Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/36A92432FEBD11ED8613F75FC4F9AE02.roa
File:                     36A92432FEBD11ED8613F75FC4F9AE02.roa (raw, json)
Hash identifier:          3dQxF5zU9Y0q0QAzOEWiPf6q3C1l34R3h2KMDMJFDYk=
Subject key identifier:   6C:2B:3B:7E:E9:23:44:96:9E:8E:98:54:88:6F:3F:0A:BF:54:EC:31
Certificate issuer:       /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial:       3462
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/36A92432FEBD11ED8613F75FC4F9AE02.roa
Signing time:             Tue 30 May 2023 08:10:13 +0000
ROA not before:           Tue 30 May 2023 08:10:13 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     38701
IP address blocks:        14.206.0.0/16 maxlen: 24
                          101.250.0.0/16 maxlen: 24
                          103.246.236.0/22 maxlen: 22
                          110.165.64.0/18 maxlen: 18
                          112.213.0.0/19 maxlen: 19
                          114.141.224.0/19 maxlen: 19
                          122.49.112.0/20 maxlen: 24
                          182.163.128.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13410 (0x3462)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
        Validity
            Not Before: May 30 08:10:13 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6475af65-22c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0d:96:48:17:16:fb:70:f5:cc:ed:3b:87:c2:
                    95:3d:32:d8:fa:1b:6c:b1:d0:32:8b:c1:d8:37:72:
                    96:a4:1f:28:e1:af:00:8f:7a:aa:6d:b0:f7:0c:e0:
                    cb:59:b2:41:87:c4:34:a2:05:df:c3:42:8c:9d:ff:
                    78:96:e6:f4:72:a6:bc:4d:62:7f:dc:89:35:65:24:
                    f8:a0:f1:bc:51:b5:21:58:4a:71:ef:45:e9:a2:3e:
                    6d:68:07:46:4b:24:8a:52:e9:c7:e1:6e:9d:12:d6:
                    35:cf:e5:ed:f2:cd:9e:8d:a7:b6:79:2f:8b:69:ec:
                    35:b8:5b:c4:2b:56:90:17:ed:1c:ed:f9:05:83:7b:
                    2d:97:9a:25:2f:b3:53:a8:71:10:23:a8:92:c9:bf:
                    7e:e0:b0:9e:31:50:a0:5c:fa:86:6d:73:a3:f1:1e:
                    25:7d:d6:fe:ca:56:24:f2:57:89:d9:c6:2e:05:62:
                    d8:ca:02:c5:e8:d2:6c:2b:37:1b:11:dd:8e:8f:bf:
                    e4:42:d4:15:b4:cc:c9:ac:da:e4:1e:96:18:0f:d4:
                    ab:5a:11:5a:58:8d:49:51:e2:33:3c:3c:52:74:f8:
                    53:06:ee:bd:82:a2:49:7b:1f:b0:7d:d5:a8:1d:73:
                    f3:36:d3:45:fb:3e:30:ca:c5:dc:8c:43:42:16:87:
                    95:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:2B:3B:7E:E9:23:44:96:9E:8E:98:54:88:6F:3F:0A:BF:54:EC:31
            X509v3 Authority Key Identifier:
                keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/36A92432FEBD11ED8613F75FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.206.0.0/16
                  101.250.0.0/16
                  103.246.236.0/22
                  110.165.64.0/18
                  112.213.0.0/19
                  114.141.224.0/19
                  122.49.112.0/20
                  182.163.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         da:3b:cc:f5:83:40:38:42:11:90:07:e8:ac:40:79:2b:39:89:
         ab:5e:07:af:28:76:2d:ce:ba:64:76:36:4d:35:95:26:4e:bf:
         6e:aa:49:18:59:51:9e:81:ef:f0:40:29:c1:91:ea:47:ea:78:
         7f:d4:b1:e4:de:bf:a1:db:9f:1f:cf:88:da:92:99:5b:cd:ab:
         57:8e:92:63:9c:2b:c7:59:1a:7b:a0:de:df:8a:b6:40:be:3a:
         e1:34:5d:73:bd:77:cc:f7:ec:d4:14:28:d6:63:2c:0e:9f:09:
         a8:5e:c7:59:15:fc:58:15:04:8c:38:8a:85:41:31:8c:6e:8b:
         0a:7d:7b:f9:89:e4:fe:98:02:97:65:d9:25:1d:b2:5b:ae:5d:
         3c:ac:82:4b:87:b1:1f:5c:0b:bc:81:94:3c:8b:59:f0:1b:57:
         c7:88:c4:36:24:93:90:a1:da:e0:23:92:61:55:21:28:00:75:
         ac:3b:3c:73:28:c7:29:69:0f:92:ef:6d:cf:71:14:ba:57:f9:
         ef:fe:96:fd:ba:1b:99:71:38:95:a7:45:1b:02:0e:1c:91:6c:
         5c:43:0a:72:fd:56:23:3a:e2:0b:27:e1:45:4e:a8:d0:c0:9b:
         6f:ac:2d:30:b5:e4:95:aa:60:97:e5:5f:13:59:59:7b:97:f3:
         d9:5c:af:d5
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICNGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjMwNTMwMDgxMDEzWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc1YWY2NS0yMmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxQ2WSBcW+3D1zO07h8KVPTLY+htssdAyi8HYN3KWpB8o4a8Aj3qqbbD3DODL
WbJBh8Q0ogXfw0KMnf94lub0cqa8TWJ/3Ik1ZST4oPG8UbUhWEpx70Xpoj5taAdG
SySKUunH4W6dEtY1z+Xt8s2ejae2eS+Laew1uFvEK1aQF+0c7fkFg3stl5olL7NT
qHEQI6iSyb9+4LCeMVCgXPqGbXOj8R4lfdb+ylYk8leJ2cYuBWLYygLF6NJsKzcb
Ed2Oj7/kQtQVtMzJrNrkHpYYD9SrWhFaWI1JUeIzPDxSdPhTBu69gqJJex+wfdWo
HXPzNtNF+z4wysXcjENCFoeVwwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFGwrO37p
I0SWno6YVIhvPwq/VOwxMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMzZBOTI0MzJG
RUJEMTFFRDg2MTNGNzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DAwAOzgMDAGX6AwQCZ/bsAwQGbqVAAwQFcNUAAwQFco3gAwQE
ejFwAwQHtqOAMA0GCSqGSIb3DQEBCwUAA4IBAQDaO8z1g0A4QhGQB+isQHkrOYmr
XgevKHYtzrpkdjZNNZUmTr9uqkkYWVGege/wQCnBkepH6nh/1LHk3r+h258fz4ja
kplbzatXjpJjnCvHWRp7oN7firZAvjrhNF1zvXfM9+zUFCjWYywOnwmoXsdZFfxY
FQSMOIqFQTGMbosKfXv5ieT+mAKXZdklHbJbrl08rIJLh7EfXAu8gZQ8i1nwG1fH
iMQ2JJOQodrgI5JhVSEoAHWsOzxzKMcpaQ+S723PcRS6V/nv/pb9uhuZcTiVp0Ub
Ag4ckWxcQwpy/VYjOuILJ+FFTqjQwJtvrC0wteSVqmCX5V8TWVl7l/PZXK/V
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org