Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/2EE6EDB4E15F11EC832D745AC4F9AE02.roa
File:                     2EE6EDB4E15F11EC832D745AC4F9AE02.roa (raw, json)
Hash identifier:          uvnvRzNmBYaAMw3ouJ9Iy0PWkt8WT5aiB34yJE88Y9E=
Subject key identifier:   3C:FA:A5:BD:49:DF:D2:7C:EE:47:0C:22:5B:7A:70:4C:D7:CB:C2:E2
Certificate issuer:       /CN=A913C0C6/serialNumber=00334B8F218FA525339886C8FBC94093C88ED57B
Certificate serial:       01F3
Authority key identifier: 00:33:4B:8F:21:8F:A5:25:33:98:86:C8:FB:C9:40:93:C8:8E:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/2EE6EDB4E15F11EC832D745AC4F9AE02.roa
Signing time:             Wed 01 Jun 2022 03:59:07 +0000
ROA not before:           Wed 01 Jun 2022 03:59:07 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     138521
IP address blocks:        103.127.162.0/23 maxlen: 24
                          2404:2440::/32 maxlen: 32
                          2404:2440:a0a0::/48 maxlen: 48
                          2404:2440:abcd::/48 maxlen: 48
                          2404:2440:b0b0::/48 maxlen: 48
                          2404:2440:beef::/48 maxlen: 48
                          2404:2440:c0c0::/48 maxlen: 48
                          2404:2440:cafe::/48 maxlen: 48
                          2404:2440:d0d0::/48 maxlen: 48
                          2404:2440:dada::/48 maxlen: 48
                          2404:2440:e0e0::/48 maxlen: 48
                          2404:2440:eeee::/48 maxlen: 48
                          2404:2440:f0f0::/48 maxlen: 48
                          2404:2440:face::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 499 (0x1f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C0C6/serialNumber=00334B8F218FA525339886C8FBC94093C88ED57B
        Validity
            Not Before: Jun  1 03:59:07 2022 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=6296e40b-9128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3f:73:1b:28:ad:e4:6f:6e:4f:4f:e3:c8:2b:
                    0f:d8:68:26:01:62:3c:73:58:dc:04:19:07:f9:bf:
                    02:56:3d:60:ce:50:8c:48:5e:97:06:09:49:52:b4:
                    f9:bf:a3:05:3e:b3:90:88:a7:8c:fd:26:63:27:71:
                    59:f3:30:b9:a3:73:6b:e1:fd:e6:b8:75:76:a6:99:
                    06:23:12:4f:7a:ef:60:1f:a5:ee:1b:ea:46:29:21:
                    a8:4e:51:a3:2b:78:55:b6:8d:cd:70:fb:fb:85:a5:
                    9c:51:59:a5:fb:08:3c:6e:f6:35:52:79:b5:d6:48:
                    1d:0f:e9:34:52:77:a3:e2:40:df:1a:08:87:72:f4:
                    1b:8a:89:5c:ad:b0:90:27:f7:d9:46:66:bd:fa:d7:
                    3c:48:d8:c6:c7:83:a6:58:24:53:d9:a1:6d:f9:90:
                    1d:48:bb:01:eb:27:e5:25:df:de:76:50:03:8d:d1:
                    9a:5d:bd:f6:33:ae:a2:4a:99:5b:28:51:1d:a9:ea:
                    f0:ed:3d:be:40:00:93:37:88:d0:3a:a2:67:4b:2b:
                    16:b0:17:de:bc:8f:7e:54:ee:a5:4b:cf:d5:15:35:
                    af:26:41:87:a4:d6:c5:e5:bd:09:8d:2a:72:bc:17:
                    70:0c:4d:6a:4f:c1:2e:50:8d:e9:4f:b6:12:15:16:
                    7b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:FA:A5:BD:49:DF:D2:7C:EE:47:0C:22:5B:7A:70:4C:D7:CB:C2:E2
            X509v3 Authority Key Identifier:
                keyid:00:33:4B:8F:21:8F:A5:25:33:98:86:C8:FB:C9:40:93:C8:8E:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/2EE6EDB4E15F11EC832D745AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.162.0/23
                IPv6:
                  2404:2440::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:1b:ed:e0:39:28:9c:2a:54:5e:99:f2:fe:4f:2b:6a:36:31:
         60:4a:f9:7a:ed:a0:62:b6:fd:35:33:e3:12:a5:31:e9:58:3d:
         39:42:f7:eb:98:b7:ca:b7:3a:3f:8f:9b:6a:fb:01:56:5a:9a:
         ad:13:32:75:5a:da:30:a5:f7:fe:cf:43:71:29:63:e3:74:93:
         a9:82:cd:2c:e0:c5:a5:db:07:5f:bb:1c:fe:1b:d0:1f:b2:ba:
         ca:2a:33:34:8f:44:9f:3d:70:4f:30:ac:64:20:d0:af:2e:8e:
         4f:60:d9:66:22:47:ea:03:7f:ce:ce:09:10:8c:b3:7e:cd:c0:
         f4:8a:af:07:49:66:e5:7e:87:f8:54:39:09:5b:cd:f7:7b:d9:
         75:28:72:7d:29:79:47:4b:4b:ad:a8:ed:10:d4:b0:90:2d:ee:
         08:60:82:15:2a:74:37:0b:91:15:c4:f4:64:2b:92:f7:2f:a8:
         11:86:bf:3f:de:dd:39:13:47:29:80:7e:e4:cf:25:89:ea:01:
         3f:ba:8b:65:4f:e5:e9:1e:26:53:b3:af:c8:9e:fb:7f:cc:f1:
         ed:98:90:49:12:4a:f0:fd:3e:12:e1:17:07:54:9a:de:6d:c0:
         44:7b:71:ac:23:e3:27:44:45:c2:37:14:2f:3e:cc:a3:ec:fc:
         27:c6:2f:24
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwQzYxMTAvBgNVBAUTKDAwMzM0QjhGMjE4RkE1MjUzMzk4ODZDOEZCQzk0MDkz
Qzg4RUQ1N0IwHhcNMjIwNjAxMDM1OTA3WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk2ZTQwYi05MTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuT9zGyit5G9uT0/jyCsP2GgmAWI8c1jcBBkH+b8CVj1gzlCMSF6XBglJUrT5
v6MFPrOQiKeM/SZjJ3FZ8zC5o3Nr4f3muHV2ppkGIxJPeu9gH6XuG+pGKSGoTlGj
K3hVto3NcPv7haWcUVml+wg8bvY1Unm11kgdD+k0Unej4kDfGgiHcvQbiolcrbCQ
J/fZRma9+tc8SNjGx4OmWCRT2aFt+ZAdSLsB6yflJd/edlADjdGaXb32M66iSplb
KFEdqerw7T2+QACTN4jQOqJnSysWsBfevI9+VO6lS8/VFTWvJkGHpNbF5b0JjSpy
vBdwDE1qT8EuUI3pT7YSFRZ7LwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDz6pb1J
39J87kcMIlt6cEzXy8LiMB8GA1UdIwQYMBaAFAAzS48hj6UlM5iGyPvJQJPIjtV7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzBDNi8xODNGODRBRTIz
NEIxMUVDQjhBMkRFN0VDNEY5QUUwMi9BRE5ManlHUHBTVXptSWJJLThsQWs4aU8x
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FETkxqeUdQcFNVem1JYkktOGxBazhpTzFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwQzYvMTgzRjg0QUUyMzRCMTFFQ0I4QTJERTdFQzRGOUFFMDIvMkVFNkVEQjRF
MTVGMTFFQzgzMkQ3NDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnf6IwDQQCAAIwBwMFACQEJEAwDQYJKoZIhvcNAQELBQAD
ggEBABkb7eA5KJwqVF6Z8v5PK2o2MWBK+XrtoGK2/TUz4xKlMelYPTlC9+uYt8q3
Oj+Pm2r7AVZamq0TMnVa2jCl9/7PQ3EpY+N0k6mCzSzgxaXbB1+7HP4b0B+yusoq
MzSPRJ89cE8wrGQg0K8ujk9g2WYiR+oDf87OCRCMs37NwPSKrwdJZuV+h/hUOQlb
zfd72XUocn0peUdLS62o7RDUsJAt7ghgghUqdDcLkRXE9GQrkvcvqBGGvz/e3TkT
RymAfuTPJYnqAT+6i2VP5ekeJlOzr8ie+3/M8e2YkEkSSvD9PhLhFwdUmt5twER7
cawj4ydERcI3FC8+zKPs/CfGLyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org