Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/FB680DC68DBD11EE9133C468C4F9AE02.roa
File:                     FB680DC68DBD11EE9133C468C4F9AE02.roa (raw, json)
Hash identifier:          6BSUGEpEf/wQYVyT1WgigMTpi23+SrA+c9jVfETKyYw=
Subject key identifier:   B5:55:1E:B1:06:2A:88:62:20:1E:68:56:27:E2:41:46:2C:05:E2:2C
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       3436
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/FB680DC68DBD11EE9133C468C4F9AE02.roa
Signing time:             Tue 28 Nov 2023 07:16:00 +0000
ROA not before:           Tue 28 Nov 2023 07:16:00 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     23750
IP address blocks:        103.207.84.0/24 maxlen: 24
                          103.207.86.0/24 maxlen: 24
                          103.207.87.0/24 maxlen: 24
                          116.90.106.0/24 maxlen: 24
                          116.90.107.0/24 maxlen: 24
                          116.90.108.0/24 maxlen: 24
                          116.90.109.0/24 maxlen: 24
                          116.90.110.0/24 maxlen: 24
                          116.90.111.0/24 maxlen: 24
                          116.90.117.0/24 maxlen: 24
                          116.90.119.0/24 maxlen: 24
                          116.90.120.0/24 maxlen: 24
                          116.90.123.0/24 maxlen: 24
                          116.90.124.0/24 maxlen: 24
                          116.90.125.0/24 maxlen: 24
                          116.90.126.0/24 maxlen: 24
                          116.90.127.0/24 maxlen: 24
                          121.46.64.0/24 maxlen: 24
                          121.46.66.0/24 maxlen: 24
                          202.69.32.0/24 maxlen: 24
                          202.69.33.0/24 maxlen: 24
                          202.69.34.0/24 maxlen: 24
                          202.69.35.0/24 maxlen: 24
                          202.69.36.0/24 maxlen: 24
                          202.69.37.0/24 maxlen: 24
                          202.69.38.0/24 maxlen: 24
                          202.69.39.0/24 maxlen: 24
                          202.69.40.0/24 maxlen: 24
                          202.69.41.0/24 maxlen: 24
                          202.69.42.0/24 maxlen: 24
                          202.69.43.0/24 maxlen: 24
                          202.69.44.0/24 maxlen: 24
                          202.69.45.0/24 maxlen: 24
                          202.69.46.0/24 maxlen: 24
                          202.69.47.0/24 maxlen: 24
                          202.69.48.0/24 maxlen: 24
                          202.69.49.0/24 maxlen: 24
                          202.69.50.0/24 maxlen: 24
                          202.69.51.0/24 maxlen: 24
                          202.69.52.0/24 maxlen: 24
                          202.69.53.0/24 maxlen: 24
                          202.69.54.0/24 maxlen: 24
                          202.69.55.0/24 maxlen: 24
                          202.69.56.0/24 maxlen: 24
                          202.69.57.0/24 maxlen: 24
                          202.69.58.0/24 maxlen: 24
                          202.69.59.0/24 maxlen: 24
                          202.69.60.0/24 maxlen: 24
                          202.69.61.0/24 maxlen: 24
                          202.69.62.0/24 maxlen: 24
                          202.69.63.0/24 maxlen: 24
                          202.142.144.0/24 maxlen: 24
                          202.142.145.0/24 maxlen: 24
                          202.142.146.0/24 maxlen: 24
                          202.142.147.0/24 maxlen: 24
                          202.142.148.0/24 maxlen: 24
                          202.142.149.0/24 maxlen: 24
                          202.142.150.0/24 maxlen: 24
                          202.142.152.0/24 maxlen: 24
                          202.142.153.0/24 maxlen: 24
                          202.142.154.0/24 maxlen: 24
                          202.142.155.0/24 maxlen: 24
                          202.142.156.0/24 maxlen: 24
                          202.142.157.0/24 maxlen: 24
                          202.142.158.0/24 maxlen: 24
                          202.142.159.0/24 maxlen: 24
                          2406:ac00:1::/48 maxlen: 48
                          2406:ac00:2::/48 maxlen: 48
                          2406:ac00:203::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13366 (0x3436)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Nov 28 07:16:00 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=656593b0-378f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2d:7f:68:91:a4:a7:2b:0e:59:47:a3:d9:ea:
                    5b:e7:e5:be:05:67:67:42:80:67:c7:a2:44:84:aa:
                    b0:fe:24:10:d3:74:ed:7f:22:28:3c:fb:c8:8a:ac:
                    7b:93:f1:d0:0f:83:1c:9b:1e:73:06:97:d4:7f:58:
                    f5:5e:6e:7e:6b:7b:b2:80:fd:bb:7e:27:96:fb:00:
                    e6:8c:2f:f8:8e:b4:8f:72:9b:65:73:17:84:b5:95:
                    77:8d:75:9f:d2:e3:c3:3f:82:f3:50:14:ed:1f:5e:
                    1b:6d:26:6f:5e:01:1c:69:44:a2:40:a0:06:0e:bf:
                    ff:26:24:d5:1a:3d:b1:33:29:48:2d:c4:10:fe:9d:
                    c7:7a:69:0c:7d:1a:e6:c3:61:13:eb:63:fe:a0:9b:
                    65:0a:f0:ee:e7:cc:e8:e1:96:d4:e4:ba:04:c2:b8:
                    c9:eb:08:a8:14:84:21:3b:a8:b3:5c:1a:b3:35:74:
                    76:3a:14:de:da:5b:a9:94:4d:18:e7:ba:d5:74:2e:
                    21:93:c5:2a:1a:c9:70:fa:21:bc:20:20:29:23:8f:
                    0e:fc:83:42:0b:5a:e1:9c:d5:f0:bb:c0:01:41:a4:
                    4d:30:4a:1c:e5:73:3e:8d:3e:94:d7:72:0f:f5:d2:
                    60:7e:1e:18:7a:78:33:5b:20:20:65:98:25:27:4a:
                    f6:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:55:1E:B1:06:2A:88:62:20:1E:68:56:27:E2:41:46:2C:05:E2:2C
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/FB680DC68DBD11EE9133C468C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.207.84.0/24
                  103.207.86.0/23
                  116.90.106.0-116.90.111.255
                  116.90.117.0/24
                  116.90.119.0-116.90.120.255
                  116.90.123.0-116.90.127.255
                  121.46.64.0/24
                  121.46.66.0/24
                  202.69.32.0/19
                  202.142.144.0-202.142.150.255
                  202.142.152.0/21
                IPv6:
                  2406:ac00:1::-2406:ac00:2:ffff:ffff:ffff:ffff:ffff
                  2406:ac00:203::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:34:8e:75:3a:26:76:ce:97:7b:84:6a:e7:37:a2:e2:cd:bd:
         bc:9c:65:0b:c0:0f:ec:2c:52:c2:d2:0b:57:a0:61:e7:bb:a2:
         91:fd:37:85:e8:26:05:0b:6f:34:f0:29:a1:c9:6e:ab:1f:c1:
         4e:f2:6c:f1:5b:2d:68:9e:d1:88:86:37:5a:a3:18:e0:e8:98:
         70:94:c4:9f:e6:50:b9:d9:3b:41:32:70:ce:4a:72:1f:44:21:
         f3:46:42:33:ac:1f:a1:bb:7e:66:47:e4:ad:0d:d8:94:31:52:
         b9:c0:ea:b3:70:47:4b:62:82:5c:74:cc:d6:70:db:e9:9f:30:
         4c:04:19:46:a5:83:bb:8a:21:f7:4c:01:c5:e9:48:af:8c:16:
         5c:d5:7b:eb:90:5c:ac:f2:c8:03:c3:be:da:a4:fc:13:98:81:
         a1:a6:41:d6:00:6d:b0:40:8f:db:89:76:f1:0e:80:28:f8:dc:
         0c:52:e1:54:e6:f8:87:19:dd:e9:15:4a:5a:f3:4f:0d:75:66:
         b1:e9:37:67:0e:65:8d:00:da:5b:c4:6b:2e:68:dc:39:1a:4d:
         c8:6a:1f:7d:df:31:e2:81:ae:ff:58:58:78:84:aa:7a:01:05:
         94:4f:1e:c8:60:08:38:28:72:6c:83:ba:4b:bd:96:47:79:aa:
         b0:ec:1b:ad
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICNDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTI4MDcxNjAwWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY1OTNiMC0zNzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAti1/aJGkpysOWUej2epb5+W+BWdnQoBnx6JEhKqw/iQQ03TtfyIoPPvIiqx7
k/HQD4Mcmx5zBpfUf1j1Xm5+a3uygP27fieW+wDmjC/4jrSPcptlcxeEtZV3jXWf
0uPDP4LzUBTtH14bbSZvXgEcaUSiQKAGDr//JiTVGj2xMylILcQQ/p3HemkMfRrm
w2ET62P+oJtlCvDu58zo4ZbU5LoEwrjJ6wioFIQhO6izXBqzNXR2OhTe2luplE0Y
57rVdC4hk8UqGslw+iG8ICApI48O/INCC1rhnNXwu8ABQaRNMEoc5XM+jT6U13IP
9dJgfh4YengzWyAgZZglJ0r25wIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFLVVHrEG
KohiIB5oVifiQUYsBeIsMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRkI2ODBEQzY4
REJEMTFFRTkxMzNDNDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMGgEAgABMGIDBABnz1QDBAFnz1YwDAMEAXRaagMEBHRaYAMEAHRadTAM
AwQAdFp3AwQAdFp4MAwDBAB0WnsDBAd0WgADBAB5LkADBAB5LkIDBAXKRSAwDAME
BMqOkAMEAMqOlgMEA8qOmDAjBAIAAjAdMBIDBwAkBqwAAAEDBwAkBqwAAAIDBwAk
BqwAAgMwDQYJKoZIhvcNAQELBQADggEBADg0jnU6JnbOl3uEauc3ouLNvbycZQvA
D+wsUsLSC1egYee7opH9N4XoJgULbzTwKaHJbqsfwU7ybPFbLWie0YiGN1qjGODo
mHCUxJ/mULnZO0EycM5Kch9EIfNGQjOsH6G7fmZH5K0N2JQxUrnA6rNwR0tiglx0
zNZw2+mfMEwEGUalg7uKIfdMAcXpSK+MFlzVe+uQXKzyyAPDvtqk/BOYgaGmQdYA
bbBAj9uJdvEOgCj43AxS4VTm+IcZ3ekVSlrzTw11ZrHpN2cOZY0A2lvEay5o3Dka
TchqH33fMeKBrv9YWHiEqnoBBZRPHshgCDgocmyDuku9lkd5qrDsG60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org