Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5735F17E9B4511EE8161002EC4F9AE02.roa
File:                     5735F17E9B4511EE8161002EC4F9AE02.roa (raw, json)
Hash identifier:          ws65w2cn9D32Rjq6PRopYD14fzjiDzEkmVYbDAHfP3M=
Subject key identifier:   F1:CE:C5:A5:D8:BB:0B:B8:ED:C3:AE:75:A1:4C:1D:BA:E5:ED:C0:40
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       0FB7
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5735F17E9B4511EE8161002EC4F9AE02.roa
Signing time:             Mon 22 Jan 2024 12:24:44 +0000
ROA not before:           Mon 22 Jan 2024 12:24:44 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        113.203.213.0/24 maxlen: 24
                          113.203.219.0/24 maxlen: 24
                          180.178.147.0/24 maxlen: 24
                          180.178.161.0/24 maxlen: 24
                          180.178.162.0/24 maxlen: 24
                          180.178.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 11:09:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4023 (0xfb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Jan 22 12:24:44 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65ae5e8b-be0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:71:d3:71:6d:c6:98:cb:81:50:2d:e3:88:51:
                    df:f0:16:52:26:c3:fa:61:9b:00:e6:ba:a5:e9:c9:
                    8c:c2:7e:17:02:cf:4b:bf:85:4c:ed:96:81:64:c6:
                    2e:fc:f5:da:6a:17:be:8b:6c:68:2a:6a:84:52:01:
                    3f:0e:5c:7d:27:7f:c1:68:ea:83:31:74:97:0f:e5:
                    fd:b2:f6:f1:78:10:bf:bc:50:c8:b7:83:8d:e7:db:
                    cb:8c:b3:07:08:85:5c:27:a7:97:a0:c5:a5:17:57:
                    8d:b6:1c:ba:0d:02:73:8d:d0:ea:c4:8b:5c:f2:f2:
                    36:bc:aa:0b:b1:85:5b:7c:bb:eb:82:f4:51:8f:e7:
                    69:b3:a1:76:9a:1e:e0:73:b3:e0:d2:2f:03:f9:98:
                    06:81:40:d8:77:8d:db:28:b7:99:67:b7:8e:8d:48:
                    99:ce:08:da:5c:66:38:24:db:de:c5:37:48:41:d3:
                    94:98:fb:2d:c0:c5:f8:49:ae:ec:2b:0f:71:a1:ef:
                    3e:2c:0b:a3:f5:66:4b:57:65:4b:a3:6d:1b:03:07:
                    02:8c:ef:4a:83:9e:e8:ec:6e:0d:92:a6:97:ab:f3:
                    e6:31:69:76:4f:56:fc:2f:57:b2:66:46:2b:74:78:
                    48:e3:7d:48:e8:fd:d4:db:11:28:5e:1b:06:82:70:
                    85:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:CE:C5:A5:D8:BB:0B:B8:ED:C3:AE:75:A1:4C:1D:BA:E5:ED:C0:40
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5735F17E9B4511EE8161002EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.213.0/24
                  113.203.219.0/24
                  180.178.147.0/24
                  180.178.161.0-180.178.162.255
                  180.178.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:ae:78:7f:5d:b5:0a:75:01:1c:1a:df:33:c7:d2:54:cd:fb:
         1d:96:08:f3:1b:b3:a2:dd:97:e3:d7:aa:93:cd:8f:9d:35:f3:
         ac:e5:50:b0:b1:57:34:9f:9a:b2:2b:d6:d2:1d:e7:fc:22:c8:
         96:ad:ff:d8:7f:db:65:84:cf:c2:8d:a9:68:3c:85:2d:96:68:
         72:7f:ab:f0:9e:40:7d:14:8d:7f:71:99:14:fc:4a:56:56:1e:
         54:5f:ba:4d:8f:30:ef:45:17:52:79:a5:99:30:70:45:c7:24:
         ad:00:5b:a0:07:ec:71:ce:1b:66:75:ae:25:14:ba:85:8c:2f:
         7a:f9:2b:54:a2:fe:13:eb:b3:ab:86:75:c1:4f:1f:09:90:ca:
         28:2e:81:44:ec:9f:50:ee:27:aa:72:a1:6e:89:24:01:ac:8d:
         3f:ea:38:10:59:15:ef:41:65:a2:d5:e8:54:13:14:c7:10:b1:
         2d:4b:66:97:60:3a:d5:90:47:20:1e:e6:dc:b4:04:a0:75:b7:
         0c:b1:9b:7e:09:64:ad:21:1e:92:5b:d7:9c:65:46:5f:26:a6:
         97:3e:d5:1f:bc:78:2b:af:54:fc:ce:b5:3e:4d:6f:1f:f2:12:
         0c:a3:95:c5:5a:10:a4:b0:99:dc:d8:d2:81:c6:04:45:a6:6a:
         fd:0c:dd:75
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICD7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMTIyMTIyNDQ0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFlNWU4Yi1iZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynHTcW3GmMuBUC3jiFHf8BZSJsP6YZsA5rql6cmMwn4XAs9Lv4VM7ZaBZMYu
/PXaahe+i2xoKmqEUgE/Dlx9J3/BaOqDMXSXD+X9svbxeBC/vFDIt4ON59vLjLMH
CIVcJ6eXoMWlF1eNthy6DQJzjdDqxItc8vI2vKoLsYVbfLvrgvRRj+dps6F2mh7g
c7Pg0i8D+ZgGgUDYd43bKLeZZ7eOjUiZzgjaXGY4JNvexTdIQdOUmPstwMX4Sa7s
Kw9xoe8+LAuj9WZLV2VLo20bAwcCjO9Kg57o7G4NkqaXq/PmMWl2T1b8L1eyZkYr
dHhI431I6P3U2xEoXhsGgnCFGwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFPHOxaXY
uwu47cOudaFMHbrl7cBAMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNTczNUYxN0U5
QjQ1MTFFRTgxNjEwMDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBABxy9UDBABxy9sDBAC0spMwDAMEALSyoQMEALSyogMEALSy
vDANBgkqhkiG9w0BAQsFAAOCAQEAeK54f121CnUBHBrfM8fSVM37HZYI8xuzot2X
49eqk82PnTXzrOVQsLFXNJ+asivW0h3n/CLIlq3/2H/bZYTPwo2paDyFLZZocn+r
8J5AfRSNf3GZFPxKVlYeVF+6TY8w70UXUnmlmTBwRcckrQBboAfscc4bZnWuJRS6
hYwvevkrVKL+E+uzq4Z1wU8fCZDKKC6BROyfUO4nqnKhbokkAayNP+o4EFkV70Fl
otXoVBMUxxCxLUtml2A61ZBHIB7m3LQEoHW3DLGbfglkrSEeklvXnGVGXyamlz7V
H7x4K69U/M61Pk1vH/ISDKOVxVoQpLCZ3NjSgcYERaZq/QzddQ==
-----END CERTIFICATE-----