Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC10614267E411ED8B778E73C4F9AE02.roa
File:                     FC10614267E411ED8B778E73C4F9AE02.roa (raw, json)
Hash identifier:          oIFR5p6ilLnHcc4j6GTzMJbbu1CngR5QYZ7YBYHHUtI=
Subject key identifier:   83:27:41:5E:2F:21:41:73:AF:74:1D:3D:BC:28:E8:F0:14:02:0B:01
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0187
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC10614267E411ED8B778E73C4F9AE02.roa
Signing time:             Sun 29 Jan 2023 22:13:54 +0000
ROA not before:           Sun 29 Jan 2023 22:13:54 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.26.0/24 maxlen: 24
                          203.32.30.0/23 maxlen: 23
                          203.32.30.0/24 maxlen: 24
                          203.32.31.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.41.0/24 maxlen: 24
                          203.34.26.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 391 (0x187)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Jan 29 22:13:54 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=63d6efa1-df04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f0:23:6e:89:e0:3d:5f:54:1f:e8:a2:46:2b:
                    6e:37:14:1f:38:58:ae:bc:7e:ab:cc:9c:0b:89:5c:
                    7c:b0:4d:a7:65:dd:49:db:64:8f:ce:05:2c:19:c9:
                    06:c6:5b:00:03:6f:0e:b7:e4:2b:e6:fa:bb:4b:6d:
                    32:f4:ef:57:e5:e2:ad:a1:9b:fb:72:b5:ee:8d:ba:
                    ed:e6:e7:ba:fd:38:b2:de:96:f7:6b:a1:d3:69:7f:
                    6c:17:6e:ec:93:44:6b:0e:94:a4:b1:2d:cc:a0:fe:
                    7f:f6:35:8c:f5:c4:ab:89:30:2c:25:f1:0d:3d:89:
                    55:b8:02:02:ac:92:18:78:c5:40:52:44:04:d2:8a:
                    85:51:12:8a:41:3c:ba:99:0f:c0:b6:a1:10:11:db:
                    9d:44:72:25:f6:36:41:c3:f5:1f:4e:41:90:f7:4e:
                    58:74:0f:b3:65:9e:67:f5:63:44:ed:51:d6:26:9f:
                    32:5f:66:1f:4e:2b:86:a8:44:cb:13:9d:d0:24:77:
                    3f:7f:0a:6a:93:eb:7b:fe:79:aa:5e:4c:34:e7:3f:
                    24:d6:73:85:d6:2c:36:6f:fc:e7:e0:dd:6e:80:63:
                    06:d9:df:f5:11:3e:74:e5:b1:40:c8:5a:5e:65:d2:
                    a3:c8:07:f4:0a:13:95:7e:e9:c8:f2:e3:f9:c4:4e:
                    14:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:27:41:5E:2F:21:41:73:AF:74:1D:3D:BC:28:E8:F0:14:02:0B:01
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FC10614267E411ED8B778E73C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.26.0/24
                  203.32.30.0-203.32.32.255
                  203.32.41.0/24
                  203.34.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:56:52:0e:a4:df:dc:4a:c9:56:f4:39:01:f7:20:ea:63:4d:
         ed:ce:65:99:f9:7b:3f:f3:32:03:3d:77:29:53:5b:78:76:7e:
         40:29:f7:bb:ec:e5:c4:ce:6d:2a:79:b9:d4:d0:58:5a:bf:57:
         01:0f:e4:67:eb:2c:84:51:a3:dd:c6:a5:31:a8:53:89:de:0b:
         d1:44:19:7e:e6:8a:da:52:7a:f3:73:be:df:3c:cf:d9:e1:4c:
         34:49:79:e7:c5:44:33:db:6c:3c:e5:48:fe:6d:7e:3e:ee:8d:
         49:6a:06:41:6d:ee:9b:9a:ec:12:0f:0a:ac:b7:8a:ec:4a:15:
         80:de:56:90:85:c6:44:48:4a:ae:0c:da:ef:94:b0:ca:bc:8c:
         c2:79:c1:d1:ba:e4:5d:00:02:ea:1c:ad:aa:18:41:c2:8a:92:
         42:46:44:95:b3:ee:17:c1:c2:19:bb:1d:23:95:23:4a:53:e1:
         93:3d:8f:aa:02:67:68:03:1a:91:15:fc:61:30:e3:1f:12:45:
         e0:9d:28:28:a7:ca:15:45:96:8d:f6:e9:2f:57:3b:01:e7:69:
         9d:00:93:1c:b4:4d:1f:9d:cc:e0:16:be:35:e3:53:0c:6e:0a:
         bb:2a:5c:08:55:98:20:ea:89:21:d2:c1:17:f7:77:62:a2:2e:
         56:82:00:9f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwMTI5MjIxMzU0WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q2ZWZhMS1kZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApPAjbongPV9UH+iiRituNxQfOFiuvH6rzJwLiVx8sE2nZd1J22SPzgUsGckG
xlsAA28Ot+Qr5vq7S20y9O9X5eKtoZv7crXujbrt5ue6/Tiy3pb3a6HTaX9sF27s
k0RrDpSksS3MoP5/9jWM9cSriTAsJfENPYlVuAICrJIYeMVAUkQE0oqFURKKQTy6
mQ/AtqEQEdudRHIl9jZBw/UfTkGQ905YdA+zZZ5n9WNE7VHWJp8yX2YfTiuGqETL
E53QJHc/fwpqk+t7/nmqXkw05z8k1nOF1iw2b/zn4N1ugGMG2d/1ET505bFAyFpe
ZdKjyAf0ChOVfunI8uP5xE4U9QIDAQABo4ICrzCCAqswHQYDVR0OBBYEFIMnQV4v
IUFzr3QdPbwo6PAUAgsBMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRkMxMDYxNDI2
N0U0MTFFRDhCNzc4RTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBADLIBowDAMEAcsgHgMEAMsgIAMEAMsgKQMEAMsiGjANBgkq
hkiG9w0BAQsFAAOCAQEAAFZSDqTf3ErJVvQ5Afcg6mNN7c5lmfl7P/MyAz13KVNb
eHZ+QCn3u+zlxM5tKnm51NBYWr9XAQ/kZ+sshFGj3calMahTid4L0UQZfuaK2lJ6
83O+3zzP2eFMNEl558VEM9tsPOVI/m1+Pu6NSWoGQW3um5rsEg8KrLeK7EoVgN5W
kIXGREhKrgza75SwyryMwnnB0brkXQAC6hytqhhBwoqSQkZElbPuF8HCGbsdI5Uj
SlPhkz2PqgJnaAMakRX8YTDjHxJF4J0oKKfKFUWWjfbpL1c7AedpnQCTHLRNH53M
4Ba+NeNTDG4KuypcCFWYIOqJIdLBF/d3YqIuVoIAnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org