Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
File:                     E279DA3C29CD11EEBA2A317BC4F9AE02.roa (raw, json)
Hash identifier:          swI63TyDnzZlDxRM7nOPc0Gu6diNEvzGCe+n6JQZDGE=
Subject key identifier:   8D:0B:5F:21:08:67:0B:2A:C9:CE:21:7E:58:F2:0D:EE:6A:DF:B9:F1
Certificate issuer:       /CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Certificate serial:       15
Authority key identifier: 83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
Signing time:             Mon 24 Jul 2023 04:37:02 +0000
ROA not before:           Mon 24 Jul 2023 04:37:02 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     10118
IP address blocks:        117.103.144.0/20 maxlen: 20
                          117.103.144.0/20 maxlen: 24
                          117.103.152.0/23 maxlen: 23
                          117.103.156.0/24 maxlen: 24
                          117.103.157.0/24 maxlen: 24
                          117.103.158.0/24 maxlen: 24
                          117.103.159.0/24 maxlen: 24
                          124.217.128.0/18 maxlen: 18
                          124.217.128.0/24 maxlen: 24
                          124.217.129.0/24 maxlen: 24
                          124.217.130.0/24 maxlen: 24
                          124.217.131.0/24 maxlen: 24
                          124.217.132.0/23 maxlen: 23
                          124.217.136.0/23 maxlen: 24
                          124.217.138.0/24 maxlen: 24
                          124.217.139.0/24 maxlen: 24
                          124.217.140.0/24 maxlen: 24
                          124.217.141.0/24 maxlen: 24
                          124.217.142.0/24 maxlen: 24
                          124.217.143.0/24 maxlen: 24
                          124.217.144.0/20 maxlen: 20
                          124.217.160.0/20 maxlen: 20
                          124.217.178.0/24 maxlen: 24
                          124.217.179.0/24 maxlen: 24
                          124.217.180.0/22 maxlen: 22
                          124.217.184.0/24 maxlen: 24
                          124.217.185.0/24 maxlen: 24
                          124.217.186.0/24 maxlen: 24
                          124.217.187.0/24 maxlen: 24
                          124.217.188.0/24 maxlen: 24
                          124.217.189.0/24 maxlen: 24
                          124.217.190.0/24 maxlen: 24
                          124.217.191.0/24 maxlen: 24
                          180.188.128.0/18 maxlen: 24
                          180.188.144.0/20 maxlen: 20
                          180.188.188.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21 (0x15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
        Validity
            Not Before: Jul 24 04:37:02 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64bdffee-b0b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e4:26:e2:20:5f:12:a3:6c:c8:cd:a7:60:6e:
                    4a:ee:e9:04:71:d2:76:e6:76:40:2d:5f:9f:6a:e6:
                    dc:48:f4:49:5a:3a:3b:f4:73:40:21:30:31:74:4a:
                    9f:e9:2c:ee:b9:cc:fe:41:e8:36:57:ee:b8:0e:16:
                    ab:06:a6:78:e0:25:ce:bb:90:84:a0:53:db:c4:c8:
                    4a:6c:ad:fb:82:5b:2c:49:5f:31:55:4b:29:c0:a4:
                    4c:d1:13:16:c0:a0:82:81:2d:d0:01:3b:39:8c:30:
                    2c:14:eb:50:a3:35:aa:17:e3:94:01:e6:73:13:9c:
                    4b:5a:d9:09:f1:b0:e2:74:03:c2:ff:3b:fe:39:fd:
                    2a:91:9e:28:06:be:75:c1:50:05:0d:e2:b2:4f:ef:
                    3b:e1:02:76:a1:f1:83:5a:14:81:7c:85:cf:dc:d7:
                    79:b2:17:2c:f9:5d:a7:c8:ed:e5:b3:fd:b9:cc:cc:
                    87:28:4c:41:5d:46:d5:ba:3b:c7:6b:8f:ad:04:68:
                    96:70:5e:42:26:b4:fd:a8:f9:50:84:d9:73:98:f6:
                    e7:af:06:0d:2c:0b:e2:72:ca:a5:48:41:31:0e:dd:
                    e2:74:e0:50:fa:94:2f:c6:d6:64:ef:fa:b7:92:0d:
                    1a:97:17:c5:c3:f2:43:13:8f:b3:04:9a:31:50:09:
                    d7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:0B:5F:21:08:67:0B:2A:C9:CE:21:7E:58:F2:0D:EE:6A:DF:B9:F1
            X509v3 Authority Key Identifier:
                keyid:83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/g4a-hhvb220BZQh9wESgf6TU8Ik.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.103.144.0/20
                  124.217.128.0/18
                  180.188.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         01:62:2b:44:26:02:e1:fd:c1:6f:08:41:f0:a7:bb:9e:cc:5f:
         70:29:f1:8d:ba:5e:e7:54:34:ef:b2:9b:f7:7e:6f:46:17:10:
         1a:4d:f4:31:f4:d4:d9:64:43:9b:44:4d:49:78:bd:9c:9f:1c:
         77:b2:54:17:56:37:5f:6c:85:28:49:40:62:4d:7c:21:6d:fc:
         ef:06:df:8c:a8:00:8b:8e:3b:bc:81:d6:25:e4:7d:21:08:3b:
         0a:d4:e7:f9:b6:77:de:41:8a:e7:ce:59:18:c1:ef:e9:2c:b7:
         96:62:5b:35:10:e4:4a:4f:0a:48:59:b2:0c:d4:9a:cc:42:7c:
         f7:1e:8c:8a:98:87:00:e7:cd:9a:44:87:21:b4:37:4c:37:f1:
         1e:ef:ad:0e:70:05:dd:c3:a2:78:ac:e4:0e:95:87:6c:5a:8d:
         e5:60:b8:63:7d:8c:82:1a:10:c6:c4:1f:d9:72:f9:84:8e:bc:
         3e:2f:ca:14:2e:4c:b3:f3:a5:03:7d:b1:41:40:49:75:07:63:
         13:cf:f0:aa:73:3f:79:30:d8:b3:95:96:11:e7:df:23:65:00:
         b2:be:33:66:a7:e7:5c:71:66:72:54:f1:ef:ca:0b:a0:54:2b:
         e9:19:6a:77:84:50:23:ee:e6:59:69:bd:59:1d:fc:a8:4a:84:
         35:bb:61:03
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QTk5NjExMC8GA1UEBRMoODM4NkJFODYxQkRCREI2RDAxNjUwODdEQzA0NEEwN0ZB
NEQ0RjA4OTAeFw0yMzA3MjQwNDM3MDJaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmRmZmVlLWIwYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC15CbiIF8So2zIzadgbkru6QRx0nbmdkAtX59q5txI9ElaOjv0c0AhMDF0Sp/p
LO65zP5B6DZX7rgOFqsGpnjgJc67kISgU9vEyEpsrfuCWyxJXzFVSynApEzRExbA
oIKBLdABOzmMMCwU61CjNaoX45QB5nMTnEta2QnxsOJ0A8L/O/45/SqRnigGvnXB
UAUN4rJP7zvhAnah8YNaFIF8hc/c13myFyz5XafI7eWz/bnMzIcoTEFdRtW6O8dr
j60EaJZwXkImtP2o+VCE2XOY9uevBg0sC+JyyqVIQTEO3eJ04FD6lC/G1mTv+reS
DRqXF8XD8kMTj7MEmjFQCddPAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUjQtfIQhn
CyrJziF+WPIN7mrfufEwHwYDVR0jBBgwFoAUg4a+hhvb220BZQh9wESgf6TU8Ikw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBOTk2LzMyQzY4QTVFMjc5
ODExRUVCRDhEQzU1RkM0RjlBRTAyL2c0YS1oaHZiMjIwQlpRaDl3RVNnZjZUVThJ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZzRhLWhodmIyMjBCWlFoOXdFU2dmNlRVOElrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QTk5Ni8zMkM2OEE1RTI3OTgxMUVFQkQ4REM1NUZDNEY5QUUwMi9FMjc5REEzQzI5
Q0QxMUVFQkEyQTMxN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBHVnkAMEBnzZgAMEBrS8gDANBgkqhkiG9w0BAQsFAAOCAQEA
AWIrRCYC4f3BbwhB8Ke7nsxfcCnxjbpe51Q077Kb935vRhcQGk30MfTU2WRDm0RN
SXi9nJ8cd7JUF1Y3X2yFKElAYk18IW387wbfjKgAi447vIHWJeR9IQg7CtTn+bZ3
3kGK585ZGMHv6Sy3lmJbNRDkSk8KSFmyDNSazEJ89x6MipiHAOfNmkSHIbQ3TDfx
Hu+tDnAF3cOieKzkDpWHbFqN5WC4Y32MghoQxsQf2XL5hI68Pi/KFC5Ms/OlA32x
QUBJdQdjE8/wqnM/eTDYs5WWEeffI2UAsr4zZqfnXHFmclTx78oLoFQr6Rlqd4RQ
I+7mWWm9WR38qEqENbthAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org