Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/EC5F93549C9011E8B2EB223DC4F9AE02.roa
File:                     EC5F93549C9011E8B2EB223DC4F9AE02.roa (raw, json)
Hash identifier:          DPis6JNHlhQvtNl/0CP3tT43x6Z6XScUAifFKLH547U=
Subject key identifier:   29:11:76:3C:15:06:90:F0:CB:70:C3:27:94:99:3E:E0:97:96:D8:90
Certificate issuer:       /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial:       1415
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/EC5F93549C9011E8B2EB223DC4F9AE02.roa
Signing time:             Mon 07 Feb 2022 17:43:37 +0000
ROA not before:           Mon 07 Feb 2022 17:43:37 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     17911
IP address blocks:        103.224.12.0/24 maxlen: 24
                          103.224.13.0/24 maxlen: 24
                          103.224.14.0/24 maxlen: 24
                          103.224.15.0/24 maxlen: 24
                          122.129.64.0/24 maxlen: 24
                          122.129.65.0/24 maxlen: 24
                          122.129.66.0/24 maxlen: 24
                          122.129.67.0/24 maxlen: 24
                          122.129.68.0/24 maxlen: 24
                          122.129.69.0/24 maxlen: 24
                          122.129.70.0/24 maxlen: 24
                          122.129.71.0/24 maxlen: 24
                          122.129.72.0/24 maxlen: 24
                          122.129.73.0/24 maxlen: 24
                          122.129.74.0/24 maxlen: 24
                          122.129.75.0/24 maxlen: 24
                          122.129.76.0/24 maxlen: 24
                          122.129.77.0/24 maxlen: 24
                          122.129.78.0/24 maxlen: 24
                          122.129.79.0/24 maxlen: 24
                          122.129.80.0/24 maxlen: 24
                          122.129.81.0/24 maxlen: 24
                          122.129.82.0/24 maxlen: 24
                          122.129.83.0/24 maxlen: 24
                          122.129.84.0/24 maxlen: 24
                          122.129.85.0/24 maxlen: 24
                          122.129.86.0/24 maxlen: 24
                          122.129.87.0/24 maxlen: 24
                          122.129.88.0/24 maxlen: 24
                          122.129.89.0/24 maxlen: 24
                          122.129.90.0/24 maxlen: 24
                          122.129.91.0/24 maxlen: 24
                          122.129.92.0/24 maxlen: 24
                          122.129.93.0/24 maxlen: 24
                          122.129.94.0/24 maxlen: 24
                          122.129.95.0/24 maxlen: 24
                          203.128.0.0/24 maxlen: 24
                          203.128.1.0/24 maxlen: 24
                          203.128.2.0/24 maxlen: 24
                          203.128.3.0/24 maxlen: 24
                          203.128.4.0/24 maxlen: 24
                          203.128.5.0/24 maxlen: 24
                          203.128.6.0/24 maxlen: 24
                          203.128.7.0/24 maxlen: 24
                          203.128.8.0/24 maxlen: 24
                          203.128.9.0/24 maxlen: 24
                          203.128.10.0/24 maxlen: 24
                          203.128.11.0/24 maxlen: 24
                          203.128.12.0/24 maxlen: 24
                          203.128.13.0/24 maxlen: 24
                          203.128.14.0/24 maxlen: 24
                          203.128.15.0/24 maxlen: 24
                          203.128.16.0/24 maxlen: 24
                          203.128.17.0/24 maxlen: 24
                          203.128.18.0/24 maxlen: 24
                          203.128.19.0/24 maxlen: 24
                          203.128.20.0/24 maxlen: 24
                          203.128.21.0/24 maxlen: 24
                          203.128.22.0/24 maxlen: 24
                          203.128.23.0/24 maxlen: 24
                          203.128.24.0/24 maxlen: 24
                          203.128.25.0/24 maxlen: 24
                          203.128.26.0/24 maxlen: 24
                          203.128.27.0/24 maxlen: 24
                          203.128.28.0/24 maxlen: 24
                          203.128.29.0/24 maxlen: 24
                          203.128.30.0/24 maxlen: 24
                          203.128.31.0/24 maxlen: 24
                          2400:4f00::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5141 (0x1415)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
        Validity
            Not Before: Feb  7 17:43:37 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=62015a48-99dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a7:7e:4a:fb:ed:38:07:af:a8:28:4c:90:a7:
                    08:9c:f7:c0:b3:bb:c5:31:76:29:96:9e:47:b9:cb:
                    3c:34:c0:d3:47:f4:1f:fd:14:09:03:06:64:ad:4b:
                    66:a7:ed:0b:42:12:c7:aa:0f:74:0c:62:6b:1a:76:
                    25:e4:16:d4:11:df:09:a9:47:ad:b8:12:06:d9:85:
                    bd:4a:8d:d2:2f:02:23:83:77:f4:d8:53:86:2d:ba:
                    6b:c1:94:b0:19:1f:84:c1:f5:b5:a3:b3:9c:15:5b:
                    ed:2a:f8:d8:5e:1c:c9:f9:59:bc:30:e7:07:e8:40:
                    ff:17:b2:ad:35:a6:9a:31:f4:0f:15:96:ce:53:05:
                    72:7d:53:39:46:95:54:19:08:f6:05:60:d3:a0:dc:
                    77:ee:e9:f5:c2:a7:c5:4c:0f:c9:c7:aa:2e:7a:e2:
                    d5:f9:ca:8a:9d:77:96:16:4c:03:8d:9d:46:8c:ee:
                    0c:a1:a7:c4:93:f4:c1:96:a0:a6:ec:4a:74:79:3f:
                    16:5a:ee:1a:e9:67:d3:78:0f:b8:11:f0:15:ae:d4:
                    0c:03:0c:77:3a:02:25:b9:98:30:52:d2:11:91:b8:
                    3c:2e:ce:1e:8a:52:08:65:6a:da:31:b3:a6:cb:e6:
                    47:90:65:bd:63:3a:20:a7:6b:87:c1:de:f3:93:28:
                    cf:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:11:76:3C:15:06:90:F0:CB:70:C3:27:94:99:3E:E0:97:96:D8:90
            X509v3 Authority Key Identifier:
                keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/EC5F93549C9011E8B2EB223DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.224.12.0/22
                  122.129.64.0/19
                  203.128.0.0/19
                IPv6:
                  2400:4f00::/36

    Signature Algorithm: sha256WithRSAEncryption
         81:40:ca:93:b2:56:6f:ae:ac:c5:30:19:35:b2:84:0f:5b:05:
         ce:2c:83:94:07:93:1b:7a:78:e8:38:08:76:29:04:cc:4a:2d:
         e3:b5:47:5d:85:2e:2a:da:f3:ca:51:8f:ec:69:54:74:2a:de:
         6a:b1:3f:9e:b2:f4:a4:05:ae:8d:e9:e4:44:7d:73:19:6c:8f:
         4c:4b:14:ee:e9:e0:a9:f4:85:30:38:44:4b:10:ac:82:a7:5e:
         f8:b6:c0:e7:03:6c:c7:7e:9d:7a:e4:b1:4e:0f:0c:1c:cc:1b:
         9c:30:2a:f6:a4:a5:48:c0:e4:22:c4:37:48:f3:0a:56:2b:3b:
         3b:09:57:34:a9:ca:ea:58:b3:83:dc:b3:e6:e5:f5:d4:71:99:
         10:de:9b:58:52:c0:58:1a:a7:ab:08:6b:9f:16:df:39:b4:70:
         56:53:86:25:b6:51:82:72:0a:25:65:d8:9b:d9:dd:99:64:58:
         67:81:8c:9d:22:4d:64:09:70:4a:08:a1:c7:06:31:05:c5:d3:
         c4:0f:28:b9:3d:94:85:7b:16:02:65:42:7c:01:2b:83:e5:97:
         1a:b9:88:99:e0:3f:40:ff:a5:da:89:6c:0e:47:92:7b:11:d8:
         b8:8c:31:45:e9:ce:16:b2:af:08:30:2f:c3:53:b7:e9:21:7b:
         1d:19:7c:d0
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICFBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjIwMjA3MTc0MzM3WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAxNWE0OC05OWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ad+SvvtOAevqChMkKcInPfAs7vFMXYplp5Hucs8NMDTR/Qf/RQJAwZkrUtm
p+0LQhLHqg90DGJrGnYl5BbUEd8JqUetuBIG2YW9So3SLwIjg3f02FOGLbprwZSw
GR+EwfW1o7OcFVvtKvjYXhzJ+Vm8MOcH6ED/F7KtNaaaMfQPFZbOUwVyfVM5RpVU
GQj2BWDToNx37un1wqfFTA/Jx6oueuLV+cqKnXeWFkwDjZ1GjO4MoafEk/TBlqCm
7Ep0eT8WWu4a6WfTeA+4EfAVrtQMAwx3OgIluZgwUtIRkbg8Ls4eilIIZWraMbOm
y+ZHkGW9Yzogp2uHwd7zkyjPowIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCkRdjwV
BpDwy3DDJ5SZPuCXltiQMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvRUM1RjkzNTQ5
QzkwMTFFOEIyRUIyMjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBgEAgABMBIDBAJn4AwDBAV6gUADBAXLgAAwDgQCAAIwCAMGBCQATwAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBQMqTslZvrqzFMBk1soQPWwXOLIOUB5MbenjoOAh2
KQTMSi3jtUddhS4q2vPKUY/saVR0Kt5qsT+esvSkBa6N6eREfXMZbI9MSxTu6eCp
9IUwOERLEKyCp174tsDnA2zHfp165LFODwwczBucMCr2pKVIwOQixDdI8wpWKzs7
CVc0qcrqWLOD3LPm5fXUcZkQ3ptYUsBYGqerCGufFt85tHBWU4YltlGCcgolZdib
2d2ZZFhngYydIk1kCXBKCKHHBjEFxdPEDyi5PZSFexYCZUJ8ASuD5ZcauYiZ4D9A
/6XaiWwOR5J7Edi4jDFF6c4Wsq8IMC/DU7fpIXsdGXzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org