Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/201019BEBDA111ECB6A3C748C4F9AE02.roa
File:                     201019BEBDA111ECB6A3C748C4F9AE02.roa (raw, json)
Hash identifier:          LcbtIwlUKJVSfsHXMD2PaXYukeHSImotyMQEp+0LUlk=
Subject key identifier:   95:4A:2A:32:FF:24:78:E9:1A:F5:E8:DC:C2:7F:3D:8D:1C:1D:FF:6A
Certificate issuer:       /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial:       3249
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/201019BEBDA111ECB6A3C748C4F9AE02.roa
Signing time:             Tue 26 Apr 2022 14:40:34 +0000
ROA not before:           Tue 26 Apr 2022 14:40:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     38616
IP address blocks:        111.88.144.0/20 maxlen: 24
                          111.88.184.0/21 maxlen: 24
                          115.186.0.0/24 maxlen: 24
                          115.186.19.0/24 maxlen: 24
                          115.186.48.0/21 maxlen: 24
                          115.186.64.0/19 maxlen: 21
                          115.186.64.0/21 maxlen: 24
                          115.186.76.0/22 maxlen: 24
                          115.186.80.0/20 maxlen: 24
                          115.186.97.0/24 maxlen: 24
                          115.186.99.0/24 maxlen: 24
                          115.186.100.0/22 maxlen: 22
                          115.186.100.0/24 maxlen: 24
                          115.186.104.0/24 maxlen: 24
                          115.186.105.0/24 maxlen: 24
                          115.186.114.0/24 maxlen: 24
                          115.186.116.0/22 maxlen: 22
                          115.186.116.0/24 maxlen: 24
                          115.186.122.0/23 maxlen: 23
                          115.186.126.0/23 maxlen: 23
                          115.186.127.0/24 maxlen: 24
                          117.102.13.0/24 maxlen: 24
                          117.102.29.0/24 maxlen: 24
                          117.102.30.0/24 maxlen: 24
                          117.102.31.0/24 maxlen: 24
                          203.81.200.0/21 maxlen: 21
                          203.81.200.0/24 maxlen: 24
                          203.81.201.0/24 maxlen: 24
                          203.81.202.0/24 maxlen: 24
                          203.81.203.0/24 maxlen: 24
                          203.81.204.0/22 maxlen: 22
                          203.81.204.0/24 maxlen: 24
                          203.81.205.0/24 maxlen: 24
                          203.81.206.0/24 maxlen: 24
                          203.81.207.0/24 maxlen: 24
                          203.81.216.0/24 maxlen: 24
                          203.81.217.0/24 maxlen: 24
                          203.81.218.0/24 maxlen: 24
                          203.81.219.0/24 maxlen: 24
                          203.81.220.0/22 maxlen: 22
                          203.81.220.0/24 maxlen: 24
                          203.81.221.0/24 maxlen: 24
                          203.81.222.0/24 maxlen: 24
                          203.81.223.0/24 maxlen: 24
                          203.81.224.0/22 maxlen: 22
                          203.81.224.0/24 maxlen: 24
                          203.81.225.0/24 maxlen: 24
                          203.81.226.0/24 maxlen: 24
                          203.81.227.0/24 maxlen: 24
                          203.81.228.0/23 maxlen: 24
                          203.81.231.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12873 (0x3249)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
        Validity
            Not Before: Apr 26 14:40:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62680461-b9e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:36:a2:32:19:40:eb:f0:02:70:25:13:83:42:
                    80:fc:dc:e6:04:95:7a:b9:87:ab:9c:b1:45:f9:61:
                    e9:f0:d9:e0:6b:e3:ce:1a:91:a3:f3:a3:1f:23:1e:
                    6f:42:41:a6:8e:25:22:ae:71:25:1a:2f:53:da:87:
                    b4:45:9e:22:35:a2:60:b5:02:ab:1d:0d:95:15:3a:
                    f6:f1:99:e2:97:a2:54:be:da:f6:67:2d:2d:3f:2c:
                    6e:65:12:47:39:ec:c3:2e:df:a6:ff:df:ad:7c:f5:
                    86:3d:97:08:f1:67:67:0a:64:d1:db:73:3b:ff:3e:
                    46:a9:04:24:6b:33:65:e4:29:e1:c1:76:99:dd:b5:
                    74:39:e7:66:3c:f2:f4:cd:c2:b9:af:3c:10:9d:75:
                    09:b8:09:f8:c1:b1:0a:b8:5d:1d:c5:48:10:a8:54:
                    53:87:11:6f:47:9a:89:0c:1c:97:a7:c9:d4:65:e6:
                    11:e7:f2:75:81:2e:60:92:37:f1:0d:c9:b5:3b:fb:
                    43:ba:4f:67:d3:d9:97:6a:35:3e:f8:6c:a5:fc:e4:
                    19:b6:4a:11:3a:52:54:27:93:f8:4d:45:57:c1:75:
                    dd:6f:31:a5:9e:61:68:98:69:30:69:13:bb:10:2f:
                    99:d2:62:61:09:8d:a0:4b:4b:eb:5f:5a:ae:6e:94:
                    d3:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:4A:2A:32:FF:24:78:E9:1A:F5:E8:DC:C2:7F:3D:8D:1C:1D:FF:6A
            X509v3 Authority Key Identifier:
                keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/201019BEBDA111ECB6A3C748C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.88.144.0/20
                  111.88.184.0/21
                  115.186.0.0/24
                  115.186.19.0/24
                  115.186.48.0/21
                  115.186.64.0/19
                  115.186.97.0/24
                  115.186.99.0-115.186.105.255
                  115.186.114.0/24
                  115.186.116.0/22
                  115.186.122.0/23
                  115.186.126.0/23
                  117.102.13.0/24
                  117.102.29.0-117.102.31.255
                  203.81.200.0/21
                  203.81.216.0-203.81.229.255
                  203.81.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:01:4b:ad:2d:6c:86:f7:a8:c4:4c:0b:70:d6:e0:45:d8:92:
         b4:e5:5c:36:83:f1:42:0e:9d:d3:37:41:4d:e3:65:ed:63:d6:
         19:6b:37:56:51:3e:5c:0f:95:9f:83:14:c9:62:50:8b:05:3e:
         03:75:cf:b2:f7:d8:cd:a3:d5:3a:69:a7:42:5c:b3:a5:3f:79:
         af:17:f1:0b:98:53:70:12:61:8b:7d:17:35:1a:6f:7e:35:71:
         ee:e8:b8:62:3e:40:91:0f:5d:78:d7:6e:1b:45:89:13:b0:ff:
         ee:71:4e:61:db:32:56:14:6d:2e:41:b3:ab:8b:70:a4:10:c8:
         d6:00:cb:73:da:dc:8e:9b:de:99:b7:a3:5a:f4:0e:03:4a:3e:
         46:22:3d:9f:6b:c5:c4:4d:7d:7c:5d:87:82:60:79:ac:e0:a8:
         f4:46:00:f1:40:ea:f0:8d:30:7e:cd:9a:9d:00:cb:66:9c:b2:
         f5:9f:f1:5e:6f:bb:61:20:12:07:d5:d3:34:26:5f:ad:33:85:
         11:b1:5d:64:a9:3b:01:5e:93:98:7d:94:0e:3b:d0:04:bc:00:
         44:dc:1a:07:1d:22:f8:39:1a:97:94:1a:e5:ff:74:e1:f5:68:
         5c:f4:09:06:6e:39:6d:27:47:d0:4f:1b:0f:ff:e5:81:f8:31:
         67:b6:03:81
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICMkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjIwNDI2MTQ0MDM0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY4MDQ2MS1iOWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszaiMhlA6/ACcCUTg0KA/NzmBJV6uYernLFF+WHp8Nnga+POGpGj86MfIx5v
QkGmjiUirnElGi9T2oe0RZ4iNaJgtQKrHQ2VFTr28Znil6JUvtr2Zy0tPyxuZRJH
OezDLt+m/9+tfPWGPZcI8WdnCmTR23M7/z5GqQQkazNl5CnhwXaZ3bV0OedmPPL0
zcK5rzwQnXUJuAn4wbEKuF0dxUgQqFRThxFvR5qJDByXp8nUZeYR5/J1gS5gkjfx
Dcm1O/tDuk9n09mXajU++Gyl/OQZtkoROlJUJ5P4TUVXwXXdbzGlnmFomGkwaRO7
EC+Z0mJhCY2gS0vrX1qubpTTcwIDAQABo4IDETCCAw0wHQYDVR0OBBYEFJVKKjL/
JHjpGvXo3MJ/PY0cHf9qMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMjAxMDE5QkVC
REExMTFFQ0I2QTNDNzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZoGCCsGAQUFBwEHAQH/
BIGKMIGHMIGEBAIAATB+AwQEb1iQAwQDb1i4AwQAc7oAAwQAc7oTAwQDc7owAwQF
c7pAAwQAc7phMAwDBABzumMDBAFzumgDBABzunIDBAJzunQDBAFzunoDBAFzun4D
BAB1Zg0wDAMEAHVmHQMEBXVmAAMEA8tRyDAMAwQDy1HYAwQBy1HkAwQAy1HnMA0G
CSqGSIb3DQEBCwUAA4IBAQCpAUutLWyG96jETAtw1uBF2JK05Vw2g/FCDp3TN0FN
42XtY9YZazdWUT5cD5WfgxTJYlCLBT4Ddc+y99jNo9U6aadCXLOlP3mvF/ELmFNw
EmGLfRc1Gm9+NXHu6LhiPkCRD114124bRYkTsP/ucU5h2zJWFG0uQbOri3CkEMjW
AMtz2tyOm96Zt6Na9A4DSj5GIj2fa8XETX18XYeCYHms4Kj0RgDxQOrwjTB+zZqd
AMtmnLL1n/Feb7thIBIH1dM0Jl+tM4URsV1kqTsBXpOYfZQOO9AEvABE3BoHHSL4
ORqXlBrl/3Th9Whc9AkGbjltJ0fQTxsP/+WB+DFntgOB
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org