Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/7AAE3A9E141811EE91828921C4F9AE02.roa
File:                     7AAE3A9E141811EE91828921C4F9AE02.roa (raw, json)
Hash identifier:          VP5lFKu3mzsHn5Lp4ZsZUbPzGhrju6zTf5D5J/zcnCc=
Subject key identifier:   F4:42:C9:B7:D9:C3:65:8B:2F:C6:CD:10:3C:FC:27:E6:B7:1D:68:25
Certificate issuer:       /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial:       084A
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/7AAE3A9E141811EE91828921C4F9AE02.roa
Signing time:             Mon 26 Jun 2023 11:56:27 +0000
ROA not before:           Mon 26 Jun 2023 11:56:27 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     141432
IP address blocks:        103.82.252.0/24 maxlen: 24
                          103.82.253.0/24 maxlen: 24
                          103.82.254.0/24 maxlen: 24
                          103.82.255.0/24 maxlen: 24
                          125.62.88.0/24 maxlen: 24
                          125.62.89.0/24 maxlen: 24
                          125.62.90.0/24 maxlen: 24
                          125.62.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2122 (0x84a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
        Validity
            Not Before: Jun 26 11:56:27 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=64997cea-db30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:79:99:2f:f5:88:d9:57:b5:c6:07:e3:60:be:
                    40:8f:4e:4a:7a:0c:b8:32:52:47:29:f2:69:de:b5:
                    41:d6:ed:8c:77:67:ce:08:80:69:ab:9e:8b:69:03:
                    52:85:a2:24:67:8f:0a:87:f8:ef:e2:58:cf:50:36:
                    9b:dd:f6:7b:3a:d6:50:90:7a:1a:85:f7:75:a3:3d:
                    29:3f:5c:bf:55:be:d9:9b:08:18:9a:67:c0:12:5e:
                    cf:1a:7a:aa:fc:7f:f6:13:09:5a:65:28:68:7d:19:
                    ac:85:99:ac:82:65:aa:ae:68:4e:5e:c0:49:5b:05:
                    19:18:db:78:06:61:46:25:b6:d5:a9:09:b5:45:65:
                    3e:b3:d3:73:51:79:2c:cf:de:b4:f5:36:5c:0a:9b:
                    c6:ee:a3:1b:99:f3:ca:ef:3e:5b:bb:89:68:29:2a:
                    d3:02:14:16:f9:97:1f:9f:b6:04:db:36:f3:9e:73:
                    77:53:9b:c0:68:8f:f5:6d:59:11:ac:98:45:a1:08:
                    75:a3:71:58:2c:4e:b2:5b:73:e3:c4:2a:33:58:d7:
                    3d:88:5a:bb:12:b3:94:72:ff:de:df:d5:08:2d:f9:
                    fa:a6:66:32:5e:5f:c9:cf:66:bc:8d:1d:50:cb:07:
                    4d:c3:fb:ac:54:b8:be:5a:b2:0c:c8:30:c4:21:48:
                    ba:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:42:C9:B7:D9:C3:65:8B:2F:C6:CD:10:3C:FC:27:E6:B7:1D:68:25
            X509v3 Authority Key Identifier:
                keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/7AAE3A9E141811EE91828921C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.82.252.0/22
                  125.62.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:55:20:87:d6:e2:0a:f0:31:78:bf:16:92:ff:5a:09:ba:4d:
         45:98:ed:65:ec:a3:17:1d:6a:fe:0d:15:80:20:8f:13:50:cb:
         73:bb:2e:76:a6:09:c2:97:84:d2:b4:83:44:3a:50:9a:2e:95:
         09:d8:a8:f3:b1:d5:e2:cd:aa:07:b7:cc:ce:e0:ad:0f:49:69:
         fc:e6:ae:8c:3a:2b:1b:25:ed:f4:ce:e4:ad:17:65:e9:f9:d2:
         ca:71:db:96:92:9b:83:8d:ea:c0:6f:6e:c1:bc:02:e7:1e:2f:
         51:48:3c:ee:d5:4a:ab:0e:94:a9:b8:08:85:0d:c9:38:a4:a0:
         40:22:1d:cc:83:84:1d:a6:93:e3:c0:80:48:24:00:2e:8b:ee:
         27:0d:50:dd:0c:49:af:3c:3f:41:4a:24:57:ee:e7:ed:1c:a9:
         7c:1a:46:88:64:22:12:3e:ce:38:83:8e:e5:e2:a4:95:f9:eb:
         45:f8:c6:80:c5:69:01:d7:d6:ba:0f:d1:04:0f:2e:a5:74:14:
         a3:e1:2f:83:ed:44:f9:91:b9:d4:0b:a6:5d:b5:cc:35:af:15:
         d9:5a:5c:ee:79:5a:b2:b8:20:b5:da:c8:c9:90:fe:fb:30:42:
         c8:4e:42:42:f3:0a:d2:f3:49:70:7e:6b:70:8d:59:c9:ce:71:
         5c:bc:ee:ab
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCEowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjMwNjI2MTE1NjI3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk5N2NlYS1kYjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2XmZL/WI2Ve1xgfjYL5Aj05Kegy4MlJHKfJp3rVB1u2Md2fOCIBpq56LaQNS
haIkZ48Kh/jv4ljPUDab3fZ7OtZQkHoahfd1oz0pP1y/Vb7ZmwgYmmfAEl7PGnqq
/H/2EwlaZShofRmshZmsgmWqrmhOXsBJWwUZGNt4BmFGJbbVqQm1RWU+s9NzUXks
z9609TZcCpvG7qMbmfPK7z5bu4loKSrTAhQW+Zcfn7YE2zbznnN3U5vAaI/1bVkR
rJhFoQh1o3FYLE6yW3PjxCozWNc9iFq7ErOUcv/e39UILfn6pmYyXl/Jz2a8jR1Q
ywdNw/usVLi+WrIMyDDEIUi6qQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPRCybfZ
w2WLL8bNEDz8J+a3HWglMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvN0FBRTNBOUUx
NDE4MTFFRTkxODI4OTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUvwDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBACZVIIfW
4grwMXi/FpL/Wgm6TUWY7WXsoxcdav4NFYAgjxNQy3O7LnamCcKXhNK0g0Q6UJou
lQnYqPOx1eLNqge3zM7grQ9Jafzmrow6Kxsl7fTO5K0XZen50spx25aSm4ON6sBv
bsG8AuceL1FIPO7VSqsOlKm4CIUNyTikoEAiHcyDhB2mk+PAgEgkAC6L7icNUN0M
Sa88P0FKJFfu5+0cqXwaRohkIhI+zjiDjuXipJX560X4xoDFaQHX1roP0QQPLqV0
FKPhL4PtRPmRudQLpl21zDWvFdlaXO55WrK4ILXayMmQ/vswQshOQkLzCtLzSXB+
a3CNWcnOcVy87qs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org