Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/A9B52CB0AA8211EAA8115434C4F9AE02.roa
File:                     A9B52CB0AA8211EAA8115434C4F9AE02.roa (raw, json)
Hash identifier:          VjIa4OVAd2NYyG2wYrkbU8YanJtrBZ+Ek1Dwd0X40pA=
Subject key identifier:   D9:CF:85:8C:94:7D:3F:1D:2D:60:04:47:54:2A:8B:96:4E:0C:18:75
Certificate issuer:       /CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
Certificate serial:       0521
Authority key identifier: D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/A9B52CB0AA8211EAA8115434C4F9AE02.roa
Signing time:             Wed 02 Feb 2022 09:10:16 +0000
ROA not before:           Wed 02 Feb 2022 09:10:16 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     139351
IP address blocks:        103.141.158.0/23 maxlen: 23
                          2400:17a0::/48 maxlen: 48
                          2400:17a0:1::/48 maxlen: 48
                          2400:17a0:2::/48 maxlen: 48
                          2400:17a0:3::/48 maxlen: 48
                          2400:17a0:4::/48 maxlen: 48
                          2400:17a0:5::/48 maxlen: 48
                          2400:17a0:6::/48 maxlen: 48
                          2400:17a0:7::/48 maxlen: 48
                          2400:17a0:8::/48 maxlen: 48
                          2400:17a0:9::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1313 (0x521)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912BBC9/serialNumber=D3B7215E1660A19EFD2E772F9BA7A7BDC6EE0D28
        Validity
            Not Before: Feb  2 09:10:16 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=61fa4a78-c4df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0d:61:bd:68:6a:21:d3:4a:8c:a9:21:f5:cb:
                    c2:4f:7c:44:6e:5d:81:08:4b:06:f3:8e:8b:67:96:
                    34:77:18:17:3a:62:f4:aa:d5:73:a6:30:09:76:3c:
                    be:e9:c6:fb:4d:c3:21:0e:e2:d5:78:d4:2e:c3:68:
                    0d:cf:32:fc:2b:e7:65:44:77:72:b6:4b:96:78:f3:
                    83:a9:2b:8b:dd:a7:9f:a3:fd:11:f5:4c:66:a9:d1:
                    a9:ab:e2:60:7a:23:9d:c7:f4:57:ca:11:18:f4:7d:
                    77:ee:ab:8f:43:00:82:94:0b:c7:a1:ad:6c:77:03:
                    17:66:1a:8b:dd:a0:9e:dd:9c:1e:b7:fc:68:8b:1f:
                    7a:63:6b:98:09:bc:8c:d5:c3:72:e5:73:da:f9:ce:
                    37:fa:6b:2a:21:31:4f:9a:50:b2:1e:04:08:b3:f8:
                    3e:e8:48:a4:6f:b3:0c:db:fa:2e:20:57:1d:7f:51:
                    a4:bb:6d:54:8c:64:07:ce:f4:ec:62:ac:48:9a:38:
                    e4:8d:2a:b9:2d:ea:9a:97:0b:82:5a:c8:04:ed:17:
                    23:b6:28:49:21:16:b0:85:9f:d2:4e:39:35:97:40:
                    dc:f0:b7:0b:aa:0f:bd:61:94:f7:ff:64:e0:78:6e:
                    32:b7:c9:3c:f1:b3:50:bd:6a:4a:46:41:71:df:66:
                    ac:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:CF:85:8C:94:7D:3F:1D:2D:60:04:47:54:2A:8B:96:4E:0C:18:75
            X509v3 Authority Key Identifier:
                keyid:D3:B7:21:5E:16:60:A1:9E:FD:2E:77:2F:9B:A7:A7:BD:C6:EE:0D:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/07chXhZgoZ79Lncvm6envcbuDSg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/07chXhZgoZ79Lncvm6envcbuDSg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BBC9/83FF9FECAA8111EAB42A0433C4F9AE02/A9B52CB0AA8211EAA8115434C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.141.158.0/23
                IPv6:
                  2400:17a0::-2400:17a0:9:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         68:de:3f:57:ab:88:6e:19:af:ee:50:b1:55:07:7e:cb:89:98:
         9a:ea:26:6c:c2:16:a6:9f:a1:d5:e6:0f:bc:4d:ba:d9:32:14:
         c6:85:4d:dd:3a:09:b1:27:78:7e:8f:9c:a7:6c:29:29:89:81:
         1e:5b:42:6e:dd:bd:f4:e5:0d:3f:45:b6:da:4b:5e:65:c4:fb:
         10:5e:65:bc:a5:1b:11:03:d2:1f:92:4c:dc:92:8c:4a:47:a7:
         db:ea:d5:2c:d8:7b:94:bb:9f:66:24:ea:71:06:e9:aa:7d:f6:
         50:84:3e:ce:34:b0:0d:11:3c:21:f8:05:d0:dd:1c:69:51:15:
         8b:ba:24:17:f6:b4:71:1c:7f:4d:b6:62:2e:d0:96:bf:f5:5c:
         9b:92:33:44:b3:c5:34:83:66:aa:cf:ca:d2:ea:47:9f:2a:c8:
         45:57:36:ee:83:d1:0e:f9:93:b3:10:3c:f3:ce:34:00:0a:83:
         bb:2d:ea:9d:0c:89:af:de:d1:c2:db:ce:ad:3d:0f:8d:dd:cb:
         aa:59:73:9d:e6:51:cd:f3:b8:9a:b6:b1:15:7c:9f:7d:6e:e5:
         43:12:ec:07:c3:6a:ef:67:14:a4:eb:44:59:ad:92:fd:d3:d0:
         70:85:03:80:17:a6:82:8d:23:89:34:63:a1:63:38:8c:2e:1b:
         0f:c1:c8:ba
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICBSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJCQzkxMTAvBgNVBAUTKEQzQjcyMTVFMTY2MEExOUVGRDJFNzcyRjlCQTdBN0JE
QzZFRTBEMjgwHhcNMjIwMjAyMDkxMDE2WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWZhNGE3OC1jNGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQ1hvWhqIdNKjKkh9cvCT3xEbl2BCEsG846LZ5Y0dxgXOmL0qtVzpjAJdjy+
6cb7TcMhDuLVeNQuw2gNzzL8K+dlRHdytkuWePODqSuL3aefo/0R9UxmqdGpq+Jg
eiOdx/RXyhEY9H137quPQwCClAvHoa1sdwMXZhqL3aCe3Zwet/xoix96Y2uYCbyM
1cNy5XPa+c43+msqITFPmlCyHgQIs/g+6Eikb7MM2/ouIFcdf1Gku21UjGQHzvTs
YqxImjjkjSq5LeqalwuCWsgE7RcjtihJIRawhZ/STjk1l0Dc8LcLqg+9YZT3/2Tg
eG4yt8k88bNQvWpKRkFx32asxwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFNnPhYyU
fT8dLWAER1Qqi5ZODBh1MB8GA1UdIwQYMBaAFNO3IV4WYKGe/S53L5unp73G7g0o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkJDOS84M0ZGOUZFQ0FB
ODExMUVBQjQyQTA0MzNDNEY5QUUwMi8wN2NoWGhaZ29aNzlMbmN2bTZlbnZjYnVE
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzA3Y2hYaFpnb1o3OUxuY3ZtNmVudmNidURTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJCQzkvODNGRjlGRUNBQTgxMTFFQUI0MkEwNDMzQzRGOUFFMDIvQTlCNTJDQjBB
QTgyMTFFQUE4MTE1NDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAFnjZ4wGAQCAAIwEjAQAwUFJAAXoAMHASQAF6AACDANBgkq
hkiG9w0BAQsFAAOCAQEAaN4/V6uIbhmv7lCxVQd+y4mYmuombMIWpp+h1eYPvE26
2TIUxoVN3ToJsSd4fo+cp2wpKYmBHltCbt299OUNP0W22kteZcT7EF5lvKUbEQPS
H5JM3JKMSken2+rVLNh7lLufZiTqcQbpqn32UIQ+zjSwDRE8IfgF0N0caVEVi7ok
F/a0cRx/TbZiLtCWv/Vcm5IzRLPFNINmqs/K0upHnyrIRVc27oPRDvmTsxA88840
AAqDuy3qnQyJr97RwtvOrT0Pjd3LqllzneZRzfO4mraxFXyffW7lQxLsB8Nq72cU
pOtEWa2S/dPQcIUDgBemgo0jiTRjoWM4jC4bD8HIug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org