Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/51A91DB8772E11EC8826B36DC4F9AE02.roa
File:                     51A91DB8772E11EC8826B36DC4F9AE02.roa (raw, json)
Hash identifier:          a0O/c+HSDQ1cjoRo+PXbrvFo+WhI3qaYoUNBTtv0gkI=
Subject key identifier:   2C:C7:16:95:C2:5E:84:EC:2F:45:98:E3:7E:4F:0F:B6:04:92:C2:78
Certificate issuer:       /CN=A913C0C6/serialNumber=00334B8F218FA525339886C8FBC94093C88ED57B
Certificate serial:       010F
Authority key identifier: 00:33:4B:8F:21:8F:A5:25:33:98:86:C8:FB:C9:40:93:C8:8E:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/51A91DB8772E11EC8826B36DC4F9AE02.roa
Signing time:             Thu 10 Feb 2022 03:52:46 +0000
ROA not before:           Thu 10 Feb 2022 03:52:46 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     138521
IP address blocks:        103.127.162.0/23 maxlen: 24
                          2404:2440::/32 maxlen: 32
                          2404:2440:a0a0::/48 maxlen: 48
                          2404:2440:abcd::/48 maxlen: 48
                          2404:2440:b0b0::/48 maxlen: 48
                          2404:2440:beef::/48 maxlen: 48
                          2404:2440:c0c0::/48 maxlen: 48
                          2404:2440:cafe::/48 maxlen: 48
                          2404:2440:d0d0::/48 maxlen: 48
                          2404:2440:dada::/48 maxlen: 48
                          2404:2440:e0e0::/48 maxlen: 48
                          2404:2440:eeee::/48 maxlen: 48
                          2404:2440:f0f0::/48 maxlen: 48
                          2404:2440:face::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 271 (0x10f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C0C6/serialNumber=00334B8F218FA525339886C8FBC94093C88ED57B
        Validity
            Not Before: Feb 10 03:52:46 2022 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=62048c0e-4e07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0d:3b:c4:25:21:e3:7b:82:28:45:d9:72:c8:
                    ad:43:72:ce:4f:92:68:0f:ae:22:a8:4e:17:81:79:
                    2d:92:86:58:45:e2:8f:41:c8:20:aa:6f:85:fc:55:
                    b9:e5:00:3c:a4:c6:ff:61:31:2d:3a:49:fd:23:d4:
                    52:4c:e8:d7:5c:7e:8a:6c:6c:d3:4e:ca:11:10:24:
                    e4:df:cb:a4:12:68:b6:40:f5:3f:a2:b8:57:8a:b5:
                    bb:e8:77:20:a7:bc:34:4d:74:da:45:1c:a7:c7:5f:
                    64:27:ef:0e:63:58:0c:f2:3e:c2:85:36:bb:df:ed:
                    90:82:f6:73:40:00:7a:a4:c5:3e:d2:ba:f7:c1:6a:
                    56:1c:94:35:19:42:5c:89:6a:12:98:57:22:70:a5:
                    d7:04:4c:71:b8:0d:81:37:31:52:9b:07:66:8e:77:
                    cb:39:6d:7a:18:62:c4:f2:7c:a1:f6:f9:93:db:55:
                    b2:79:3b:97:8b:1e:60:e3:c8:5f:16:8a:a9:2b:bc:
                    b5:3f:e2:83:16:58:f3:87:db:73:a9:c7:5b:a9:1e:
                    23:a6:ae:7d:9a:d3:1a:4f:60:26:50:01:9d:0c:f2:
                    d6:e5:7d:02:6f:fb:d9:7e:34:33:f8:3d:f4:0b:f8:
                    aa:6a:f2:10:73:e1:2f:73:10:8d:01:07:13:53:73:
                    51:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:C7:16:95:C2:5E:84:EC:2F:45:98:E3:7E:4F:0F:B6:04:92:C2:78
            X509v3 Authority Key Identifier:
                keyid:00:33:4B:8F:21:8F:A5:25:33:98:86:C8:FB:C9:40:93:C8:8E:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ADNLjyGPpSUzmIbI-8lAk8iO1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C0C6/183F84AE234B11ECB8A2DE7EC4F9AE02/51A91DB8772E11EC8826B36DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.162.0/23
                IPv6:
                  2404:2440::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:13:6d:33:88:03:1b:48:83:c4:ec:e7:01:fa:ee:ae:95:46:
         20:38:45:8a:22:7b:ce:22:78:c8:a7:54:0c:53:a1:6f:8c:d3:
         c8:09:a5:4c:2f:bc:65:5c:ac:a8:6a:33:88:0d:a8:50:4a:68:
         51:20:d9:4b:72:e3:0c:23:ca:03:28:6a:22:46:65:d2:c9:7d:
         d3:90:2a:1c:b0:71:62:78:64:bc:6a:ea:d5:28:57:0a:33:d8:
         e4:7a:c2:e4:be:f6:df:de:30:b5:a0:76:95:5e:ed:da:85:73:
         eb:da:31:7b:19:6e:f2:a3:70:75:cb:d6:eb:9b:1b:df:e1:ba:
         6e:94:a0:15:5a:c8:55:1c:dd:a1:ff:f0:d4:c3:17:88:ff:b1:
         a3:6b:05:1c:63:52:14:39:db:5d:fd:f5:fb:19:01:c3:c8:55:
         06:e8:4e:14:52:52:be:42:ef:89:4d:63:e2:3b:3a:38:9b:47:
         08:9b:40:b0:39:b0:b2:bd:81:eb:59:04:85:fc:94:bb:c6:a0:
         1b:97:c7:3e:65:87:7d:87:bd:4a:ea:1b:d1:20:07:fb:bb:d8:
         04:aa:a7:fe:dc:d3:77:51:76:0a:10:62:34:3f:a0:97:b4:a9:
         21:26:f2:ee:1d:92:a7:01:f2:77:98:04:ee:72:fc:c7:3e:97:
         c5:dd:95:83
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwQzYxMTAvBgNVBAUTKDAwMzM0QjhGMjE4RkE1MjUzMzk4ODZDOEZCQzk0MDkz
Qzg4RUQ1N0IwHhcNMjIwMjEwMDM1MjQ2WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA0OGMwZS00ZTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4A07xCUh43uCKEXZcsitQ3LOT5JoD64iqE4XgXktkoZYReKPQcggqm+F/FW5
5QA8pMb/YTEtOkn9I9RSTOjXXH6KbGzTTsoRECTk38ukEmi2QPU/orhXirW76Hcg
p7w0TXTaRRynx19kJ+8OY1gM8j7ChTa73+2QgvZzQAB6pMU+0rr3wWpWHJQ1GUJc
iWoSmFcicKXXBExxuA2BNzFSmwdmjnfLOW16GGLE8nyh9vmT21WyeTuXix5g48hf
FoqpK7y1P+KDFljzh9tzqcdbqR4jpq59mtMaT2AmUAGdDPLW5X0Cb/vZfjQz+D30
C/iqavIQc+EvcxCNAQcTU3NR+wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCzHFpXC
XoTsL0WY435PD7YEksJ4MB8GA1UdIwQYMBaAFAAzS48hj6UlM5iGyPvJQJPIjtV7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzBDNi8xODNGODRBRTIz
NEIxMUVDQjhBMkRFN0VDNEY5QUUwMi9BRE5ManlHUHBTVXptSWJJLThsQWs4aU8x
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FETkxqeUdQcFNVem1JYkktOGxBazhpTzFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwQzYvMTgzRjg0QUUyMzRCMTFFQ0I4QTJERTdFQzRGOUFFMDIvNTFBOTFEQjg3
NzJFMTFFQzg4MjZCMzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnf6IwDQQCAAIwBwMFACQEJEAwDQYJKoZIhvcNAQELBQAD
ggEBAEQTbTOIAxtIg8Ts5wH67q6VRiA4RYoie84ieMinVAxToW+M08gJpUwvvGVc
rKhqM4gNqFBKaFEg2Uty4wwjygMoaiJGZdLJfdOQKhywcWJ4ZLxq6tUoVwoz2OR6
wuS+9t/eMLWgdpVe7dqFc+vaMXsZbvKjcHXL1uubG9/hum6UoBVayFUc3aH/8NTD
F4j/saNrBRxjUhQ521399fsZAcPIVQboThRSUr5C74lNY+I7OjibRwibQLA5sLK9
getZBIX8lLvGoBuXxz5lh32HvUrqG9EgB/u72ASqp/7c03dRdgoQYjQ/oJe0qSEm
8u4dkqcB8neYBO5y/Mc+l8XdlYM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org