Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
File:                     6EE624A443B611EB9FB8597CC4F9AE02.roa (raw, json)
Hash identifier:          DIipod8N22EN4Zq2tzP9F8Th72GN7Ye6hG1e4K0n+gA=
Subject key identifier:   BA:3E:5B:4A:AD:88:DA:7A:01:A2:36:D1:52:3D:70:79:5D:9F:24:E3
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       334B
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
Signing time:             Wed 08 Feb 2023 12:40:26 +0000
ROA not before:           Wed 08 Feb 2023 12:40:26 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     140607
IP address blocks:        103.207.85.0/24 maxlen: 24
                          116.90.116.0/24 maxlen: 24
                          116.90.117.0/24 maxlen: 24
                          116.90.118.0/24 maxlen: 24
                          116.90.119.0/24 maxlen: 24
                          116.90.121.0/24 maxlen: 24
                          116.90.122.0/24 maxlen: 24
                          202.69.51.0/24 maxlen: 24
                          202.142.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13131 (0x334b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Feb  8 12:40:26 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=63e3983a-a866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:70:22:43:3e:25:0f:95:c5:d2:f8:2f:f8:a6:
                    4f:7b:e8:5d:c4:79:44:71:0c:0a:b8:69:5d:13:72:
                    18:a4:3a:05:e1:66:96:82:27:74:f4:0c:08:d3:4e:
                    b2:03:d4:83:85:34:ef:d0:ca:1f:8c:3c:b2:e7:0f:
                    a9:62:cc:58:30:67:af:df:7b:b7:79:e6:25:a5:1e:
                    6e:21:e8:39:58:ae:bc:72:7f:3c:24:cc:cf:82:ef:
                    e2:ab:8b:7c:6f:47:d5:74:3f:84:53:de:73:a7:bf:
                    3a:9d:a1:c8:4d:bd:cb:6e:76:5e:ee:cd:de:a8:1d:
                    b8:b6:cf:df:cd:46:f3:c6:ce:98:c3:f3:c8:90:60:
                    20:11:32:fa:b0:59:cc:c9:8f:3b:bd:a3:25:87:cd:
                    90:60:f0:eb:5c:b6:79:97:ae:48:de:79:14:c1:d1:
                    0f:10:a0:a7:e8:95:70:7e:59:a1:ba:2c:b1:2b:7b:
                    97:68:24:96:b9:ba:ad:d9:d8:06:39:dd:f3:ca:13:
                    ff:bb:35:6a:0d:a4:c3:f7:84:56:3e:cf:df:04:b2:
                    3c:7c:3c:95:bc:b1:48:d8:b9:bc:de:60:c0:c8:e9:
                    55:c2:5e:6e:4a:e5:07:8b:c1:a0:b1:98:af:f6:2b:
                    70:15:00:09:fd:e1:93:20:8d:a7:69:0a:cb:03:97:
                    1f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:3E:5B:4A:AD:88:DA:7A:01:A2:36:D1:52:3D:70:79:5D:9F:24:E3
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.207.85.0/24
                  116.90.116.0/22
                  116.90.121.0-116.90.122.255
                  202.69.51.0/24
                  202.142.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:cc:70:c1:78:dc:de:44:a1:8b:5a:a0:99:77:13:a6:48:72:
         eb:c6:e0:16:80:a1:2c:b2:f7:2f:d9:74:bb:23:d9:15:4e:a2:
         0d:ac:e0:6b:f2:a1:0e:03:d3:3f:b5:34:92:05:f1:99:1e:4f:
         71:12:87:4b:32:8e:be:72:f5:19:95:12:85:c5:10:b1:65:a5:
         a0:1f:ad:d7:3c:10:39:7a:62:21:62:58:40:44:98:9b:89:73:
         9a:3e:30:b6:4d:47:c9:aa:c6:98:c6:96:f5:ef:67:6b:60:c1:
         57:d0:5e:0c:32:29:9f:b6:46:c7:3d:1c:6f:82:86:fb:90:1c:
         9a:ca:0b:72:dd:78:fd:57:46:58:ee:01:53:d6:c5:79:8a:17:
         11:4b:2c:4a:6a:80:45:46:27:79:9d:ec:38:5f:91:6f:b9:43:
         71:16:5e:28:00:3f:e2:46:a9:68:8a:75:5b:15:10:06:c2:8c:
         58:bc:7f:20:c9:be:81:27:28:5d:66:0d:20:c7:d8:96:1f:11:
         c2:95:33:b1:39:ab:b8:97:fd:2c:7c:9f:df:ff:23:ee:5a:71:
         21:06:08:fc:d8:9b:58:c7:40:4d:01:04:ff:00:0f:70:c0:23:
         70:cd:06:32:97:42:5c:c2:0e:25:70:75:16:ee:d3:7d:57:ef:
         ba:fa:b9:e1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICM0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMjA4MTI0MDI2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzOTgzYS1hODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnAiQz4lD5XF0vgv+KZPe+hdxHlEcQwKuGldE3IYpDoF4WaWgid09AwI006y
A9SDhTTv0MofjDyy5w+pYsxYMGev33u3eeYlpR5uIeg5WK68cn88JMzPgu/iq4t8
b0fVdD+EU95zp786naHITb3LbnZe7s3eqB24ts/fzUbzxs6Yw/PIkGAgETL6sFnM
yY87vaMlh82QYPDrXLZ5l65I3nkUwdEPEKCn6JVwflmhuiyxK3uXaCSWubqt2dgG
Od3zyhP/uzVqDaTD94RWPs/fBLI8fDyVvLFI2Lm83mDAyOlVwl5uSuUHi8GgsZiv
9itwFQAJ/eGTII2naQrLA5cfTQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLo+W0qt
iNp6AaI20VI9cHldnyTjMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNkVFNjI0QTQ0
M0I2MTFFQjlGQjg1OTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBABnz1UDBAJ0WnQwDAMEAHRaeQMEAHRaegMEAMpFMwMEAMqO
lzANBgkqhkiG9w0BAQsFAAOCAQEArcxwwXjc3kShi1qgmXcTpkhy68bgFoChLLL3
L9l0uyPZFU6iDazga/KhDgPTP7U0kgXxmR5PcRKHSzKOvnL1GZUShcUQsWWloB+t
1zwQOXpiIWJYQESYm4lzmj4wtk1HyarGmMaW9e9na2DBV9BeDDIpn7ZGxz0cb4KG
+5AcmsoLct14/VdGWO4BU9bFeYoXEUssSmqARUYneZ3sOF+Rb7lDcRZeKAA/4kap
aIp1WxUQBsKMWLx/IMm+gScoXWYNIMfYlh8RwpUzsTmruJf9LHyf3/8j7lpxIQYI
/NibWMdATQEE/wAPcMAjcM0GMpdCXMIOJXB1Fu7TfVfvuvq54Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org