Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DD057E30C32F11ED82655C36C4F9AE02.roa
File:                     DD057E30C32F11ED82655C36C4F9AE02.roa (raw, json)
Hash identifier:          v21F1MhR4iodCq8BL93svUJnn0fOcUNvZ0aPbhyhTw4=
Subject key identifier:   7A:B3:D0:5E:DE:14:02:0E:7E:14:92:89:41:82:70:EE:A0:83:83:85
Certificate issuer:       /CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Certificate serial:       090D
Authority key identifier: ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DD057E30C32F11ED82655C36C4F9AE02.roa
Signing time:             Tue 29 Aug 2023 00:51:38 +0000
ROA not before:           Tue 29 Aug 2023 00:51:38 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     58895
IP address blocks:        103.83.20.0/22 maxlen: 22
                          103.83.20.0/24 maxlen: 24
                          103.83.21.0/24 maxlen: 24
                          103.83.22.0/24 maxlen: 24
                          103.83.23.0/24 maxlen: 24
                          123.108.92.0/24 maxlen: 24
                          123.108.93.0/24 maxlen: 24
                          123.108.94.0/24 maxlen: 24
                          123.108.95.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2317 (0x90d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
        Validity
            Not Before: Aug 29 00:51:38 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64ed411a-e6e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:18:ff:ba:8a:fe:61:95:cd:bc:10:80:3a:62:
                    34:89:ac:f0:d1:0d:ea:a0:a2:da:70:d1:d6:1a:e0:
                    c1:57:d6:25:65:cf:11:74:17:7e:c0:62:21:9e:bd:
                    78:86:3c:42:bf:19:bc:c7:d4:6f:f0:f0:9f:f4:c5:
                    be:0f:6a:e0:eb:06:e7:31:c2:82:e0:3e:b3:5e:0f:
                    80:f7:0b:df:d1:e0:00:18:73:b2:0b:29:00:58:1a:
                    0c:e5:18:5b:1c:ff:99:fc:d1:60:29:73:f2:12:76:
                    2d:30:a6:02:65:76:0a:3c:04:13:f5:7f:67:1a:43:
                    d8:d3:5e:27:2a:b5:8c:67:4c:9a:d0:41:ee:2c:64:
                    f8:8b:a4:3b:29:fa:6d:6e:aa:13:64:91:a4:a6:04:
                    01:b9:fa:ce:8e:fc:28:23:9f:34:14:71:87:92:ab:
                    b9:3e:34:64:ec:90:99:bc:63:46:1a:b5:90:0d:60:
                    b2:ed:7b:1f:0e:1e:33:47:61:98:d9:d4:9d:04:9d:
                    29:ab:25:5b:44:41:b1:48:e3:7b:be:d9:8d:15:6d:
                    28:98:ac:34:97:e5:0a:07:6c:82:10:08:70:8e:01:
                    3e:15:d8:e7:ea:e3:6f:a5:d1:fb:76:e7:ae:32:63:
                    28:3f:dc:d1:38:91:76:c3:71:59:9a:21:d5:14:f6:
                    b3:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:B3:D0:5E:DE:14:02:0E:7E:14:92:89:41:82:70:EE:A0:83:83:85
            X509v3 Authority Key Identifier:
                keyid:ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/7dKmloaGUlbJsP3da3FJZtU3jzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DD057E30C32F11ED82655C36C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.83.20.0/22
                  123.108.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:55:45:ab:be:90:9a:92:a2:26:ec:f8:8b:10:df:46:5e:2f:
         13:f0:a3:59:d6:b8:1d:17:15:e4:6b:ca:c9:03:09:97:95:11:
         6f:24:c6:6b:84:3d:4d:c6:a8:4e:ac:58:e7:2c:86:94:f4:d5:
         78:04:3a:23:e9:42:d1:29:3b:cf:24:fa:01:42:9c:f7:fb:ef:
         2a:4e:ed:a5:11:29:7b:d4:2e:32:2e:1f:4a:7e:be:76:80:f1:
         d1:17:43:21:37:02:35:1c:19:51:d1:ef:57:b0:53:b9:58:2a:
         d7:8a:7b:66:bb:a6:fb:d1:85:96:de:2f:d5:e3:73:d0:7c:76:
         f1:e0:e3:38:09:88:76:87:ee:3a:5d:16:4e:ed:aa:6f:c6:6d:
         0d:6c:4c:ce:57:d1:5c:c0:68:96:91:47:0c:12:66:07:8e:fd:
         82:fa:13:77:af:e9:ba:d3:e7:e7:1b:f5:ff:fc:cc:69:3c:d7:
         e6:12:ed:b9:f5:95:ef:d5:85:f5:e7:5f:a7:44:48:d8:c7:6d:
         b8:e2:a4:68:23:ec:39:65:b3:d2:a4:89:ba:b5:b9:8a:d7:ad:
         25:9e:29:56:c9:47:9b:ad:e9:e9:11:99:26:12:4b:17:7e:b0:
         04:3c:28:ee:a5:fa:55:12:ea:81:d7:16:68:af:15:0f:d4:2b:
         96:16:9b:10
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQzQ0IxMTAvBgNVBAUTKEVERDJBNjk2ODY4NjUyNTZDOUIwRkRERDZCNzE0OTY2
RDUzNzhGMzMwHhcNMjMwODI5MDA1MTM4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkNDExYS1lNmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6hj/uor+YZXNvBCAOmI0iazw0Q3qoKLacNHWGuDBV9YlZc8RdBd+wGIhnr14
hjxCvxm8x9Rv8PCf9MW+D2rg6wbnMcKC4D6zXg+A9wvf0eAAGHOyCykAWBoM5Rhb
HP+Z/NFgKXPyEnYtMKYCZXYKPAQT9X9nGkPY014nKrWMZ0ya0EHuLGT4i6Q7Kfpt
bqoTZJGkpgQBufrOjvwoI580FHGHkqu5PjRk7JCZvGNGGrWQDWCy7XsfDh4zR2GY
2dSdBJ0pqyVbREGxSON7vtmNFW0omKw0l+UKB2yCEAhwjgE+Fdjn6uNvpdH7dueu
MmMoP9zROJF2w3FZmiHVFPazawIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHqz0F7e
FAIOfhSSiUGCcO6gg4OFMB8GA1UdIwQYMBaAFO3SppaGhlJWybD93WtxSWbVN48z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDNDQi9BOUE0MzlGQzY5
QjIxMUVBOTc3OURENDhDNEY5QUUwMi83ZEttbG9hR1VsYkpzUDNkYTNGSlp0VTNq
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdkS21sb2FHVWxiSnNQM2RhM0ZKWnRVM2p6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQzQ0IvQTlBNDM5RkM2OUIyMTFFQTk3NzlERDQ4QzRGOUFFMDIvREQwNTdFMzBD
MzJGMTFFRDgyNjU1QzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUxQDBAJ7bFwwDQYJKoZIhvcNAQELBQADggEBAMdVRau+
kJqSoibs+IsQ30ZeLxPwo1nWuB0XFeRryskDCZeVEW8kxmuEPU3GqE6sWOcshpT0
1XgEOiPpQtEpO88k+gFCnPf77ypO7aURKXvULjIuH0p+vnaA8dEXQyE3AjUcGVHR
71ewU7lYKteKe2a7pvvRhZbeL9Xjc9B8dvHg4zgJiHaH7jpdFk7tqm/GbQ1sTM5X
0VzAaJaRRwwSZgeO/YL6E3ev6brT5+cb9f/8zGk81+YS7bn1le/VhfXnX6dESNjH
bbjipGgj7Dlls9Kkibq1uYrXrSWeKVbJR5ut6ekRmSYSSxd+sAQ8KO6l+lUS6oHX
FmivFQ/UK5YWmxA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:52 2024 by rpki-client on console-ams.rpki-client.org