Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/E4A28FBEB9DF11EE9083B52AC4F9AE02.roa
File:                     E4A28FBEB9DF11EE9083B52AC4F9AE02.roa (raw, json)
Hash identifier:          XawHTY0lCVEmUeHyXUHUAL+GCmFh8tSAyucNcXkMXUc=
Subject key identifier:   43:2B:31:D9:AC:E2:47:F6:18:2B:BF:98:AF:A6:17:C9:48:DB:02:47
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       0FBD
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/E4A28FBEB9DF11EE9083B52AC4F9AE02.roa
Signing time:             Tue 23 Jan 2024 11:09:36 +0000
ROA not before:           Tue 23 Jan 2024 11:09:36 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        113.203.213.0/24 maxlen: 24
                          113.203.219.0/24 maxlen: 24
                          180.178.147.0/24 maxlen: 24
                          180.178.162.0/24 maxlen: 24
                          180.178.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Jan 2024 14:22:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4029 (0xfbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Jan 23 11:09:36 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65af9e70-ee5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:67:82:e3:31:7e:d2:4a:82:6d:55:03:e1:69:
                    5c:39:e5:c4:58:47:dc:d3:2e:72:88:c6:a0:4d:09:
                    33:9d:4e:1b:64:b7:49:31:68:50:78:d3:a1:81:46:
                    5e:0c:b8:2f:8e:a4:45:d7:ac:3b:7d:e7:71:65:88:
                    b2:4a:0e:b5:4f:31:78:5b:e3:3e:fa:3a:c6:80:18:
                    6b:7d:25:78:24:ca:9b:3a:f4:d1:19:ae:20:49:b5:
                    b3:a9:5e:9b:ad:46:98:c3:d0:81:17:f2:fa:86:d7:
                    60:22:b0:9f:5f:51:d6:7b:b0:7b:05:51:49:eb:87:
                    45:fa:09:0f:b4:ef:ec:d8:76:ea:5e:1f:e0:71:a1:
                    90:61:b6:c2:48:21:b8:37:cb:fa:d0:d8:5d:5a:61:
                    83:6d:41:b8:96:1d:05:35:fd:ae:ce:ef:26:a2:0a:
                    68:85:ad:67:7d:91:8a:b3:14:ce:3b:c4:29:fb:e6:
                    94:be:bc:5a:a0:2b:c1:f9:e4:98:4c:01:cc:b2:02:
                    2d:9a:dd:05:a4:4d:bc:a9:6e:1d:58:10:32:98:08:
                    fd:d2:99:35:7d:4a:c7:81:9a:b9:82:f0:b6:ae:9b:
                    55:30:8b:83:54:66:5b:0b:ea:b7:ee:ca:2b:09:21:
                    43:dd:4c:5f:9c:b1:d1:66:20:1e:f0:23:66:1f:15:
                    3d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:2B:31:D9:AC:E2:47:F6:18:2B:BF:98:AF:A6:17:C9:48:DB:02:47
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/E4A28FBEB9DF11EE9083B52AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.203.213.0/24
                  113.203.219.0/24
                  180.178.147.0/24
                  180.178.162.0/24
                  180.178.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:09:ed:33:03:f2:f4:fb:eb:8d:61:49:cb:ef:fd:0a:74:12:
         e4:f7:e4:88:25:5e:d1:82:e1:8d:c6:6c:95:f1:85:f2:31:26:
         ca:f6:fe:81:6b:4a:de:e2:8a:45:8a:46:f3:dd:b7:77:64:a3:
         2a:84:c9:ac:6d:d8:d1:7f:b0:2a:ba:35:ae:8d:c9:df:57:dd:
         8c:f4:08:e7:d9:0f:d1:b0:2b:d1:ee:6d:37:56:81:5b:e0:05:
         21:28:8f:cc:8e:49:c2:76:ca:44:15:7c:01:1e:73:37:2c:7c:
         6c:67:98:30:02:6e:32:c4:ac:a1:6a:34:2b:00:76:7a:eb:93:
         30:7b:73:25:28:52:e1:e4:3e:b2:06:d3:0e:ef:49:af:d1:0c:
         e7:c8:d6:42:fa:80:23:24:a6:ec:a1:f8:88:8e:12:5a:1e:08:
         e4:d7:69:1d:98:b0:00:6d:6c:42:f6:f7:42:d2:a0:55:87:78:
         16:e9:a7:6b:ef:47:68:4f:23:d2:58:bc:03:5a:2d:47:dd:ee:
         86:76:f0:dd:6e:8a:15:a9:7b:df:1c:08:2a:7c:72:bb:c3:9d:
         78:93:85:60:95:f6:a9:6b:c0:ee:d7:2e:c9:2f:6e:75:fe:52:
         95:53:73:b2:0f:c6:25:92:7d:c8:10:8f:eb:89:17:43:69:6b:
         6b:fc:54:4a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICD70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMTIzMTEwOTM2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFmOWU3MC1lZTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl2eC4zF+0kqCbVUD4WlcOeXEWEfc0y5yiMagTQkznU4bZLdJMWhQeNOhgUZe
DLgvjqRF16w7fedxZYiySg61TzF4W+M++jrGgBhrfSV4JMqbOvTRGa4gSbWzqV6b
rUaYw9CBF/L6htdgIrCfX1HWe7B7BVFJ64dF+gkPtO/s2HbqXh/gcaGQYbbCSCG4
N8v60NhdWmGDbUG4lh0FNf2uzu8mogpoha1nfZGKsxTOO8Qp++aUvrxaoCvB+eSY
TAHMsgItmt0FpE28qW4dWBAymAj90pk1fUrHgZq5gvC2rptVMIuDVGZbC+q37sor
CSFD3UxfnLHRZiAe8CNmHxU95wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEMrMdms
4kf2GCu/mK+mF8lI2wJHMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRTRBMjhGQkVC
OURGMTFFRTkwODNCNTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBABxy9UDBABxy9sDBAC0spMDBAC0sqIDBAC0srwwDQYJKoZI
hvcNAQELBQADggEBADMJ7TMD8vT7641hScvv/Qp0EuT35IglXtGC4Y3GbJXxhfIx
Jsr2/oFrSt7iikWKRvPdt3dkoyqEyaxt2NF/sCq6Na6Nyd9X3Yz0COfZD9GwK9Hu
bTdWgVvgBSEoj8yOScJ2ykQVfAEeczcsfGxnmDACbjLErKFqNCsAdnrrkzB7cyUo
UuHkPrIG0w7vSa/RDOfI1kL6gCMkpuyh+IiOEloeCOTXaR2YsABtbEL290LSoFWH
eBbpp2vvR2hPI9JYvANaLUfd7oZ28N1uihWpe98cCCp8crvDnXiThWCV9qlrwO7X
LskvbnX+UpVTc7IPxiWSfcgQj+uJF0Npa2v8VEo=
-----END CERTIFICATE-----