Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C32AE2E21AB811F08F3C8B74C4F9AE02.roa
File:                     C32AE2E21AB811F08F3C8B74C4F9AE02.roa (raw, json)
Hash identifier:          JsFx0IC8cFDXFJNkoXAAsLaH4iRYgHjGW2LNryYmSBc=
Subject key identifier:   E2:F1:19:D0:16:FB:DD:27:CB:F7:25:0A:21:58:DB:3E:C5:08:16:7B
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       28D7
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C32AE2E21AB811F08F3C8B74C4F9AE02.roa
Signing time:             Fri 01 Aug 2025 09:59:37 +0000
ROA not before:           Fri 01 Aug 2025 09:59:37 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     213441
IP address blocks:        115.167.3.0/24 maxlen: 24
                          115.167.64.0/24 maxlen: 24
                          175.110.99.0/24 maxlen: 24
                          223.29.226.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 08 Aug 2025 06:18:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10455 (0x28d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: Aug  1 09:59:37 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=688c9009-cb1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ba:1a:a4:44:c3:ba:75:22:c4:9a:f7:5f:fd:
                    30:ca:9c:e5:71:0a:e0:ca:eb:ff:e2:24:1a:cc:1d:
                    be:0b:43:72:cc:34:59:b5:8a:a9:5a:29:e9:e1:c7:
                    6c:b1:f7:32:35:54:b6:a9:ee:67:93:5c:b6:11:43:
                    89:92:da:46:7c:d7:eb:82:b5:23:1b:dc:02:56:27:
                    de:e4:7c:1c:c3:78:4c:9c:0c:ac:6c:bc:d1:6e:16:
                    8a:6c:60:4d:8b:91:c7:f3:9e:97:72:90:26:e8:68:
                    b1:c4:59:29:58:45:d6:9c:cb:43:61:13:6d:b1:f8:
                    cc:10:17:f0:ac:72:f3:60:1a:21:38:9b:33:8b:37:
                    e5:66:05:c0:e9:51:73:27:68:27:28:d0:1d:c6:f9:
                    c8:20:c6:0f:98:c2:e8:6d:60:03:95:62:0f:0b:a1:
                    62:fa:ff:c3:69:46:b0:a9:10:b4:22:c3:1c:a6:c6:
                    fc:f6:5b:28:70:a7:c2:74:6c:bc:f9:af:a9:88:b4:
                    66:ac:55:8c:18:4c:c0:75:af:f3:e9:db:92:42:5f:
                    75:0d:89:fe:86:24:b0:c6:ea:d8:83:65:9a:d7:b8:
                    a6:47:0a:f0:91:62:d2:f1:c1:77:5d:87:6e:6e:26:
                    7c:c1:dc:7c:ce:5a:ee:5e:26:fd:d0:80:92:40:95:
                    91:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F1:19:D0:16:FB:DD:27:CB:F7:25:0A:21:58:DB:3E:C5:08:16:7B
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/C32AE2E21AB811F08F3C8B74C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.167.3.0/24
                  115.167.64.0/24
                  175.110.99.0/24
                  223.29.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:08:16:ff:a0:f9:15:6d:94:1f:75:dc:cc:48:88:67:97:8f:
         f3:61:f1:fd:45:97:d9:d4:85:0b:d8:42:ce:df:13:fc:f8:34:
         e5:8d:5f:e4:8d:1a:4c:58:16:11:30:21:f0:18:99:a8:67:b1:
         1d:bc:8f:81:96:1b:96:06:83:6b:b0:86:e8:d1:de:22:c4:13:
         40:fd:0c:f4:cd:1e:92:a2:ff:64:73:a7:da:b0:88:53:bd:c8:
         d2:5e:f6:66:a2:16:03:d8:84:82:40:53:cb:36:5f:f4:0c:34:
         61:40:3e:9f:fa:30:cd:1c:76:61:75:c8:54:b7:97:19:c6:ba:
         a2:43:39:83:3b:06:72:6e:e7:8f:d1:33:f2:17:7c:2c:e4:55:
         60:f0:ff:15:52:c6:8f:a1:9a:c1:13:f8:3e:02:ad:8f:d2:ec:
         8b:b5:ac:ea:5f:de:04:a2:66:b0:c6:d4:f7:cf:14:23:76:de:
         2d:96:42:62:b9:a9:08:77:59:4a:b2:89:bc:31:d2:08:b2:3a:
         0b:5a:f8:0c:c9:42:1d:f9:06:af:f7:db:96:09:1d:ac:69:2b:
         6b:fa:bf:a1:e6:58:fe:4e:14:f2:4d:03:df:75:48:ed:d4:99:
         ca:8f:57:c2:43:1a:89:8a:56:6f:67:17:f4:c9:5a:90:b9:ab:
         2c:d4:80:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICKNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwODAxMDk1OTM3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhjOTAwOS1jYjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5boapETDunUixJr3X/0wypzlcQrgyuv/4iQazB2+C0NyzDRZtYqpWinp4cds
sfcyNVS2qe5nk1y2EUOJktpGfNfrgrUjG9wCVife5Hwcw3hMnAysbLzRbhaKbGBN
i5HH856XcpAm6GixxFkpWEXWnMtDYRNtsfjMEBfwrHLzYBohOJszizflZgXA6VFz
J2gnKNAdxvnIIMYPmMLobWADlWIPC6Fi+v/DaUawqRC0IsMcpsb89lsocKfCdGy8
+a+piLRmrFWMGEzAda/z6duSQl91DYn+hiSwxurYg2Wa17imRwrwkWLS8cF3XYdu
biZ8wdx8zlruXib90ICSQJWRuQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFOLxGdAW
+90ny/clCiFY2z7FCBZ7MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQzMyQUUyRTIx
QUI4MTFGMDhGM0M4Qjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABzpwMDBABzp0ADBACvbmMDBADfHeIwDQYJKoZIhvcNAQEL
BQADggEBAJkIFv+g+RVtlB913MxIiGeXj/Nh8f1Fl9nUhQvYQs7fE/z4NOWNX+SN
GkxYFhEwIfAYmahnsR28j4GWG5YGg2uwhujR3iLEE0D9DPTNHpKi/2Rzp9qwiFO9
yNJe9maiFgPYhIJAU8s2X/QMNGFAPp/6MM0cdmF1yFS3lxnGuqJDOYM7BnJu54/R
M/IXfCzkVWDw/xVSxo+hmsET+D4CrY/S7Iu1rOpf3gSiZrDG1PfPFCN23i2WQmK5
qQh3WUqyibwx0giyOgta+AzJQh35Bq/325YJHaxpK2v6v6HmWP5OFPJNA991SO3U
mcqPV8JDGomKVm9nF/TJWpC5qyzUgCk=
-----END CERTIFICATE-----