Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/9050EB8E993511ED9DDCDA7BC4F9AE02.roa
File:                     9050EB8E993511ED9DDCDA7BC4F9AE02.roa (raw, json)
Hash identifier:          XiK+xY/yn1NeAfUcHhOXziyAIFxM4YC9a0DF5Ct1+9Q=
Subject key identifier:   72:F5:0D:7C:8B:49:C3:63:50:EF:94:80:68:1E:07:33:1D:89:D1:9E
Certificate issuer:       /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial:       115C
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/9050EB8E993511ED9DDCDA7BC4F9AE02.roa
Signing time:             Fri 31 Mar 2023 18:25:13 +0000
ROA not before:           Fri 31 Mar 2023 18:25:13 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     9902
IP address blocks:        103.23.136.0/22 maxlen: 22
                          103.23.136.0/24 maxlen: 24
                          103.23.137.0/24 maxlen: 24
                          103.23.138.0/24 maxlen: 24
                          103.23.139.0/24 maxlen: 24
                          103.25.92.0/24 maxlen: 24
                          103.25.93.0/24 maxlen: 24
                          103.25.94.0/24 maxlen: 24
                          103.25.95.0/24 maxlen: 24
                          103.244.248.0/22 maxlen: 22
                          103.244.248.0/24 maxlen: 24
                          103.244.249.0/24 maxlen: 24
                          103.244.250.0/24 maxlen: 24
                          103.244.251.0/24 maxlen: 24
                          110.235.220.0/22 maxlen: 22
                          110.235.220.0/24 maxlen: 24
                          110.235.221.0/24 maxlen: 24
                          110.235.222.0/24 maxlen: 24
                          110.235.223.0/24 maxlen: 24
                          123.108.248.0/21 maxlen: 21
                          123.108.248.0/24 maxlen: 24
                          123.108.249.0/24 maxlen: 24
                          123.108.250.0/24 maxlen: 24
                          123.108.251.0/24 maxlen: 24
                          123.108.252.0/24 maxlen: 24
                          123.108.253.0/24 maxlen: 24
                          123.108.254.0/23 maxlen: 24
                          124.199.112.0/20 maxlen: 20
                          124.199.112.0/24 maxlen: 24
                          124.199.113.0/24 maxlen: 24
                          124.199.114.0/24 maxlen: 24
                          124.199.115.0/24 maxlen: 24
                          124.199.116.0/24 maxlen: 24
                          124.199.117.0/24 maxlen: 24
                          124.199.118.0/24 maxlen: 24
                          124.199.119.0/24 maxlen: 24
                          124.199.120.0/24 maxlen: 24
                          124.199.121.0/24 maxlen: 24
                          124.199.122.0/24 maxlen: 24
                          124.199.123.0/24 maxlen: 24
                          124.199.124.0/24 maxlen: 24
                          124.199.125.0/24 maxlen: 24
                          124.199.126.0/24 maxlen: 24
                          124.199.127.0/24 maxlen: 24
                          163.53.196.0/22 maxlen: 22
                          163.53.196.0/24 maxlen: 24
                          163.53.197.0/24 maxlen: 24
                          163.53.198.0/24 maxlen: 24
                          163.53.199.0/24 maxlen: 24
                          202.124.32.0/24 maxlen: 24
                          202.124.33.0/24 maxlen: 24
                          202.124.34.0/24 maxlen: 24
                          202.124.35.0/24 maxlen: 24
                          202.124.36.0/24 maxlen: 24
                          202.124.37.0/24 maxlen: 24
                          202.124.38.0/24 maxlen: 24
                          202.124.39.0/24 maxlen: 24
                          202.124.40.0/24 maxlen: 24
                          202.124.41.0/24 maxlen: 24
                          202.124.42.0/24 maxlen: 24
                          202.124.43.0/24 maxlen: 24
                          202.124.44.0/24 maxlen: 24
                          202.124.45.0/24 maxlen: 24
                          202.124.46.0/24 maxlen: 24
                          202.124.47.0/24 maxlen: 24
                          203.80.160.0/21 maxlen: 21
                          203.80.161.0/24 maxlen: 24
                          203.80.162.0/24 maxlen: 24
                          203.80.163.0/24 maxlen: 24
                          203.80.164.0/24 maxlen: 24
                          203.80.165.0/24 maxlen: 24
                          203.80.166.0/24 maxlen: 24
                          203.80.167.0/24 maxlen: 24
                          203.167.16.0/22 maxlen: 22
                          203.167.16.0/24 maxlen: 24
                          203.167.17.0/24 maxlen: 24
                          203.167.18.0/24 maxlen: 24
                          203.167.19.0/24 maxlen: 24
                          2402:5100::/32 maxlen: 32
                          2402:5100::/48 maxlen: 48
                          2402:5100:1::/48 maxlen: 48
                          2402:5100:2::/48 maxlen: 48
                          2402:5100:3::/48 maxlen: 48
                          2402:5100:4::/48 maxlen: 48
                          2402:5100:5::/48 maxlen: 48
                          2402:5100:6::/47 maxlen: 47
                          2402:5100:8::/45 maxlen: 45
                          2402:5100:10::/44 maxlen: 44
                          2402:5100:20::/43 maxlen: 43
                          2402:5100:40::/42 maxlen: 42
                          2402:5100:80::/41 maxlen: 41
                          2402:5100:100::/40 maxlen: 40
                          2402:5100:200::/39 maxlen: 39
                          2402:5100:400::/38 maxlen: 38
                          2402:5100:800::/37 maxlen: 37
                          2402:5100:1000::/36 maxlen: 36
                          2402:5100:2000::/35 maxlen: 35
                          2402:5100:4000::/34 maxlen: 34
                          2402:5100:8000::/33 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4444 (0x115c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
        Validity
            Not Before: Mar 31 18:25:13 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64272588-c92a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6d:db:f4:34:51:f8:d5:0d:bc:3d:1e:3c:28:
                    d4:ac:82:4b:ca:15:0d:1b:c0:a7:20:30:12:97:c2:
                    ea:ed:cf:c6:76:ca:cc:98:37:6c:ff:c2:c6:5b:29:
                    ee:6f:74:88:57:b5:56:c3:85:96:f5:f9:26:98:0b:
                    38:10:d3:e2:0e:c0:e6:ee:79:db:ef:47:8f:b0:70:
                    c1:ff:d9:f5:af:46:e0:e4:bb:cf:31:3e:13:76:10:
                    1f:ac:37:fd:1c:da:63:a5:da:dd:9a:cd:d2:e5:4f:
                    bc:8b:a8:17:c0:19:99:35:22:e3:bf:a6:c9:bc:46:
                    26:9f:aa:c8:cd:b1:3e:d6:73:d6:1e:63:73:72:1d:
                    2a:3b:ac:1f:c6:d0:bb:66:57:fa:66:0c:e8:38:a3:
                    00:c4:fc:55:08:a4:24:fe:69:95:d5:8c:d4:cb:97:
                    89:54:6c:5f:e5:f5:e5:54:63:22:5a:f8:16:d0:9d:
                    b1:82:c3:20:98:68:41:62:39:fd:49:fd:0b:06:4a:
                    9c:e6:8e:41:37:c9:82:72:dc:02:00:44:4f:ff:c9:
                    ea:6c:78:99:1a:d5:2a:25:fc:08:81:5d:95:44:d2:
                    bd:67:57:35:e6:eb:30:9d:35:11:38:ab:52:d5:66:
                    4b:40:2b:18:51:4e:53:9e:46:39:d8:1f:eb:21:eb:
                    d2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F5:0D:7C:8B:49:C3:63:50:EF:94:80:68:1E:07:33:1D:89:D1:9E
            X509v3 Authority Key Identifier:
                keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/9050EB8E993511ED9DDCDA7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.136.0/22
                  103.25.92.0/22
                  103.244.248.0/22
                  110.235.220.0/22
                  123.108.248.0/21
                  124.199.112.0/20
                  163.53.196.0/22
                  202.124.32.0/20
                  203.80.160.0/21
                  203.167.16.0/22
                IPv6:
                  2402:5100::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:00:44:a4:5d:dd:98:a7:79:69:53:2e:3e:17:59:fd:8e:11:
         8e:6f:20:26:6e:a8:ef:70:91:92:36:9e:0a:2e:b8:9d:76:6e:
         dd:9f:b7:a0:21:f8:2a:96:0b:f2:f6:2f:e3:e7:16:53:20:83:
         56:da:46:10:27:fd:6c:ce:24:6c:ec:8b:9c:69:28:fe:ee:09:
         d3:59:75:1b:be:2b:54:8d:36:ff:9f:fd:ab:8c:89:76:19:da:
         d8:09:d2:64:0f:78:b6:f6:11:3f:17:01:ef:2b:36:fd:1a:cd:
         ac:dd:62:82:d3:f7:7a:c7:6c:c9:6a:b8:67:11:51:27:29:ed:
         3c:50:62:5d:99:43:34:af:48:96:2a:3f:07:fc:a9:a5:2f:9b:
         04:75:59:aa:1a:0f:81:1e:cd:fe:db:8e:7c:c7:8c:e0:1c:0c:
         d6:be:d9:ad:98:cb:f5:c9:8d:d0:07:16:63:82:62:0d:b2:d2:
         24:c0:59:93:88:66:4d:ee:81:36:47:fe:9e:d8:44:a3:38:e5:
         ee:4d:b8:4e:7d:08:72:94:f8:b1:c6:69:b9:77:e8:eb:46:7c:
         c1:56:ec:19:31:eb:82:7f:2b:07:75:22:f7:fd:67:de:8d:25:
         ea:78:7a:c3:7a:e0:22:84:6e:f7:21:41:7d:a9:c3:f5:96:a5:
         d3:4f:49:c7
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICEVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjMwMzMxMTgyNTEzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3MjU4OC1jOTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxW3b9DRR+NUNvD0ePCjUrIJLyhUNG8CnIDASl8Lq7c/GdsrMmDds/8LGWynu
b3SIV7VWw4WW9fkmmAs4ENPiDsDm7nnb70ePsHDB/9n1r0bg5LvPMT4TdhAfrDf9
HNpjpdrdms3S5U+8i6gXwBmZNSLjv6bJvEYmn6rIzbE+1nPWHmNzch0qO6wfxtC7
Zlf6ZgzoOKMAxPxVCKQk/mmV1YzUy5eJVGxf5fXlVGMiWvgW0J2xgsMgmGhBYjn9
Sf0LBkqc5o5BN8mCctwCAERP/8nqbHiZGtUqJfwIgV2VRNK9Z1c15uswnTUROKtS
1WZLQCsYUU5TnkY52B/rIevSZQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFHL1DXyL
ScNjUO+UgGgeBzMdidGeMB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvOTA1MEVCOEU5
OTM1MTFFRDlERENEQTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3AD
BAKjNcQDBATKfCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcN
AQELBQADggEBAIMARKRd3ZineWlTLj4XWf2OEY5vICZuqO9wkZI2ngouuJ12bt2f
t6Ah+CqWC/L2L+PnFlMgg1baRhAn/WzOJGzsi5xpKP7uCdNZdRu+K1SNNv+f/auM
iXYZ2tgJ0mQPeLb2ET8XAe8rNv0azazdYoLT93rHbMlquGcRUScp7TxQYl2ZQzSv
SJYqPwf8qaUvmwR1WaoaD4Eezf7bjnzHjOAcDNa+2a2Yy/XJjdAHFmOCYg2y0iTA
WZOIZk3ugTZH/p7YRKM45e5NuE59CHKU+LHGabl36OtGfMFW7Bkx64J/Kwd1Ivf9
Z96NJep4esN64CKEbvchQX2pw/WWpdNPScc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org