Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/414140C0CC7A11E8BD5C1D41C4F9AE02.roa
File:                     414140C0CC7A11E8BD5C1D41C4F9AE02.roa (raw, json)
Hash identifier:          f1YrxmplH5niduDBKbuX6TQc5xXaxMGaVYa4kN8+zwQ=
Subject key identifier:   C0:C8:2C:1F:BD:C4:4C:00:C7:F6:FD:33:EE:28:1D:A6:52:12:A3:57
Certificate issuer:       /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Certificate serial:       327F
Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/414140C0CC7A11E8BD5C1D41C4F9AE02.roa
Signing time:             Thu 11 Aug 2022 02:40:28 +0000
ROA not before:           Thu 11 Aug 2022 02:40:28 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     45845
IP address blocks:        43.245.236.0/22 maxlen: 22
                          43.245.236.0/23 maxlen: 23
                          43.245.236.0/24 maxlen: 24
                          43.245.237.0/24 maxlen: 24
                          43.245.238.0/23 maxlen: 23
                          43.245.238.0/24 maxlen: 24
                          43.245.239.0/24 maxlen: 24
                          45.117.152.0/22 maxlen: 22
                          45.117.152.0/23 maxlen: 23
                          45.117.152.0/24 maxlen: 24
                          45.117.153.0/24 maxlen: 24
                          45.117.154.0/23 maxlen: 23
                          45.117.154.0/24 maxlen: 24
                          45.117.155.0/24 maxlen: 24
                          103.235.196.0/22 maxlen: 24
                          103.250.132.0/22 maxlen: 22
                          103.250.132.0/23 maxlen: 23
                          103.250.132.0/24 maxlen: 24
                          103.250.133.0/24 maxlen: 24
                          103.250.134.0/23 maxlen: 23
                          103.250.134.0/24 maxlen: 24
                          103.250.135.0/24 maxlen: 24
                          163.53.24.0/22 maxlen: 24
                          202.51.64.0/19 maxlen: 24
                          2405:6600::/32 maxlen: 32
                          2405:6600:201::/48 maxlen: 48
                          2405:6600:600::/48 maxlen: 48
                          2405:6600:701::/48 maxlen: 48
                          2405:6600:702::/48 maxlen: 48
                          2405:6600:703::/48 maxlen: 48
                          2405:6600:709::/48 maxlen: 48
                          2405:6600:c00::/48 maxlen: 48
                          2405:6600:c43::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12927 (0x327f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
        Validity
            Not Before: Aug 11 02:40:28 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62f46c1c-b6c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:8f:78:ad:0a:08:ad:02:44:5c:96:c8:c4:1b:
                    0e:47:48:bd:01:e6:bf:93:f3:e3:41:6a:6a:b0:8b:
                    88:6a:70:61:d7:2b:db:25:1b:49:a4:ac:01:50:21:
                    7f:1b:22:20:0e:38:19:db:97:5a:96:cf:19:d6:7e:
                    7d:7a:ef:a6:c7:c4:18:29:ef:b6:2a:4a:66:a4:43:
                    d3:48:eb:e3:d8:16:82:a6:79:b3:08:e4:79:be:6a:
                    47:9a:35:65:31:56:b1:91:9c:54:dc:73:e3:9e:1a:
                    d8:77:b0:77:24:6b:54:82:7b:5d:1d:c7:12:ba:f9:
                    02:1b:85:d7:0e:06:a5:d0:a3:88:ed:1e:07:9a:61:
                    42:1f:a3:2a:4f:9e:d4:9f:da:d3:2e:ba:86:cf:c7:
                    f3:a6:42:c8:7b:5f:e0:27:3c:8d:bd:ee:c9:38:a1:
                    62:13:0c:47:2d:ca:7c:f4:5b:fd:03:f7:30:2a:a1:
                    d7:59:cb:f3:87:7e:ff:c6:b2:a7:1b:64:24:99:78:
                    f9:24:68:a5:20:04:34:a7:e2:0d:88:c6:ba:da:06:
                    74:9c:e5:0a:0f:5b:68:3a:95:1b:54:12:2a:f1:91:
                    f7:13:bc:38:44:66:83:8a:6e:50:d5:bc:f5:87:3b:
                    89:06:e8:25:1f:9d:d7:63:43:6e:d7:6c:66:75:8e:
                    a9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C8:2C:1F:BD:C4:4C:00:C7:F6:FD:33:EE:28:1D:A6:52:12:A3:57
            X509v3 Authority Key Identifier:
                keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/414140C0CC7A11E8BD5C1D41C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.245.236.0/22
                  45.117.152.0/22
                  103.235.196.0/22
                  103.250.132.0/22
                  163.53.24.0/22
                  202.51.64.0/19
                IPv6:
                  2405:6600::/32

    Signature Algorithm: sha256WithRSAEncryption
         bb:0f:b1:8f:59:c7:82:b9:f1:f0:c3:29:14:d8:02:ce:e6:99:
         2c:2e:9f:54:cc:e8:6b:8f:e5:9b:50:62:7a:5b:6c:a7:bf:54:
         45:bd:10:80:4e:41:4d:00:15:f9:3a:e5:88:5b:6b:0c:49:52:
         34:0d:c4:27:5d:43:e6:17:82:32:7e:f4:17:e4:9b:91:ed:06:
         20:3d:74:f1:93:e2:0a:43:e1:40:7b:54:49:ed:ba:8f:b1:00:
         ce:ed:6e:81:6d:9a:5a:f6:15:5b:0b:49:a3:6e:f7:94:8c:f5:
         b1:74:e9:65:0a:ef:e0:43:5f:f8:bc:dc:04:40:7a:a6:e4:b8:
         40:a4:2d:09:01:b5:47:65:f0:c3:24:61:ff:f6:eb:4f:ce:37:
         2f:96:a4:5c:70:9e:65:eb:70:00:dd:da:dd:95:6b:00:14:3a:
         02:7b:4e:25:89:ac:58:43:f5:14:0a:cc:82:f2:1e:96:20:81:
         56:bc:c2:ef:4f:99:26:50:4c:04:40:d6:f9:16:ea:de:3e:91:
         3d:9f:18:12:85:fa:75:05:cb:ae:f3:88:36:3c:8c:d0:dc:8c:
         32:ad:2e:c4:07:19:f3:0b:ba:dc:30:ee:ca:1d:dc:6c:af:70:
         ae:05:24:ba:f3:53:39:c1:24:e7:86:d7:4b:cf:a6:d5:02:c9:
         1c:e6:db:c3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICMn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG
MkYxN0YzRkYwHhcNMjIwODExMDI0MDI4WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY0NmMxYy1iNmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5o94rQoIrQJEXJbIxBsOR0i9Aea/k/PjQWpqsIuIanBh1yvbJRtJpKwBUCF/
GyIgDjgZ25dals8Z1n59eu+mx8QYKe+2KkpmpEPTSOvj2BaCpnmzCOR5vmpHmjVl
MVaxkZxU3HPjnhrYd7B3JGtUgntdHccSuvkCG4XXDgal0KOI7R4HmmFCH6MqT57U
n9rTLrqGz8fzpkLIe1/gJzyNve7JOKFiEwxHLcp89Fv9A/cwKqHXWcvzh37/xrKn
G2QkmXj5JGilIAQ0p+INiMa62gZ0nOUKD1toOpUbVBIq8ZH3E7w4RGaDim5Q1bz1
hzuJBuglH53XY0Nu12xmdY6pmQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFMDILB+9
xEwAx/b9M+4oHaZSEqNXMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE
ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY1NTAvOEI5QkQyMDIxRDg1MTFFMkI0MTIzMERDMDhCMDJDRDIvNDE0MTQwQzBD
QzdBMTFFOEJENUMxRDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIr9ewDBAItdZgDBAJn68QDBAJn+oQDBAKjNRgDBAXKM0Aw
DQQCAAIwBwMFACQFZgAwDQYJKoZIhvcNAQELBQADggEBALsPsY9Zx4K58fDDKRTY
As7mmSwun1TM6GuP5ZtQYnpbbKe/VEW9EIBOQU0AFfk65YhbawxJUjQNxCddQ+YX
gjJ+9Bfkm5HtBiA9dPGT4gpD4UB7VEntuo+xAM7tboFtmlr2FVsLSaNu95SM9bF0
6WUK7+BDX/i83ARAeqbkuECkLQkBtUdl8MMkYf/260/ONy+WpFxwnmXrcADd2t2V
awAUOgJ7TiWJrFhD9RQKzILyHpYggVa8wu9PmSZQTARA1vkW6t4+kT2fGBKF+nUF
y67ziDY8jNDcjDKtLsQHGfMLutww7sod3GyvcK4FJLrzUznBJOeG10vPptUCyRzm
28M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org