Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
File:                     40EE170AF33711ECB31B9420C4F9AE02.roa (raw, json)
Hash identifier:          tSS0MRrC2JXOvaO0P/7pWZGxMiVLx608RjNO3sXJobU=
Subject key identifier:   60:5A:10:98:77:C9:35:D3:C3:BB:0A:1D:6D:14:12:23:E6:D2:E3:30
Certificate issuer:       /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial:       0A50
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
Signing time:             Tue 12 Jul 2022 15:26:04 +0000
ROA not before:           Tue 12 Jul 2022 15:26:04 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     135341
IP address blocks:        103.109.93.0/24 maxlen: 24
                          103.214.200.0/24 maxlen: 24
                          144.48.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2640 (0xa50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
        Validity
            Not Before: Jul 12 15:26:04 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=62cd928b-80cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a6:a9:bb:f7:54:c2:57:fa:91:b7:41:c6:49:
                    90:fb:42:f9:39:36:15:0b:53:50:64:6c:4f:8b:fb:
                    08:80:eb:17:f3:ed:bb:34:06:82:ee:8d:7c:7e:c3:
                    97:61:75:97:f7:90:d5:8d:cb:63:dd:59:68:71:d4:
                    7d:ff:04:64:be:22:5e:45:a5:6d:19:05:a1:5c:4a:
                    29:4a:d6:03:e9:72:38:e8:fe:87:d4:58:00:dd:14:
                    bf:03:83:bf:95:ab:9a:4b:5e:0d:a2:b4:ae:08:1d:
                    40:a0:41:b9:e4:25:e6:cd:2f:ca:72:e2:48:65:9b:
                    8c:b4:4e:a2:3d:d5:d1:c1:0a:ca:33:e6:51:54:d1:
                    03:89:d4:ca:c0:2e:b0:02:38:ab:be:a4:f4:d8:77:
                    cf:ec:65:43:3b:f6:a6:a5:55:65:81:e0:cd:fc:51:
                    3e:42:de:86:9a:e5:68:6c:ce:d9:f5:d4:06:51:5b:
                    fa:7c:33:94:56:91:dd:69:eb:f8:0d:53:b8:dd:22:
                    ca:29:4e:5e:67:de:ca:ca:40:38:62:0b:f6:eb:38:
                    51:0a:1b:3a:34:39:e8:61:b3:ba:3e:a1:5f:b5:44:
                    f6:40:cc:f4:32:fc:bb:b3:16:f0:ff:ff:82:b0:84:
                    38:0c:55:be:95:12:2d:f2:0b:f9:48:a9:10:8f:67:
                    d4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:5A:10:98:77:C9:35:D3:C3:BB:0A:1D:6D:14:12:23:E6:D2:E3:30
            X509v3 Authority Key Identifier:
                keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.109.93.0/24
                  103.214.200.0/24
                  144.48.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:1b:1f:2d:bd:48:97:6a:bc:4f:79:36:85:ec:9c:aa:f0:ba:
         d0:07:9e:fd:5d:ed:4a:ef:c6:c9:bb:41:c4:63:35:e4:31:64:
         19:94:51:e5:b2:ac:da:58:ea:38:fb:32:e8:aa:85:18:23:18:
         00:ae:30:8e:50:84:04:b5:a2:79:e1:c9:a1:9b:e1:5c:bb:b1:
         42:d8:1e:77:6c:9b:ee:91:70:f0:d3:72:59:d9:8a:78:7a:23:
         fb:6b:dc:1f:38:ee:1b:54:9d:f1:47:bf:4b:07:4a:53:19:0a:
         9b:ae:7a:f0:84:58:bf:6a:8c:1d:88:4d:54:55:65:25:b6:ef:
         39:e5:d2:ca:85:28:27:ab:e5:7e:f1:d3:ed:45:0b:26:db:21:
         67:b9:82:22:88:93:8f:55:0f:48:ae:b3:ba:c8:62:09:36:79:
         9b:35:d6:37:fc:f7:35:08:74:37:0f:8c:9f:81:f0:81:93:7a:
         67:72:4f:3e:35:ea:99:39:dd:10:be:f1:f9:f5:77:bc:b4:f3:
         b0:fa:b1:b9:5c:4c:2b:03:20:79:2b:1d:de:b7:90:3e:dd:8b:
         50:37:3b:c0:fe:bd:b3:eb:aa:60:58:e4:22:46:53:9d:e2:95:
         5a:98:a1:28:66:9a:88:95:d7:6a:8a:30:1f:ee:01:41:23:8b:
         ea:bd:b4:7e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICClAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjIwNzEyMTUyNjA0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNkOTI4Yi04MGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmqapu/dUwlf6kbdBxkmQ+0L5OTYVC1NQZGxPi/sIgOsX8+27NAaC7o18fsOX
YXWX95DVjctj3VlocdR9/wRkviJeRaVtGQWhXEopStYD6XI46P6H1FgA3RS/A4O/
lauaS14NorSuCB1AoEG55CXmzS/KcuJIZZuMtE6iPdXRwQrKM+ZRVNEDidTKwC6w
AjirvqT02HfP7GVDO/ampVVlgeDN/FE+Qt6GmuVobM7Z9dQGUVv6fDOUVpHdaev4
DVO43SLKKU5eZ97KykA4Ygv26zhRChs6NDnoYbO6PqFftUT2QMz0Mvy7sxbw//+C
sIQ4DFW+lRIt8gv5SKkQj2fUeQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGBaEJh3
yTXTw7sKHW0UEiPm0uMwMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvNDBFRTE3MEFG
MzM3MTFFQ0IzMUI5NDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnbV0DBABn1sgDBACQMJYwDQYJKoZIhvcNAQELBQADggEB
AK0bHy29SJdqvE95NoXsnKrwutAHnv1d7Urvxsm7QcRjNeQxZBmUUeWyrNpY6jj7
MuiqhRgjGACuMI5QhAS1onnhyaGb4Vy7sULYHndsm+6RcPDTclnZinh6I/tr3B84
7htUnfFHv0sHSlMZCpuuevCEWL9qjB2ITVRVZSW27znl0sqFKCer5X7x0+1FCybb
IWe5giKIk49VD0ius7rIYgk2eZs11jf89zUIdDcPjJ+B8IGTemdyTz416pk53RC+
8fn1d7y087D6sblcTCsDIHkrHd63kD7di1A3O8D+vbPrqmBY5CJGU53ilVqYoShm
moiV12qKMB/uAUEji+q9tH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org