Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/6AB785F8B87D11EB853F6970C4F9AE02.roa
File:                     6AB785F8B87D11EB853F6970C4F9AE02.roa (raw, json)
Hash identifier:          31WjObqYscH5J4a6Ve4BdQhN03c6iz0qzd2cIoHY+kc=
Subject key identifier:   E8:E9:5F:17:D9:DE:AB:33:51:68:8D:8E:EC:DD:D8:62:12:8F:83:79
Certificate issuer:       /CN=A917C23C/serialNumber=AC32E99CB092E62E3ACA187463DA99E73D5AAF3E
Certificate serial:       02A5
Authority key identifier: AC:32:E9:9C:B0:92:E6:2E:3A:CA:18:74:63:DA:99:E7:3D:5A:AF:3E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDLpnLCS5i46yhh0Y9qZ5z1arz4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/6AB785F8B87D11EB853F6970C4F9AE02.roa
Signing time:             Wed 10 Nov 2021 13:29:54 +0000
ROA not before:           Wed 10 Nov 2021 13:29:54 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     59315
IP address blocks:        103.243.76.0/22 maxlen: 22
                          103.243.76.0/24 maxlen: 24
                          103.243.77.0/24 maxlen: 24
                          103.243.78.0/24 maxlen: 24
                          103.243.79.0/24 maxlen: 24
                          116.206.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 677 (0x2a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C23C/serialNumber=AC32E99CB092E62E3ACA187463DA99E73D5AAF3E
        Validity
            Not Before: Nov 10 13:29:54 2021 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=618bc952-0492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:78:09:cb:e0:88:19:b8:e6:9b:3c:0d:f7:08:
                    87:e2:14:a6:c1:8e:8a:90:97:6e:cb:9e:e4:02:2a:
                    2a:24:64:76:1e:9c:bd:e0:9b:69:3e:22:3d:15:d1:
                    40:ea:92:d2:7c:fd:b4:6f:80:95:72:54:40:52:61:
                    1e:3f:67:eb:7b:62:66:94:2c:f9:31:22:10:08:b4:
                    09:7e:61:32:9c:0b:49:71:35:75:15:31:38:3f:35:
                    83:db:fd:20:5e:ac:c1:82:18:27:18:09:5a:e6:03:
                    7e:e6:04:b4:c3:f0:00:5c:80:4b:72:52:fc:ba:cd:
                    e8:61:83:74:f8:df:3d:ac:eb:9c:28:2e:1a:c1:41:
                    53:07:d6:6a:d6:d4:4e:50:b8:30:61:15:a8:4b:bf:
                    3e:c7:0b:f3:b8:82:ba:3b:ce:b4:3c:e7:52:30:33:
                    bc:35:b1:43:d2:1d:18:31:f9:2c:5d:d9:32:1c:f4:
                    a7:6a:3a:08:a6:bb:77:0d:77:da:5f:eb:69:0c:4b:
                    fd:23:16:ed:eb:93:30:68:44:81:78:fa:72:73:9f:
                    14:84:db:6e:57:1b:bc:1f:6e:8c:22:d5:3e:7e:c9:
                    dd:5f:a8:f9:f8:0c:7b:8b:e0:b8:6f:37:36:b0:b0:
                    bc:3f:17:47:e3:8d:58:15:d6:4c:23:fa:d5:ef:0c:
                    fe:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E9:5F:17:D9:DE:AB:33:51:68:8D:8E:EC:DD:D8:62:12:8F:83:79
            X509v3 Authority Key Identifier:
                keyid:AC:32:E9:9C:B0:92:E6:2E:3A:CA:18:74:63:DA:99:E7:3D:5A:AF:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/rDLpnLCS5i46yhh0Y9qZ5z1arz4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDLpnLCS5i46yhh0Y9qZ5z1arz4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/6AB785F8B87D11EB853F6970C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.243.76.0/22
                  116.206.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:99:a2:82:cc:71:9a:9d:44:6e:98:eb:29:c2:73:6b:89:c3:
         d0:3e:23:f8:d2:bb:02:69:eb:77:d8:22:1b:2a:61:ae:12:6a:
         66:54:e7:ff:69:b3:d8:a7:ce:0f:3f:c9:b9:74:a1:85:1f:57:
         67:85:53:de:93:60:b5:52:d1:1d:88:4e:57:43:df:e4:62:1d:
         f8:fa:f4:e5:93:d4:1e:51:12:c7:a3:13:e2:e4:e3:4d:f3:1c:
         32:c1:77:9e:ab:c8:25:bc:84:0c:16:37:43:c8:29:48:9c:e2:
         73:a6:85:4c:ce:a3:02:44:80:2e:3e:02:e9:54:bc:bb:35:a2:
         e7:79:e5:8c:79:67:4b:6f:85:fe:17:c0:ee:51:57:fc:29:a5:
         1e:88:d3:6e:cf:aa:1e:7f:27:b5:9f:2f:3b:e0:85:4f:9d:f7:
         b0:8a:ad:1a:e6:b7:f7:09:3f:7d:41:74:42:5c:60:1b:5f:c8:
         21:ad:b9:e6:ec:56:7d:7d:d6:5d:32:67:1a:ea:90:14:5d:ef:
         34:52:2e:e8:e1:e3:fb:51:f5:02:03:f4:ab:85:72:85:c2:a8:
         93:70:ae:c5:c8:67:02:4b:b3:8a:3a:d1:1f:b3:b9:9c:c8:fc:
         11:55:b0:18:a0:aa:b3:5a:10:3f:fd:eb:0a:c8:f7:a9:dc:e8:
         c6:79:6e:4b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MyM0MxMTAvBgNVBAUTKEFDMzJFOTlDQjA5MkU2MkUzQUNBMTg3NDYzREE5OUU3
M0Q1QUFGM0UwHhcNMjExMTEwMTMyOTU0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThiYzk1Mi0wNDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA13gJy+CIGbjmmzwN9wiH4hSmwY6KkJduy57kAioqJGR2Hpy94JtpPiI9FdFA
6pLSfP20b4CVclRAUmEeP2fre2JmlCz5MSIQCLQJfmEynAtJcTV1FTE4PzWD2/0g
XqzBghgnGAla5gN+5gS0w/AAXIBLclL8us3oYYN0+N89rOucKC4awUFTB9Zq1tRO
ULgwYRWoS78+xwvzuIK6O860POdSMDO8NbFD0h0YMfksXdkyHPSnajoIprt3DXfa
X+tpDEv9Ixbt65MwaESBePpyc58UhNtuVxu8H26MItU+fsndX6j5+Ax7i+C4bzc2
sLC8PxdH441YFdZMI/rV7wz+LwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOjpXxfZ
3qszUWiNjuzd2GISj4N5MB8GA1UdIwQYMBaAFKwy6ZywkuYuOsoYdGPamec9Wq8+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzIzQy8wOTA3NDRDMjNB
M0YxMUVCQjYzQjc1NTFDNEY5QUUwMi9yRExwbkxDUzVpNDZ5aGgwWTlxWjV6MWFy
ejQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JETHBuTENTNWk0NnloaDBZOXFaNXoxYXJ6NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MyM0MvMDkwNzQ0QzIzQTNGMTFFQkI2M0I3NTUxQzRGOUFFMDIvNkFCNzg1RjhC
ODdEMTFFQjg1M0Y2OTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn80wDBAJ0ziwwDQYJKoZIhvcNAQELBQADggEBAFeZooLM
cZqdRG6Y6ynCc2uJw9A+I/jSuwJp63fYIhsqYa4SamZU5/9ps9inzg8/ybl0oYUf
V2eFU96TYLVS0R2ITldD3+RiHfj69OWT1B5REsejE+Lk403zHDLBd56ryCW8hAwW
N0PIKUic4nOmhUzOowJEgC4+AulUvLs1oud55Yx5Z0tvhf4XwO5RV/wppR6I027P
qh5/J7WfLzvghU+d97CKrRrmt/cJP31BdEJcYBtfyCGtuebsVn191l0yZxrqkBRd
7zRSLujh4/tR9QID9KuFcoXCqJNwrsXIZwJLs4o60R+zuZzI/BFVsBigqrNaED/9
6wrI96nc6MZ5bks=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org