Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/3C37E4A6294B11EA98E28373C4F9AE02.roa
File:                     3C37E4A6294B11EA98E28373C4F9AE02.roa (raw, json)
Hash identifier:          aJMy5dWmGOcicTVSnt8HI2WwF+y5eZICT0p/LmAUTQY=
Subject key identifier:   E7:6B:6A:41:D1:92:EC:DE:F8:B8:96:6C:FA:0F:60:BA:D7:4B:AB:71
Certificate issuer:       /CN=A91626EF/serialNumber=347AFEB394C5697E9792214EF8CF56A59CA8E8BD
Certificate serial:       0A60
Authority key identifier: 34:7A:FE:B3:94:C5:69:7E:97:92:21:4E:F8:CF:56:A5:9C:A8:E8:BD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHr-s5TFaX6XkiFO-M9WpZyo6L0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/3C37E4A6294B11EA98E28373C4F9AE02.roa
Signing time:             Thu 22 Sep 2022 02:17:14 +0000
ROA not before:           Thu 22 Sep 2022 02:17:14 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     139602
IP address blocks:        103.142.70.0/23 maxlen: 23
                          103.142.70.0/24 maxlen: 24
                          103.142.71.0/24 maxlen: 24
                          2001:df1:3480::/48 maxlen: 52
                          2400:a7a0::/32 maxlen: 32
                          2400:a7a0::/37 maxlen: 37
                          2400:a7a0:800::/37 maxlen: 37
                          2400:a7a0:1000::/37 maxlen: 37
                          2400:a7a0:1800::/37 maxlen: 37
                          2400:a7a0:2000::/37 maxlen: 37
                          2400:a7a0:2800::/37 maxlen: 37
                          2400:a7a0:3000::/37 maxlen: 37
                          2400:a7a0:3800::/37 maxlen: 37
                          2400:a7a0:4000::/37 maxlen: 37
                          2400:a7a0:4800::/37 maxlen: 37
                          2400:a7a0:5000::/37 maxlen: 37
                          2400:a7a0:5800::/37 maxlen: 37
                          2400:a7a0:6000::/37 maxlen: 37
                          2400:a7a0:6800::/37 maxlen: 37
                          2400:a7a0:7000::/37 maxlen: 37
                          2400:a7a0:7800::/37 maxlen: 37
                          2400:a7a0:8000::/37 maxlen: 37
                          2400:a7a0:8800::/37 maxlen: 37
                          2400:a7a0:9000::/37 maxlen: 37
                          2400:a7a0:9800::/37 maxlen: 37
                          2400:a7a0:a000::/37 maxlen: 37
                          2400:a7a0:a800::/37 maxlen: 37
                          2400:a7a0:b000::/37 maxlen: 37
                          2400:a7a0:b800::/37 maxlen: 37
                          2400:a7a0:c000::/37 maxlen: 37
                          2400:a7a0:c800::/37 maxlen: 37
                          2400:a7a0:d000::/37 maxlen: 37
                          2400:a7a0:d800::/37 maxlen: 37
                          2400:a7a0:e000::/37 maxlen: 37
                          2400:a7a0:e800::/37 maxlen: 37
                          2400:a7a0:f000::/37 maxlen: 37
                          2400:a7a0:f800::/37 maxlen: 37

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2656 (0xa60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91626EF/serialNumber=347AFEB394C5697E9792214EF8CF56A59CA8E8BD
        Validity
            Not Before: Sep 22 02:17:14 2022 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=632bc5a8-6e15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2e:da:21:0c:f1:44:30:e6:53:fb:0a:28:45:
                    d4:f4:77:cc:e0:d7:7c:57:56:1a:76:43:1d:26:04:
                    ea:83:d6:1e:15:7c:d5:4c:80:65:e6:9e:0b:0c:03:
                    8c:b2:64:a7:94:90:7e:c3:72:c7:13:03:95:db:16:
                    11:97:b7:ce:4b:e6:86:58:1d:06:66:ba:ba:b3:eb:
                    0d:1b:fa:a8:57:3d:67:5b:63:23:75:77:dc:8e:de:
                    09:57:3c:6e:5c:7a:b4:3a:be:d2:d5:87:6f:0d:05:
                    04:c3:42:dd:82:99:0e:63:bb:45:a0:1d:db:56:c2:
                    64:3d:c5:65:e3:c0:da:be:1a:71:80:fb:98:ee:c5:
                    7a:77:e1:bc:a2:bb:84:3c:29:7c:26:d5:ff:aa:72:
                    34:41:1a:75:bb:af:ba:86:10:02:91:b4:03:80:51:
                    e5:30:6a:c1:e3:6d:83:52:ef:81:1b:45:cf:5b:5a:
                    2a:45:4e:01:95:39:08:63:59:bf:61:7e:ff:9e:66:
                    1e:75:3e:56:3f:48:d5:7e:b1:2b:18:78:74:0b:d9:
                    45:53:40:67:d1:fe:fb:e4:47:c7:3e:fc:4b:c2:d7:
                    bd:10:21:54:b9:5e:90:8b:bd:27:5d:07:74:d5:96:
                    fa:fa:29:6e:33:c0:b1:b0:35:c5:63:54:35:4e:4a:
                    a8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:6B:6A:41:D1:92:EC:DE:F8:B8:96:6C:FA:0F:60:BA:D7:4B:AB:71
            X509v3 Authority Key Identifier:
                keyid:34:7A:FE:B3:94:C5:69:7E:97:92:21:4E:F8:CF:56:A5:9C:A8:E8:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHr-s5TFaX6XkiFO-M9WpZyo6L0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/3C37E4A6294B11EA98E28373C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.142.70.0/23
                IPv6:
                  2001:df1:3480::/48
                  2400:a7a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:66:50:83:1f:0c:cb:00:f0:96:14:5c:d1:28:6f:0d:87:8c:
         c3:f1:08:b8:0c:91:de:39:36:29:92:39:0c:34:38:b2:6f:22:
         a5:7a:f9:63:75:e6:04:ea:5b:5c:b3:c2:d2:42:e8:5e:c7:df:
         f3:fa:10:b5:60:8b:cf:9f:23:69:98:e9:52:64:48:af:0a:31:
         9e:07:8b:c6:fb:58:37:a6:f8:bc:c9:a5:9a:9e:29:b6:24:bb:
         4d:4c:1f:20:be:c4:92:cc:c5:08:86:24:ed:3f:0e:d7:08:71:
         19:9e:e7:c3:1b:8a:03:65:f9:d5:ed:fa:b4:f5:7b:b9:56:10:
         6f:b8:c1:33:18:49:89:3e:4b:5e:9d:27:f2:89:90:11:68:91:
         40:99:00:35:c9:da:ed:5a:a9:44:b1:40:1b:78:f8:dc:be:06:
         d8:24:e0:12:2c:f6:c4:61:7c:cd:17:aa:bb:36:09:fa:9c:8c:
         27:f7:03:d9:24:82:aa:e9:7d:0b:55:36:8c:23:b8:ea:cd:d3:
         3c:88:7b:af:3b:d7:9f:58:ca:74:f1:06:30:ac:77:1f:15:30:
         61:7f:29:43:1e:a9:d4:26:f5:c0:cd:b6:ea:94:e2:62:d3:57:
         6c:26:24:0c:c2:da:b1:3e:a8:9e:e9:15:b8:19:8d:84:69:58:
         ac:fd:62:31
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI2RUYxMTAvBgNVBAUTKDM0N0FGRUIzOTRDNTY5N0U5NzkyMjE0RUY4Q0Y1NkE1
OUNBOEU4QkQwHhcNMjIwOTIyMDIxNzE0WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJiYzVhOC02ZTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApC7aIQzxRDDmU/sKKEXU9HfM4Nd8V1YadkMdJgTqg9YeFXzVTIBl5p4LDAOM
smSnlJB+w3LHEwOV2xYRl7fOS+aGWB0GZrq6s+sNG/qoVz1nW2MjdXfcjt4JVzxu
XHq0Or7S1YdvDQUEw0LdgpkOY7tFoB3bVsJkPcVl48DavhpxgPuY7sV6d+G8oruE
PCl8JtX/qnI0QRp1u6+6hhACkbQDgFHlMGrB422DUu+BG0XPW1oqRU4BlTkIY1m/
YX7/nmYedT5WP0jVfrErGHh0C9lFU0Bn0f775EfHPvxLwte9ECFUuV6Qi70nXQd0
1Zb6+iluM8CxsDXFY1Q1TkqoiQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOdrakHR
kuze+LiWbPoPYLrXS6txMB8GA1UdIwQYMBaAFDR6/rOUxWl+l5IhTvjPVqWcqOi9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjZFRi85RDg2NzUxMEZG
RDQxMUU5OTJEMDY1MThDNEY5QUUwMi9OSHItczVURmFYNlhraUZPLU05V3BaeW82
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Ici1zNVRGYVg2WGtpRk8tTTlXcFp5bzZMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjI2RUYvOUQ4Njc1MTBGRkQ0MTFFOTkyRDA2NTE4QzRGOUFFMDIvM0MzN0U0QTYy
OTRCMTFFQTk4RTI4MzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMAwEAgABMAYDBAFnjkYwFgQCAAIwEAMHACABDfE0gAMFACQAp6AwDQYJKoZI
hvcNAQELBQADggEBAENmUIMfDMsA8JYUXNEobw2HjMPxCLgMkd45NimSOQw0OLJv
IqV6+WN15gTqW1yzwtJC6F7H3/P6ELVgi8+fI2mY6VJkSK8KMZ4Hi8b7WDem+LzJ
pZqeKbYku01MHyC+xJLMxQiGJO0/DtcIcRme58MbigNl+dXt+rT1e7lWEG+4wTMY
SYk+S16dJ/KJkBFokUCZADXJ2u1aqUSxQBt4+Ny+Btgk4BIs9sRhfM0Xqrs2Cfqc
jCf3A9kkgqrpfQtVNowjuOrN0zyIe687159YynTxBjCsdx8VMGF/KUMeqdQm9cDN
tuqU4mLTV2wmJAzC2rE+qJ7pFbgZjYRpWKz9YjE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org