Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/25B787F4F53711EB9B42551EC4F9AE02.roa
File:                     25B787F4F53711EB9B42551EC4F9AE02.roa (raw, json)
Hash identifier:          BJDTMEcUv8OKWkVXdv6d/yg7vjpkiA8y9wIns7+Xl9o=
Subject key identifier:   C4:F3:FA:96:79:3C:FE:17:1C:4B:FE:37:2B:0B:A5:AD:E1:5C:F9:DD
Certificate issuer:       /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial:       05FE
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/25B787F4F53711EB9B42551EC4F9AE02.roa
Signing time:             Wed 02 Mar 2022 10:28:13 +0000
ROA not before:           Wed 02 Mar 2022 10:28:13 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     45814
IP address blocks:        103.82.252.0/24 maxlen: 24
                          103.82.253.0/24 maxlen: 24
                          103.82.254.0/24 maxlen: 24
                          103.82.255.0/24 maxlen: 24
                          125.62.88.0/24 maxlen: 24
                          125.62.89.0/24 maxlen: 24
                          125.62.90.0/24 maxlen: 24
                          125.62.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1534 (0x5fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
        Validity
            Not Before: Mar  2 10:28:13 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=621f46bd-d873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:15:37:49:ff:d8:66:9d:b7:70:41:35:e2:4f:
                    82:42:1c:e0:fd:40:33:e0:c3:c8:c4:38:3a:a3:6a:
                    13:bd:01:57:e6:d2:b8:41:6b:38:ee:17:9e:9d:f5:
                    4a:a5:8d:40:fe:0b:3b:56:0c:dd:ba:7d:f1:78:d6:
                    98:f2:5e:5b:1d:30:67:77:d9:2f:50:48:ea:9f:16:
                    4e:b8:75:fd:03:33:22:cb:16:ef:f5:9a:2a:bf:cf:
                    cb:b5:4c:23:13:97:87:44:b0:06:be:81:a2:c7:06:
                    76:b7:ef:f7:6e:ee:d2:e3:d7:78:a7:d8:0b:c7:e4:
                    d6:85:43:a7:09:ab:a1:42:2b:72:71:85:0f:d1:3c:
                    b1:15:1a:f4:f8:34:25:95:83:7a:f7:e1:62:a1:fd:
                    a0:6d:0c:f9:36:49:21:05:a6:e1:ac:be:f5:44:36:
                    f5:17:7a:26:03:f8:e6:50:09:ac:aa:f1:7a:fb:7b:
                    fd:ff:5c:ac:e8:bf:51:fb:bd:f9:71:c0:a6:16:0f:
                    85:45:fb:ba:92:8f:a6:f2:5e:b1:48:19:bd:8a:c5:
                    7b:ce:37:ac:04:74:c6:aa:84:6f:a8:dd:4c:d4:13:
                    df:f2:69:a0:50:a1:68:54:22:87:12:cd:e6:6c:9a:
                    ee:db:2c:c5:13:42:99:cd:71:2d:71:8e:7d:4e:2a:
                    bb:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:F3:FA:96:79:3C:FE:17:1C:4B:FE:37:2B:0B:A5:AD:E1:5C:F9:DD
            X509v3 Authority Key Identifier:
                keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/25B787F4F53711EB9B42551EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.82.252.0/22
                  125.62.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:47:97:d8:56:d6:56:3a:d7:d1:a6:13:68:7d:3c:e6:30:a6:
         c2:87:ad:73:64:e9:d5:4c:fd:17:ab:80:c9:50:27:70:9d:bb:
         62:4a:cc:da:69:ac:da:53:f9:c9:bc:91:17:35:43:a5:09:cf:
         68:b2:c5:15:2a:4b:f7:c9:d7:ac:84:bc:ef:93:d0:31:92:b8:
         58:32:33:52:55:a4:ff:f4:5f:0b:46:b4:2d:d8:3a:ee:ab:00:
         94:b9:d7:08:d6:ee:c8:3c:cc:f1:98:52:cf:6d:8d:cc:a1:49:
         73:28:17:16:8a:d8:d0:d6:f8:4e:20:f0:f2:8e:a9:da:1a:c3:
         dd:11:ad:81:0b:3c:ca:a7:c0:c2:5e:08:3f:db:05:d8:18:6a:
         d0:2d:c9:da:77:29:3e:16:55:36:cd:7a:4c:d5:b6:ae:04:e5:
         f9:69:ae:cb:0e:1e:2a:de:3e:68:a9:89:c9:3c:f8:82:0e:3e:
         bf:31:0f:f1:c4:b0:6e:56:bd:78:25:89:62:07:08:b8:50:56:
         e1:92:2e:42:34:19:08:69:04:61:44:ba:05:03:14:37:57:40:
         ab:93:67:65:67:73:24:0d:9c:ba:92:e7:bc:b1:67:25:2a:68:
         e4:bf:fd:8a:9d:0e:38:b8:ed:71:62:71:69:54:c3:27:9b:98:
         2c:d1:c0:f9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjIwMzAyMTAyODEzWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFmNDZiZC1kODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3BU3Sf/YZp23cEE14k+CQhzg/UAz4MPIxDg6o2oTvQFX5tK4QWs47heenfVK
pY1A/gs7Vgzdun3xeNaY8l5bHTBnd9kvUEjqnxZOuHX9AzMiyxbv9Zoqv8/LtUwj
E5eHRLAGvoGixwZ2t+/3bu7S49d4p9gLx+TWhUOnCauhQitycYUP0TyxFRr0+DQl
lYN69+Fiof2gbQz5NkkhBabhrL71RDb1F3omA/jmUAmsqvF6+3v9/1ys6L9R+735
ccCmFg+FRfu6ko+m8l6xSBm9isV7zjesBHTGqoRvqN1M1BPf8mmgUKFoVCKHEs3m
bJru2yzFE0KZzXEtcY59Tiq7AQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMTz+pZ5
PP4XHEv+NysLpa3hXPndMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvMjVCNzg3RjRG
NTM3MTFFQjlCNDI1NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUvwDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBACRHl9hW
1lY619GmE2h9POYwpsKHrXNk6dVM/RergMlQJ3Cdu2JKzNpprNpT+cm8kRc1Q6UJ
z2iyxRUqS/fJ16yEvO+T0DGSuFgyM1JVpP/0XwtGtC3YOu6rAJS51wjW7sg8zPGY
Us9tjcyhSXMoFxaK2NDW+E4g8PKOqdoaw90RrYELPMqnwMJeCD/bBdgYatAtydp3
KT4WVTbNekzVtq4E5flprssOHirePmipick8+IIOPr8xD/HEsG5WvXgliWIHCLhQ
VuGSLkI0GQhpBGFEugUDFDdXQKuTZ2VncyQNnLqS57yxZyUqaOS//YqdDji47XFi
cWlUwyebmCzRwPk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org