Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A97F0/A66319F012D911EAA16A4B61C4F9AE02/6C60158A833B11EC975B9A21C4F9AE02.roa
File:                     6C60158A833B11EC975B9A21C4F9AE02.roa (raw, json)
Hash identifier:          7KY2n3oy5cydgApFUQ9SMcb7WE2Kr67zD1tFJlabcvE=
Subject key identifier:   CE:30:9D:FF:83:B5:77:20:70:7A:C2:AD:C5:20:1B:AA:7C:A3:CD:BA
Certificate issuer:       /CN=A91A97F0/serialNumber=8C66F9C0E668AC9081DF710D6042DF47490B0AB9
Certificate serial:       0892
Authority key identifier: 8C:66:F9:C0:E6:68:AC:90:81:DF:71:0D:60:42:DF:47:49:0B:0A:B9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jGb5wOZorJCB33ENYELfR0kLCrk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A97F0/A66319F012D911EAA16A4B61C4F9AE02/6C60158A833B11EC975B9A21C4F9AE02.roa
Signing time:             Tue 15 Mar 2022 08:26:39 +0000
ROA not before:           Tue 15 Mar 2022 08:26:39 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     136027
IP address blocks:        103.80.70.0/23 maxlen: 23
                          103.80.70.0/24 maxlen: 24
                          103.80.71.0/24 maxlen: 24
                          103.107.123.0/24 maxlen: 24
                          103.121.175.0/24 maxlen: 24
                          2001:df6:de00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2194 (0x892)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A97F0/serialNumber=8C66F9C0E668AC9081DF710D6042DF47490B0AB9
        Validity
            Not Before: Mar 15 08:26:39 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62304dbe-38b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a4:be:bf:39:8f:7f:aa:88:32:6f:22:19:c0:
                    85:80:e7:d9:02:04:b0:93:e3:7b:e6:f8:32:25:83:
                    b0:9e:e0:5c:89:50:d7:5b:13:28:61:7a:12:d1:09:
                    e5:ab:eb:aa:51:a8:3e:17:88:7e:3b:38:ac:6f:4c:
                    f6:b2:4d:66:e8:ec:85:0c:17:6a:eb:72:f0:3b:47:
                    86:8e:d2:52:9d:38:f0:2d:67:39:4c:11:d0:d9:5c:
                    b9:19:79:8d:7c:4c:9c:d5:ad:e5:2c:c8:fe:0f:b2:
                    18:3d:25:53:a9:59:23:16:ef:a4:6c:41:47:01:d7:
                    2a:47:91:56:f3:a6:df:ae:16:8b:a0:9c:13:34:64:
                    c3:00:4e:c7:b4:59:e7:72:aa:22:2a:99:86:62:41:
                    ca:88:46:7c:35:37:4c:6a:0d:55:3f:9f:0f:73:df:
                    76:de:7a:0d:52:de:18:5b:36:bc:28:d3:4d:9d:87:
                    72:3c:c5:37:e4:71:b1:fd:dc:90:7e:32:80:3f:cc:
                    f2:cf:fb:9c:72:7c:82:4e:c9:5d:e2:42:a7:d6:39:
                    e9:c6:a9:32:eb:15:51:a9:91:bc:88:ee:b3:0b:29:
                    19:54:40:2a:38:2b:b3:8f:bf:3a:80:f9:30:6b:ba:
                    20:8a:bd:cc:0f:76:25:ae:f0:cc:c9:bc:1e:d5:9b:
                    dd:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:30:9D:FF:83:B5:77:20:70:7A:C2:AD:C5:20:1B:AA:7C:A3:CD:BA
            X509v3 Authority Key Identifier:
                keyid:8C:66:F9:C0:E6:68:AC:90:81:DF:71:0D:60:42:DF:47:49:0B:0A:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A97F0/A66319F012D911EAA16A4B61C4F9AE02/jGb5wOZorJCB33ENYELfR0kLCrk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jGb5wOZorJCB33ENYELfR0kLCrk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A97F0/A66319F012D911EAA16A4B61C4F9AE02/6C60158A833B11EC975B9A21C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.80.70.0/23
                  103.107.123.0/24
                  103.121.175.0/24
                IPv6:
                  2001:df6:de00::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:0b:f3:e0:eb:c0:58:cc:d0:cd:aa:c3:ae:37:eb:ba:1a:1a:
         8f:3a:32:4e:4b:ef:c2:55:f2:cd:6d:4b:ab:96:bb:0e:11:bb:
         a9:54:33:ac:68:f6:21:f6:69:4d:34:28:b0:5b:0c:1a:87:a7:
         ad:88:4f:25:09:c7:e5:2e:cc:54:b6:34:03:42:4d:2f:59:44:
         6a:04:b5:02:a1:cb:f2:03:4c:82:19:cd:d1:ff:38:69:b1:a5:
         a9:7c:53:ab:3c:43:57:da:d6:78:1a:7b:44:d6:9e:25:bf:e0:
         07:98:20:56:25:71:85:86:ed:4e:12:e7:04:47:4e:e1:31:80:
         2a:c1:01:28:76:e6:d7:91:d4:ef:e3:8c:ea:52:2c:82:c1:02:
         a3:d7:50:29:03:19:cd:21:07:7c:c7:4f:16:1d:04:17:a3:fb:
         a4:b5:97:ea:f7:c9:cd:62:cd:29:bc:11:61:3b:10:e4:b7:52:
         d4:e5:80:8e:84:6f:78:5b:10:86:d4:8c:a0:54:76:73:71:15:
         a9:e0:73:2f:38:27:d2:02:6a:3c:e5:72:12:2e:56:24:2e:70:
         9a:22:ec:e4:80:d3:26:4b:23:7b:64:67:c1:df:39:e1:17:34:
         9e:85:57:36:80:03:d6:00:7e:e2:6e:44:29:26:20:79:36:32:
         06:e8:d1:55
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICCJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTk3RjAxMTAvBgNVBAUTKDhDNjZGOUMwRTY2OEFDOTA4MURGNzEwRDYwNDJERjQ3
NDkwQjBBQjkwHhcNMjIwMzE1MDgyNjM5WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMwNGRiZS0zOGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7qS+vzmPf6qIMm8iGcCFgOfZAgSwk+N75vgyJYOwnuBciVDXWxMoYXoS0Qnl
q+uqUag+F4h+Ozisb0z2sk1m6OyFDBdq63LwO0eGjtJSnTjwLWc5TBHQ2Vy5GXmN
fEyc1a3lLMj+D7IYPSVTqVkjFu+kbEFHAdcqR5FW86bfrhaLoJwTNGTDAE7HtFnn
cqoiKpmGYkHKiEZ8NTdMag1VP58Pc9923noNUt4YWza8KNNNnYdyPMU35HGx/dyQ
fjKAP8zyz/uccnyCTsld4kKn1jnpxqky6xVRqZG8iO6zCykZVEAqOCuzj786gPkw
a7ogir3MD3YlrvDMybwe1ZvdyQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFM4wnf+D
tXcgcHrCrcUgG6p8o826MB8GA1UdIwQYMBaAFIxm+cDmaKyQgd9xDWBC30dJCwq5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTdGMC9BNjYzMTlGMDEy
RDkxMUVBQTE2QTRCNjFDNEY5QUUwMi9qR2I1d09ab3JKQ0IzM0VOWUVMZlIwa0xD
cmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pHYjV3T1pvckpDQjMzRU5ZRUxmUjBrTENyay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTk3RjAvQTY2MzE5RjAxMkQ5MTFFQUExNkE0QjYxQzRGOUFFMDIvNkM2MDE1OEE4
MzNCMTFFQzk3NUI5QTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAFnUEYDBABna3sDBABnea8wDwQCAAIwCQMHACABDfbeADAN
BgkqhkiG9w0BAQsFAAOCAQEATAvz4OvAWMzQzarDrjfruhoajzoyTkvvwlXyzW1L
q5a7DhG7qVQzrGj2IfZpTTQosFsMGoenrYhPJQnH5S7MVLY0A0JNL1lEagS1AqHL
8gNMghnN0f84abGlqXxTqzxDV9rWeBp7RNaeJb/gB5ggViVxhYbtThLnBEdO4TGA
KsEBKHbm15HU7+OM6lIsgsECo9dQKQMZzSEHfMdPFh0EF6P7pLWX6vfJzWLNKbwR
YTsQ5LdS1OWAjoRveFsQhtSMoFR2c3EVqeBzLzgn0gJqPOVyEi5WJC5wmiLs5IDT
Jksje2Rnwd854Rc0noVXNoAD1gB+4m5EKSYgeTYyBujRVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org