Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/5E424E6E955111EC98F81677C4F9AE02.roa
File:                     5E424E6E955111EC98F81677C4F9AE02.roa (raw, json)
Hash identifier:          zGsBO8mDBbEr3x9SClbOqPYAjbQXfz03erDqQOVr7Ds=
Subject key identifier:   89:F2:A6:7B:3A:65:A0:42:3D:D3:0C:EE:7B:79:63:68:E8:5C:47:E0
Certificate issuer:       /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial:       0699
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/5E424E6E955111EC98F81677C4F9AE02.roa
Signing time:             Thu 24 Feb 2022 09:08:45 +0000
ROA not before:           Thu 24 Feb 2022 09:08:45 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     137969
IP address blocks:        39.109.66.0/23 maxlen: 23
                          39.109.66.0/24 maxlen: 24
                          39.109.67.0/24 maxlen: 24
                          39.109.68.0/22 maxlen: 22
                          39.109.68.0/24 maxlen: 24
                          39.109.69.0/24 maxlen: 24
                          39.109.70.0/24 maxlen: 24
                          39.109.71.0/24 maxlen: 24
                          39.109.72.0/21 maxlen: 21
                          39.109.72.0/24 maxlen: 24
                          39.109.73.0/24 maxlen: 24
                          39.109.74.0/24 maxlen: 24
                          39.109.75.0/24 maxlen: 24
                          39.109.76.0/24 maxlen: 24
                          39.109.77.0/24 maxlen: 24
                          39.109.79.0/24 maxlen: 24
                          39.109.80.0/21 maxlen: 21
                          39.109.80.0/24 maxlen: 24
                          39.109.81.0/24 maxlen: 24
                          39.109.82.0/24 maxlen: 24
                          39.109.83.0/24 maxlen: 24
                          39.109.84.0/24 maxlen: 24
                          39.109.85.0/24 maxlen: 24
                          39.109.86.0/24 maxlen: 24
                          39.109.87.0/24 maxlen: 24
                          39.109.88.0/22 maxlen: 22
                          39.109.88.0/24 maxlen: 24
                          39.109.89.0/24 maxlen: 24
                          39.109.90.0/24 maxlen: 24
                          39.109.91.0/24 maxlen: 24
                          103.98.14.0/24 maxlen: 24
                          103.119.132.0/23 maxlen: 23
                          103.119.132.0/24 maxlen: 24
                          103.119.133.0/24 maxlen: 24
                          2403:e840::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1689 (0x699)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
        Validity
            Not Before: Feb 24 09:08:45 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=62174b1d-c4ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:86:2a:a5:13:59:4f:bb:34:59:d6:23:65:1d:
                    db:16:b4:09:4e:36:58:c6:6f:a5:af:86:c4:8c:4c:
                    a2:b8:11:b6:93:58:ab:6e:df:21:0d:16:62:2f:e5:
                    d6:d6:7d:70:63:4f:6b:f8:78:de:73:96:ce:40:d5:
                    0e:cc:47:be:3b:58:06:51:01:6e:0e:43:c7:de:7f:
                    99:51:f9:c5:71:e2:00:7a:49:79:2a:c8:ab:1c:a4:
                    47:76:31:a5:a8:dd:8a:e1:ce:7f:6f:52:e8:65:7f:
                    d6:c5:aa:42:3a:84:43:d2:6f:3e:12:67:e0:0f:fe:
                    f7:c3:39:c5:84:e2:50:43:3b:dd:2f:ae:01:da:70:
                    01:ea:3d:ba:f9:a2:5b:14:10:37:26:ed:02:59:62:
                    59:28:3f:94:e6:2a:17:24:95:b1:71:73:c3:34:46:
                    47:a9:08:e9:c6:7b:cc:61:fc:e7:16:d5:f7:60:b2:
                    99:82:58:b5:a5:b6:d3:9f:e2:89:b0:8a:4c:30:8c:
                    43:a1:e5:ed:e9:2b:31:b9:34:2b:40:bf:fd:68:8e:
                    8d:95:d2:50:52:85:60:94:a1:4f:25:5e:d5:c9:43:
                    9e:15:a5:2d:1e:1c:9e:89:b5:08:37:2d:14:0d:ce:
                    8d:4d:27:6d:84:b5:a4:f5:a5:39:2f:0d:5f:c5:ec:
                    fd:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F2:A6:7B:3A:65:A0:42:3D:D3:0C:EE:7B:79:63:68:E8:5C:47:E0
            X509v3 Authority Key Identifier:
                keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/5E424E6E955111EC98F81677C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  39.109.66.0-39.109.91.255
                  103.98.14.0/24
                  103.119.132.0/23
                IPv6:
                  2403:e840::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:78:d1:bc:09:43:be:07:75:06:a7:ab:d8:23:6a:14:cc:6b:
         d6:48:ac:0e:54:9f:d2:7d:25:17:25:55:79:9f:36:76:4e:f6:
         f7:48:10:d6:3b:36:07:1d:d2:e1:27:84:45:25:96:95:5b:c0:
         f9:8f:a8:dc:08:90:0a:8c:5a:74:cf:38:cf:00:2a:7c:41:60:
         e9:71:3e:72:ce:6c:1d:6d:e0:c4:c6:5f:42:e7:68:ea:4d:fc:
         85:a6:04:78:b4:3e:11:80:ec:33:86:a7:3e:6a:b1:a4:c8:80:
         28:29:0a:fc:87:48:00:f4:6c:c4:28:d9:65:61:89:7e:31:d8:
         9f:87:f9:79:f7:bb:a8:c6:7e:b1:f9:ce:92:a0:3f:42:95:ea:
         f5:4d:f6:c5:17:06:e1:f2:f8:8d:19:62:91:24:d1:eb:26:71:
         5a:10:b9:4c:cb:fc:bf:4e:c6:d1:ca:9b:5d:f3:ce:3a:8f:ab:
         19:bb:f4:62:91:44:6f:8e:c2:3a:c9:13:ff:83:fb:bd:31:2a:
         f1:4c:34:68:06:aa:f2:cc:ad:ad:42:95:54:6f:2a:14:c0:b4:
         82:06:19:5c:31:8e:a7:29:4f:be:71:f0:b7:85:1a:9d:66:45:
         79:75:ef:60:dc:af:2f:12:d1:8b:53:19:a9:9f:5e:6f:d3:6c:
         36:1f:37:9c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICBpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjIwMjI0MDkwODQ1WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjE3NGIxZC1jNGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoYqpRNZT7s0WdYjZR3bFrQJTjZYxm+lr4bEjEyiuBG2k1irbt8hDRZiL+XW
1n1wY09r+Hjec5bOQNUOzEe+O1gGUQFuDkPH3n+ZUfnFceIAekl5KsirHKRHdjGl
qN2K4c5/b1LoZX/WxapCOoRD0m8+EmfgD/73wznFhOJQQzvdL64B2nAB6j26+aJb
FBA3Ju0CWWJZKD+U5ioXJJWxcXPDNEZHqQjpxnvMYfznFtX3YLKZgli1pbbTn+KJ
sIpMMIxDoeXt6SsxuTQrQL/9aI6NldJQUoVglKFPJV7VyUOeFaUtHhyeibUINy0U
Dc6NTSdthLWk9aU5Lw1fxez95QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFInypns6
ZaBCPdMM7nt5Y2joXEfgMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvNUU0MjRFNkU5
NTUxMTFFQzk4RjgxNjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMCAEAgABMBowDAMEASdtQgMEAidtWAMEAGdiDgMEAWd3hDANBAIAAjAHAwUA
JAPoQDANBgkqhkiG9w0BAQsFAAOCAQEAe3jRvAlDvgd1Bqer2CNqFMxr1kisDlSf
0n0lFyVVeZ82dk7290gQ1js2Bx3S4SeERSWWlVvA+Y+o3AiQCoxadM84zwAqfEFg
6XE+cs5sHW3gxMZfQudo6k38haYEeLQ+EYDsM4anPmqxpMiAKCkK/IdIAPRsxCjZ
ZWGJfjHYn4f5efe7qMZ+sfnOkqA/QpXq9U32xRcG4fL4jRlikSTR6yZxWhC5TMv8
v07G0cqbXfPOOo+rGbv0YpFEb47COskT/4P7vTEq8Uw0aAaq8sytrUKVVG8qFMC0
ggYZXDGOpylPvnHwt4UanWZFeXXvYNyvLxLRi1MZqZ9eb9NsNh83nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org