Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9175027/2505CEDC256811EBAC2CAC5AC4F9AE02/93E6B77827CD11EBB8316B3CC4F9AE02.roa
File:                     93E6B77827CD11EBB8316B3CC4F9AE02.roa (raw, json)
Hash identifier:          Y9ItKHWgCNrh21BshU5hmaZQgccCCyX/2LLKz+ZKlPk=
Subject key identifier:   98:38:CE:06:CE:12:67:C5:D6:6F:40:F9:C4:80:0B:EC:3D:AD:43:7C
Certificate issuer:       /CN=A9175027/serialNumber=E1772CB5D3965276CF4E98D3766B630D7E3F8178
Certificate serial:       01EC
Authority key identifier: E1:77:2C:B5:D3:96:52:76:CF:4E:98:D3:76:6B:63:0D:7E:3F:81:78
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XcstdOWUnbPTpjTdmtjDX4_gXg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9175027/2505CEDC256811EBAC2CAC5AC4F9AE02/93E6B77827CD11EBB8316B3CC4F9AE02.roa
Signing time:             Thu 01 Jul 2021 12:18:50 +0000
ROA not before:           Thu 01 Jul 2021 12:18:50 +0000
ROA not after:            Wed 31 Aug 2022 00:00:00 +0000
asID:                     58507
IP address blocks:        103.1.188.0/22 maxlen: 24
                          103.19.172.0/22 maxlen: 24
                          103.232.160.0/22 maxlen: 24
                          113.212.168.0/22 maxlen: 24
                          113.212.172.0/22 maxlen: 24
                          163.47.120.0/22 maxlen: 24
                          163.47.136.0/22 maxlen: 24
                          163.47.168.0/22 maxlen: 24
                          182.237.4.0/22 maxlen: 24
                          2400:5d00::/32 maxlen: 34
                          2400:5d00::/33 maxlen: 40
                          2400:5d00:8000::/34 maxlen: 40
                          2400:5d00:c000::/35 maxlen: 36
                          2400:5d00:c000::/36 maxlen: 40
                          2400:5d00:d000::/37 maxlen: 38
                          2400:5d00:d000::/38 maxlen: 40
                          2400:5d00:d400::/39 maxlen: 40
                          2404:59c0::/32 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 492 (0x1ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9175027/serialNumber=E1772CB5D3965276CF4E98D3766B630D7E3F8178
        Validity
            Not Before: Jul  1 12:18:50 2021 GMT
            Not After : Aug 31 00:00:00 2022 GMT
        Subject: CN=60ddb2a9-de01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ea:33:3a:e9:0c:92:87:c0:98:3b:e0:56:4a:
                    71:a1:e3:80:f4:b8:17:db:b3:70:54:23:55:7b:68:
                    e0:9c:53:98:5a:13:3d:f1:da:42:a7:b9:86:7a:00:
                    90:bb:94:11:0f:6f:25:7a:a0:8f:cf:ea:5a:df:51:
                    c3:27:ed:cc:34:60:03:0c:e6:f4:02:56:a5:6b:90:
                    56:21:45:98:01:af:02:ca:06:3e:57:a1:06:ed:5c:
                    69:d6:97:44:97:a4:78:1d:11:32:30:8b:7d:63:12:
                    f6:1b:2b:f7:05:cd:fb:31:ae:ca:06:bb:46:b2:3f:
                    88:b1:26:29:5a:2c:cb:9d:ec:37:6f:ea:17:d2:48:
                    44:71:77:b0:42:9c:d2:d1:47:43:62:c4:00:13:50:
                    ef:92:74:9a:d7:06:d3:00:12:71:f2:43:9e:fc:43:
                    7c:93:cd:e9:a8:91:a8:0a:41:4a:64:4a:ee:87:03:
                    43:c9:87:40:63:e8:ef:32:88:6d:4e:08:7a:c1:c9:
                    07:a1:15:1d:9f:fe:ec:c9:df:23:cb:38:16:68:64:
                    e5:b7:42:ef:c3:56:f5:a9:d0:6a:18:ab:ad:a5:6d:
                    85:32:cc:49:8f:bf:6b:34:c8:fa:e9:d8:aa:84:33:
                    d5:75:37:23:77:a3:22:8b:94:7b:9a:2a:93:fe:82:
                    85:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:38:CE:06:CE:12:67:C5:D6:6F:40:F9:C4:80:0B:EC:3D:AD:43:7C
            X509v3 Authority Key Identifier:
                keyid:E1:77:2C:B5:D3:96:52:76:CF:4E:98:D3:76:6B:63:0D:7E:3F:81:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9175027/2505CEDC256811EBAC2CAC5AC4F9AE02/4XcstdOWUnbPTpjTdmtjDX4_gXg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XcstdOWUnbPTpjTdmtjDX4_gXg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175027/2505CEDC256811EBAC2CAC5AC4F9AE02/93E6B77827CD11EBB8316B3CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.1.188.0/22
                  103.19.172.0/22
                  103.232.160.0/22
                  113.212.168.0/21
                  163.47.120.0/22
                  163.47.136.0/22
                  163.47.168.0/22
                  182.237.4.0/22
                IPv6:
                  2400:5d00::/32
                  2404:59c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:0a:e3:04:73:4a:18:f3:b9:6e:c0:62:05:da:a9:38:07:2a:
         06:aa:64:bb:a9:50:26:05:0a:aa:59:f6:f4:b1:0a:f7:73:d9:
         03:1a:99:1f:16:f9:02:d4:9d:c5:db:fe:ef:42:0e:f4:1d:2a:
         90:62:49:8b:d2:48:c5:d2:f1:ba:c7:fd:58:1d:2b:f4:53:69:
         14:5c:af:ca:9c:24:32:27:99:3d:cf:02:43:a1:ce:d2:e6:ed:
         7d:bc:ae:4a:24:3c:9c:9d:70:a9:0d:71:82:09:26:6a:60:7e:
         20:04:9a:71:74:9b:37:e4:20:80:24:c5:64:11:a2:9d:27:e0:
         fb:12:1d:54:87:fa:be:ec:0d:3b:d3:f0:b9:68:55:f4:a6:90:
         a2:55:55:ac:9e:6e:7d:f3:a5:0c:48:98:e1:b2:47:5d:bc:2b:
         dd:a6:ab:27:3e:bb:e2:8d:bc:1c:6c:7b:ad:df:58:2b:31:3f:
         4f:c6:b7:7b:d5:f2:f1:d6:0e:fd:91:3b:a1:3d:de:c1:92:75:
         64:88:fe:91:f6:cc:ae:ab:b4:35:d5:cb:63:d0:b0:4c:c0:1a:
         e9:18:8c:89:b5:3e:02:45:5d:72:1f:32:cd:12:22:c7:22:b8:
         26:04:a7:bd:00:6c:4d:13:86:f5:01:57:66:fb:31:21:16:6b:
         4e:44:f7:bf
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICAewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUwMjcxMTAvBgNVBAUTKEUxNzcyQ0I1RDM5NjUyNzZDRjRFOThEMzc2NkI2MzBE
N0UzRjgxNzgwHhcNMjEwNzAxMTIxODUwWhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGRkYjJhOS1kZTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwuozOukMkofAmDvgVkpxoeOA9LgX27NwVCNVe2jgnFOYWhM98dpCp7mGegCQ
u5QRD28leqCPz+pa31HDJ+3MNGADDOb0Alala5BWIUWYAa8CygY+V6EG7Vxp1pdE
l6R4HREyMIt9YxL2Gyv3Bc37Ma7KBrtGsj+IsSYpWizLnew3b+oX0khEcXewQpzS
0UdDYsQAE1DvknSa1wbTABJx8kOe/EN8k83pqJGoCkFKZEruhwNDyYdAY+jvMoht
Tgh6wckHoRUdn/7syd8jyzgWaGTlt0Lvw1b1qdBqGKutpW2FMsxJj79rNMj66diq
hDPVdTcjd6Mii5R7miqT/oKFIQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFJg4zgbO
EmfF1m9A+cSAC+w9rUN8MB8GA1UdIwQYMBaAFOF3LLXTllJ2z06Y03ZrYw1+P4F4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTAyNy8yNTA1Q0VEQzI1
NjgxMUVCQUMyQ0FDNUFDNEY5QUUwMi80WGNzdGRPV1VuYlBUcGpUZG10akRYNF9n
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRYY3N0ZE9XVW5iUFRwalRkbXRqRFg0X2dYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUwMjcvMjUwNUNFREMyNTY4MTFFQkFDMkNBQzVBQzRGOUFFMDIvOTNFNkI3Nzgy
N0NEMTFFQkI4MzE2QjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMDYEAgABMDADBAJnAbwDBAJnE6wDBAJn6KADBANx1KgDBAKjL3gDBAKjL4gD
BAKjL6gDBAK27QQwFAQCAAIwDgMFACQAXQADBQAkBFnAMA0GCSqGSIb3DQEBCwUA
A4IBAQCHCuMEc0oY87luwGIF2qk4ByoGqmS7qVAmBQqqWfb0sQr3c9kDGpkfFvkC
1J3F2/7vQg70HSqQYkmL0kjF0vG6x/1YHSv0U2kUXK/KnCQyJ5k9zwJDoc7S5u19
vK5KJDycnXCpDXGCCSZqYH4gBJpxdJs35CCAJMVkEaKdJ+D7Eh1Uh/q+7A070/C5
aFX0ppCiVVWsnm5986UMSJjhskddvCvdpqsnPrvijbwcbHut31grMT9Pxrd71fLx
1g79kTuhPd7BknVkiP6R9syuq7Q11ctj0LBMwBrpGIyJtT4CRV1yHzLNEiLHIrgm
BKe9AGxNE4b1AVdm+zEhFmtORPe/
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org