Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C08472381AED11EDB3761D69C4F9AE02.roa
File:                     C08472381AED11EDB3761D69C4F9AE02.roa (raw, json)
Hash identifier:          70SowsrSrhKPiOGebEX8G5KEomUcUADWbLsRnoFJ0DA=
Subject key identifier:   AA:C4:05:04:DC:53:AE:D7:F5:DB:3B:FA:FF:4B:69:E2:4D:CA:01:3C
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       B1
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C08472381AED11EDB3761D69C4F9AE02.roa
Signing time:             Sat 13 Aug 2022 09:53:17 +0000
ROA not before:           Sat 13 Aug 2022 09:53:17 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.22.0/23 maxlen: 23
                          203.32.22.0/24 maxlen: 24
                          203.32.23.0/24 maxlen: 24
                          203.32.28.0/24 maxlen: 24
                          203.32.30.0/23 maxlen: 23
                          203.32.30.0/24 maxlen: 24
                          203.32.31.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.38.0/24 maxlen: 24
                          203.32.40.0/23 maxlen: 23
                          203.32.40.0/24 maxlen: 24
                          203.32.41.0/24 maxlen: 24
                          203.34.26.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177 (0xb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 13 09:53:17 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62f7748c-778e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b3:1b:12:ce:05:dc:4b:cc:36:0d:29:68:08:
                    92:b1:9d:1f:5d:d0:71:28:77:8a:a0:b8:52:eb:27:
                    c8:01:b1:35:8f:6f:64:e8:a5:4e:4c:83:57:a3:ce:
                    c3:54:df:75:2a:04:89:eb:30:91:a3:bf:fc:70:57:
                    83:fc:c2:d5:1d:1a:99:d5:5e:be:c0:0f:8c:58:b8:
                    70:c8:3e:9b:f8:a5:00:ae:5d:b1:93:b4:b4:76:b6:
                    7a:db:48:2d:a7:58:f2:34:60:6a:a5:57:0c:5e:d5:
                    cd:61:b9:39:30:96:ab:50:d9:1b:f3:c9:f8:82:e8:
                    d3:88:ea:5d:aa:75:9f:1e:3b:02:16:af:16:2b:8e:
                    94:04:ab:94:ee:de:4c:04:5d:fd:60:89:5f:f0:67:
                    8a:1e:e8:c1:2c:25:63:03:8d:ad:8a:ef:b2:c3:3b:
                    30:2b:44:87:3f:22:c5:48:e3:19:ba:70:c2:be:9b:
                    3e:e6:24:56:ee:0f:4f:59:e1:01:1b:6e:0e:25:0c:
                    55:8b:40:c2:c9:68:8c:0c:5c:8f:2d:3a:37:89:2f:
                    e2:6f:e2:d6:83:a0:98:b9:da:a2:59:0f:8e:81:10:
                    b1:0a:f8:53:39:06:69:9f:1e:b7:06:5b:44:e4:ee:
                    b4:e4:4b:1f:a7:c3:2a:2d:61:1c:b6:38:d4:99:4e:
                    0b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C4:05:04:DC:53:AE:D7:F5:DB:3B:FA:FF:4B:69:E2:4D:CA:01:3C
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C08472381AED11EDB3761D69C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.22.0/23
                  203.32.28.0/24
                  203.32.30.0-203.32.32.255
                  203.32.38.0/24
                  203.32.40.0/23
                  203.34.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:c2:32:01:5f:4f:db:a6:a0:82:3c:f3:41:66:73:e5:0a:04:
         f8:6d:92:77:83:d2:1d:16:82:d6:69:79:7a:a6:05:93:fd:b5:
         35:ff:50:59:03:d7:85:9c:7e:df:57:42:ff:87:5c:56:4b:77:
         a2:4a:78:ed:64:eb:69:5b:64:ec:e3:d0:72:af:eb:0e:ca:b6:
         6f:b1:a0:ac:c1:1b:d1:3a:77:22:84:c4:e6:cc:de:97:04:4e:
         2d:7b:b6:df:18:31:46:3d:de:56:3d:43:a7:e3:35:c9:db:91:
         e7:90:c8:56:23:3f:e1:b3:be:79:a3:91:bb:4c:b0:d5:3a:45:
         5b:76:7d:19:9f:fe:06:55:a5:bb:fc:60:2a:5d:d4:9a:2d:ac:
         b0:28:4e:90:12:29:d0:02:7d:d6:b2:85:47:40:ec:be:de:ac:
         03:ba:19:60:d2:90:8f:91:c9:94:13:c0:0b:a9:7f:16:2f:7a:
         a9:96:f2:44:7e:17:54:d2:17:3a:a9:78:21:65:64:96:77:60:
         8c:d8:55:15:6d:1c:6a:39:d5:b4:54:42:74:21:51:9c:1d:8f:
         c4:15:34:e4:32:05:50:6b:79:82:0b:82:cd:3d:39:7a:c7:83:
         16:a4:e6:50:ac:d9:da:f3:00:c8:b1:60:04:d8:49:5b:f5:d3:
         7a:61:b3:9b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICALEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwODEzMDk1MzE3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY3NzQ4Yy03NzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0rMbEs4F3EvMNg0paAiSsZ0fXdBxKHeKoLhS6yfIAbE1j29k6KVOTINXo87D
VN91KgSJ6zCRo7/8cFeD/MLVHRqZ1V6+wA+MWLhwyD6b+KUArl2xk7S0drZ620gt
p1jyNGBqpVcMXtXNYbk5MJarUNkb88n4gujTiOpdqnWfHjsCFq8WK46UBKuU7t5M
BF39YIlf8GeKHujBLCVjA42tiu+ywzswK0SHPyLFSOMZunDCvps+5iRW7g9PWeEB
G24OJQxVi0DCyWiMDFyPLTo3iS/ib+LWg6CYudqiWQ+OgRCxCvhTOQZpnx63BltE
5O605Esfp8MqLWEctjjUmU4L3wIDAQABo4ICuzCCArcwHQYDVR0OBBYEFKrEBQTc
U67X9ds7+v9LaeJNygE8MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQzA4NDcyMzgx
QUVEMTFFREIzNzYxRDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBAHLIBYDBADLIBwwDAMEAcsgHgMEAMsgIAMEAMsgJgMEAcsg
KAMEAMsiGjANBgkqhkiG9w0BAQsFAAOCAQEAeMIyAV9P26aggjzzQWZz5QoE+G2S
d4PSHRaC1ml5eqYFk/21Nf9QWQPXhZx+31dC/4dcVkt3okp47WTraVtk7OPQcq/r
Dsq2b7GgrMEb0Tp3IoTE5szelwROLXu23xgxRj3eVj1Dp+M1yduR55DIViM/4bO+
eaORu0yw1TpFW3Z9GZ/+BlWlu/xgKl3Umi2ssChOkBIp0AJ91rKFR0Dsvt6sA7oZ
YNKQj5HJlBPAC6l/Fi96qZbyRH4XVNIXOql4IWVklndgjNhVFW0cajnVtFRCdCFR
nB2PxBU05DIFUGt5gguCzT05eseDFqTmUKzZ2vMAyLFgBNhJW/XTemGzmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org