Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/FF0C7468354A11EBA5029C5FC4F9AE02.roa
File:                     FF0C7468354A11EBA5029C5FC4F9AE02.roa (raw, json)
Hash identifier:          lVZ0TaaaewoeJ+CcDYyOmTShcZdbtxVUloLFrI6pMc8=
Subject key identifier:   00:5A:66:F4:40:72:3A:FD:D9:0A:CA:3B:DA:74:B2:54:3E:E4:00:7E
Certificate issuer:       /CN=A919D209/serialNumber=EB62DFC734A25BC154D367A98CF27ED16F41EAD0
Certificate serial:       0395
Authority key identifier: EB:62:DF:C7:34:A2:5B:C1:54:D3:67:A9:8C:F2:7E:D1:6F:41:EA:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/62LfxzSiW8FU02epjPJ-0W9B6tA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/FF0C7468354A11EBA5029C5FC4F9AE02.roa
Signing time:             Fri 04 Mar 2022 12:49:52 +0000
ROA not before:           Fri 04 Mar 2022 12:49:52 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     56082
IP address blocks:        43.230.188.0/24 maxlen: 24
                          43.230.189.0/24 maxlen: 24
                          43.230.190.0/24 maxlen: 24
                          103.50.9.0/24 maxlen: 24
                          103.50.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 917 (0x395)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919D209/serialNumber=EB62DFC734A25BC154D367A98CF27ED16F41EAD0
        Validity
            Not Before: Mar  4 12:49:52 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62220af0-075f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a8:c9:0b:ea:4c:62:92:9d:5c:0f:d0:19:49:
                    f0:a9:d5:2d:ee:2c:5e:12:24:f1:1a:1c:5d:29:30:
                    66:67:56:f8:cb:85:5d:23:9b:64:89:d6:dd:a2:e0:
                    91:4d:f8:7a:05:92:7a:43:50:9b:41:98:b8:25:16:
                    ef:7f:8d:6b:11:f8:0c:6c:cd:53:ab:ba:2e:d1:8b:
                    dc:24:57:1f:66:67:44:65:fa:fd:31:bf:d0:9e:da:
                    cb:53:e7:8b:a0:4d:6e:b5:59:44:df:11:7e:11:33:
                    b6:05:75:fb:88:4f:62:01:8e:81:d7:3b:34:1d:19:
                    cd:65:f7:6b:23:51:c2:e5:41:48:b1:34:df:35:bf:
                    b3:92:fa:77:c5:9d:7f:21:3c:22:72:86:96:3d:ba:
                    75:6a:8c:ad:14:c4:7b:1d:d1:ba:c4:0f:76:d9:d8:
                    b0:68:07:8f:ad:aa:69:4d:3e:ee:74:a6:7a:af:32:
                    45:14:4f:10:88:99:e9:45:52:5a:96:40:1b:47:93:
                    ca:8f:11:7c:71:e3:68:ee:cb:ea:ec:9d:90:60:aa:
                    89:7d:49:ab:e6:ae:14:bf:e2:ea:73:d6:d0:de:d9:
                    83:c6:02:94:3e:89:0c:0b:75:fa:a2:4e:7b:80:61:
                    c4:65:37:45:ea:b0:7f:6b:84:3d:aa:05:7f:a9:d1:
                    c0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:5A:66:F4:40:72:3A:FD:D9:0A:CA:3B:DA:74:B2:54:3E:E4:00:7E
            X509v3 Authority Key Identifier:
                keyid:EB:62:DF:C7:34:A2:5B:C1:54:D3:67:A9:8C:F2:7E:D1:6F:41:EA:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/62LfxzSiW8FU02epjPJ-0W9B6tA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/62LfxzSiW8FU02epjPJ-0W9B6tA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D209/B3397B4A353A11EBB7EB6B18C4F9AE02/FF0C7468354A11EBA5029C5FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.188.0-43.230.190.255
                  103.50.9.0-103.50.10.255

    Signature Algorithm: sha256WithRSAEncryption
         9f:cf:62:e9:1d:5f:06:54:86:ae:03:8c:6f:0d:e1:05:4b:5d:
         11:86:e2:5b:0d:cc:6a:ee:8c:c5:2f:2d:8e:bb:9f:e3:41:2a:
         6d:db:e2:82:68:1a:f3:18:d3:f8:2a:cf:f8:da:18:48:c0:ff:
         ba:2b:de:11:b2:0d:e2:10:e9:50:41:21:f7:7b:51:71:8a:f5:
         2e:28:59:50:df:56:ce:38:95:55:03:12:4f:83:d7:aa:65:d8:
         f1:25:99:8e:0a:76:de:e3:9c:1a:53:63:34:80:cb:53:64:58:
         08:1d:53:ec:d2:bf:ab:05:2b:ff:65:b4:4b:aa:d2:6f:4d:95:
         e4:ee:47:fb:55:b3:2c:08:2c:62:73:b2:56:23:b1:c0:ec:6f:
         ce:b5:aa:4a:90:d4:fc:27:dd:ab:e1:a7:59:dc:07:83:be:c3:
         61:f9:e2:78:6a:4f:0f:c0:4f:67:a0:06:ce:27:4a:c1:05:ba:
         d1:73:f9:a9:82:d9:24:cb:47:54:dc:e0:62:40:bf:11:00:d3:
         5e:55:da:ba:34:0b:2d:28:bd:e0:5e:dc:c7:04:4e:ff:52:4b:
         3b:02:85:56:19:4f:8e:1b:85:15:99:cd:c8:36:14:10:98:fb:
         65:4b:88:09:68:19:15:fd:3f:22:d5:63:0c:39:d7:82:35:61:
         75:ae:ed:79
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQyMDkxMTAvBgNVBAUTKEVCNjJERkM3MzRBMjVCQzE1NEQzNjdBOThDRjI3RUQx
NkY0MUVBRDAwHhcNMjIwMzA0MTI0OTUyWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjIyMGFmMC0wNzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ajJC+pMYpKdXA/QGUnwqdUt7ixeEiTxGhxdKTBmZ1b4y4VdI5tkidbdouCR
Tfh6BZJ6Q1CbQZi4JRbvf41rEfgMbM1Tq7ou0YvcJFcfZmdEZfr9Mb/QntrLU+eL
oE1utVlE3xF+ETO2BXX7iE9iAY6B1zs0HRnNZfdrI1HC5UFIsTTfNb+zkvp3xZ1/
ITwicoaWPbp1aoytFMR7HdG6xA922diwaAePrappTT7udKZ6rzJFFE8QiJnpRVJa
lkAbR5PKjxF8ceNo7svq7J2QYKqJfUmr5q4Uv+Lqc9bQ3tmDxgKUPokMC3X6ok57
gGHEZTdF6rB/a4Q9qgV/qdHAwQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFABaZvRA
cjr92QrKO9p0slQ+5AB+MB8GA1UdIwQYMBaAFOti38c0olvBVNNnqYzyftFvQerQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDIwOS9CMzM5N0I0QTM1
M0ExMUVCQjdFQjZCMThDNEY5QUUwMi82MkxmeHpTaVc4RlUwMmVwalBKLTBXOUI2
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYyTGZ4elNpVzhGVTAyZXBqUEotMFc5QjZ0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQyMDkvQjMzOTdCNEEzNTNBMTFFQkI3RUI2QjE4QzRGOUFFMDIvRkYwQzc0Njgz
NTRBMTFFQkE1MDI5QzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAivmvAMEACvmvjAMAwQAZzIJAwQAZzIKMA0GCSqGSIb3
DQEBCwUAA4IBAQCfz2LpHV8GVIauA4xvDeEFS10RhuJbDcxq7ozFLy2Ou5/jQSpt
2+KCaBrzGNP4Ks/42hhIwP+6K94Rsg3iEOlQQSH3e1FxivUuKFlQ31bOOJVVAxJP
g9eqZdjxJZmOCnbe45waU2M0gMtTZFgIHVPs0r+rBSv/ZbRLqtJvTZXk7kf7VbMs
CCxic7JWI7HA7G/OtapKkNT8J92r4adZ3AeDvsNh+eJ4ak8PwE9noAbOJ0rBBbrR
c/mpgtkky0dU3OBiQL8RANNeVdq6NAstKL3gXtzHBE7/Uks7AoVWGU+OG4UVmc3I
NhQQmPtlS4gJaBkV/T8i1WMMOdeCNWF1ru15
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org