipH1HHczRjZamXeQcszsW72fH3cnCW1aZK3q7Jx
/GXCgFKLxm0joijsyv6pYkbk/CPdRVJmZ5f+CGjJJYgzkmZkaLIO8M1+yKQRh+6E
izSXPHcmkXUYCc+guRBTq3h3vwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJs2Jell
pI/6lm61LlU3bj5AgPYkMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDk3OUJERjI5
Qjc4MTFFRkE2NDJENzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAWLviADBACLvu8wDQYJKoZIhvcNAQELBQADggEBAEpEL2Qa
fvH4xjBzGk4zt7Bvb8j25tqc0x6VokZjJGbbqAWRoQ78Hb1McJf4wKdZgk48yPHp
Pyonv3a9h+i3z96nVmqGFueK2c+C2Qd0kIv0Htc/C2Skhb/gJJTjYWkaqqehVn+Q
U14Fm4a9RPegYDkL9BiGakNcZuj8S5zNeEDHiDbndIxHHaBsCV2dMTlkIjqWDBx1
ZUi716QksUS3jWG5rhTvpMKinXLRL0zS5Pc7SFh5UD+tdsMuTRIGL9oqXeV6tzi5
5h6jkCQDoGibfgTlPOOp0Wx7sFjvSXRY0AXxC0vEzqrim58p7AOQeHu5Eqo7tZ5B
BpMaVEAhJrn+c+k=
-----END CERTIFICATE-----