Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/633FA6DA14E511EABD72D142C4F9AE02.roa
File:                     633FA6DA14E511EABD72D142C4F9AE02.roa (raw, json)
Hash identifier:          HaY8x6jlSvbEQAJmskGzE1MrXrycsYGPyTLerUza8pA=
Subject key identifier:   99:A2:AE:54:3A:D0:26:E3:E3:D4:97:52:97:C0:CC:92:3F:93:BE:43
Certificate issuer:       /CN=A912BD25/serialNumber=C909BDB284E4DF08477660D682B7CB3F594831E3
Certificate serial:       0A0A
Authority key identifier: C9:09:BD:B2:84:E4:DF:08:47:76:60:D6:82:B7:CB:3F:59:48:31:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yQm9soTk3whHdmDWgrfLP1lIMeM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/633FA6DA14E511EABD72D142C4F9AE02.roa
Signing time:             Fri 14 Oct 2022 20:26:56 +0000
ROA not before:           Fri 14 Oct 2022 20:26:56 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     138171
IP address blocks:        103.121.220.0/22 maxlen: 22
                          103.121.220.0/24 maxlen: 24
                          103.121.221.0/24 maxlen: 24
                          103.121.222.0/24 maxlen: 24
                          103.121.223.0/24 maxlen: 24
                          2403:7240::/32 maxlen: 32
                          2403:7240::/36 maxlen: 36
                          2403:7240:1000::/36 maxlen: 36
                          2403:7240:2000::/36 maxlen: 36
                          2403:7240:3000::/36 maxlen: 36
                          2403:7240:4000::/36 maxlen: 36
                          2403:7240:5000::/36 maxlen: 36
                          2403:7240:6000::/36 maxlen: 36
                          2403:7240:7000::/36 maxlen: 36
                          2403:7240:8000::/36 maxlen: 36
                          2403:7240:9000::/36 maxlen: 36
                          2403:7240:a000::/36 maxlen: 36
                          2403:7240:b000::/36 maxlen: 36
                          2403:7240:c000::/36 maxlen: 36
                          2403:7240:d000::/36 maxlen: 36
                          2403:7240:e000::/36 maxlen: 36
                          2403:7240:f000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2570 (0xa0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912BD25/serialNumber=C909BDB284E4DF08477660D682B7CB3F594831E3
        Validity
            Not Before: Oct 14 20:26:56 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6349c610-28fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8a:92:7a:d1:66:0b:be:ca:78:83:d4:78:57:
                    67:63:65:33:8c:61:6c:1c:1f:55:6e:57:7e:90:57:
                    fe:ca:c2:36:de:3b:9d:a4:04:36:da:73:d6:42:6a:
                    2a:e1:4d:fa:7e:a0:c4:0b:09:8d:84:fd:d7:88:52:
                    c4:7a:e7:56:7d:5e:39:79:46:21:d9:c3:ea:46:a6:
                    fd:9f:4b:5e:b5:03:92:96:84:4b:f4:e9:60:82:d6:
                    49:6b:9b:eb:93:fb:01:16:38:aa:cb:b7:2c:5f:b0:
                    e8:d2:81:98:2a:1d:52:78:bf:b4:04:6a:90:27:ab:
                    d9:05:6e:41:0c:f9:aa:e7:38:16:dd:9b:ce:46:a7:
                    ac:75:8f:bc:ec:17:f4:71:84:4c:55:e3:3c:b3:aa:
                    4e:1c:5e:ce:01:6b:01:15:d4:e5:82:0e:4b:07:68:
                    e4:01:67:4f:3e:57:c5:70:47:e8:4a:b8:e0:74:e6:
                    78:19:ce:9b:41:bb:ed:d1:40:bc:f1:45:90:fb:9f:
                    9b:2d:5c:13:52:77:a0:46:88:fb:51:5b:80:d2:01:
                    c4:d8:73:12:fd:e7:d0:ed:1d:58:4b:bc:71:37:a7:
                    94:0b:c1:a6:b2:c4:c6:fe:43:d7:d7:9b:4b:03:50:
                    11:d3:0d:64:5b:08:17:1d:cf:db:54:47:7d:cd:c0:
                    8e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A2:AE:54:3A:D0:26:E3:E3:D4:97:52:97:C0:CC:92:3F:93:BE:43
            X509v3 Authority Key Identifier:
                keyid:C9:09:BD:B2:84:E4:DF:08:47:76:60:D6:82:B7:CB:3F:59:48:31:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/yQm9soTk3whHdmDWgrfLP1lIMeM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yQm9soTk3whHdmDWgrfLP1lIMeM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/633FA6DA14E511EABD72D142C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.220.0/22
                IPv6:
                  2403:7240::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:dd:62:c6:05:30:3b:22:5e:7a:7d:3c:bf:3e:6f:aa:97:00:
         77:14:50:f6:7f:ca:7e:2f:b9:aa:8d:ff:86:39:a2:0d:9f:a4:
         e8:10:da:c5:e2:06:75:10:e9:69:bb:2f:eb:f6:7d:ed:1a:0d:
         1d:68:e5:d2:a6:92:fc:ca:9e:56:e6:60:6c:85:f6:72:52:5f:
         b5:44:07:fe:55:0e:ae:b2:4a:e2:20:d3:11:41:44:8e:1c:95:
         74:4f:47:ed:a1:72:63:b3:1f:19:2f:85:c8:ed:75:f3:8f:03:
         2d:d8:d4:74:c7:b5:21:24:ea:c0:24:88:1b:0b:90:e1:1a:b8:
         fd:ee:34:4b:18:74:34:1c:d2:32:9c:40:b5:e4:4d:99:5f:ea:
         98:ff:36:46:3e:39:c8:46:59:1f:c9:a7:3a:bd:7d:c5:78:7d:
         2d:46:18:1c:41:7d:72:7d:3e:82:71:56:e3:1c:86:a9:97:3e:
         40:95:a3:aa:9a:c3:65:35:bc:0b:42:ad:ef:f5:9a:55:70:47:
         d5:b1:a9:3d:48:da:9f:aa:ef:20:c0:9a:f9:ab:33:4e:1e:54:
         a3:b6:85:d5:bf:53:ea:50:96:be:4d:8a:84:ba:b2:6b:22:da:
         ee:bf:e0:33:41:50:e1:22:22:52:a6:de:7d:89:d3:a2:e1:99:
         57:73:d9:32
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJEMjUxMTAvBgNVBAUTKEM5MDlCREIyODRFNERGMDg0Nzc2NjBENjgyQjdDQjNG
NTk0ODMxRTMwHhcNMjIxMDE0MjAyNjU2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ5YzYxMC0yOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs4qSetFmC77KeIPUeFdnY2UzjGFsHB9Vbld+kFf+ysI23judpAQ22nPWQmoq
4U36fqDECwmNhP3XiFLEeudWfV45eUYh2cPqRqb9n0tetQOSloRL9OlggtZJa5vr
k/sBFjiqy7csX7Do0oGYKh1SeL+0BGqQJ6vZBW5BDPmq5zgW3ZvORqesdY+87Bf0
cYRMVeM8s6pOHF7OAWsBFdTlgg5LB2jkAWdPPlfFcEfoSrjgdOZ4Gc6bQbvt0UC8
8UWQ+5+bLVwTUnegRoj7UVuA0gHE2HMS/efQ7R1YS7xxN6eUC8GmssTG/kPX15tL
A1AR0w1kWwgXHc/bVEd9zcCOAwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJmirlQ6
0Cbj49SXUpfAzJI/k75DMB8GA1UdIwQYMBaAFMkJvbKE5N8IR3Zg1oK3yz9ZSDHj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkQyNS8wN0Y4MjE0QTE0
RTQxMUVBODc2RTg2NDBDNEY5QUUwMi95UW05c29UazN3aEhkbURXZ3JmTFAxbElN
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lRbTlzb1RrM3doSGRtRFdncmZMUDFsSU1lTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJEMjUvMDdGODIxNEExNEU0MTFFQTg3NkU4NjQwQzRGOUFFMDIvNjMzRkE2REEx
NEU1MTFFQUJENzJEMTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnedwwDQQCAAIwBwMFACQDckAwDQYJKoZIhvcNAQELBQAD
ggEBAEjdYsYFMDsiXnp9PL8+b6qXAHcUUPZ/yn4vuaqN/4Y5og2fpOgQ2sXiBnUQ
6Wm7L+v2fe0aDR1o5dKmkvzKnlbmYGyF9nJSX7VEB/5VDq6ySuIg0xFBRI4clXRP
R+2hcmOzHxkvhcjtdfOPAy3Y1HTHtSEk6sAkiBsLkOEauP3uNEsYdDQc0jKcQLXk
TZlf6pj/NkY+OchGWR/Jpzq9fcV4fS1GGBxBfXJ9PoJxVuMchqmXPkCVo6qaw2U1
vAtCre/1mlVwR9WxqT1I2p+q7yDAmvmrM04eVKO2hdW/U+pQlr5NioS6smsi2u6/
4DNBUOEiIlKm3n2J06LhmVdz2TI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org