Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
File:                     FC5F913A8AF111E6B4810E56C4F9AE02.roa (raw, json)
Hash identifier:          FCQyDUVsXnJBHVZEg6FUsLU0txO/XQUcDcyNuFSytFA=
Subject key identifier:   AA:63:52:E4:4D:1E:9B:0F:15:BF:B8:03:7D:33:E9:FA:AC:60:FC:4D
Certificate issuer:       /CN=A91CDCB6/serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
Certificate serial:       1C00
Authority key identifier: 07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
Signing time:             Fri 23 Sep 2022 04:53:29 +0000
ROA not before:           Fri 23 Sep 2022 04:53:29 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     58668
IP address blocks:        45.251.128.0/22 maxlen: 24
                          103.12.236.0/22 maxlen: 24
                          103.12.236.0/23 maxlen: 24
                          103.12.236.0/24 maxlen: 24
                          103.12.237.0/24 maxlen: 24
                          103.12.238.0/23 maxlen: 24
                          103.12.238.0/24 maxlen: 24
                          103.12.239.0/24 maxlen: 24
                          2403:2c40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7168 (0x1c00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CDCB6/serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
        Validity
            Not Before: Sep 23 04:53:29 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=632d3bc8-fbc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e8:5a:57:ee:1f:a9:94:8c:b4:f2:1c:a5:52:
                    8b:82:f0:5b:cd:f7:2c:e7:21:19:31:72:e4:db:c4:
                    4e:1f:a4:e9:51:3e:d5:ee:bb:9a:71:2f:b3:81:2d:
                    e2:36:a0:1c:b3:bc:21:1c:25:7d:86:6b:fa:c2:ef:
                    af:d0:10:ce:cb:9a:28:01:ed:24:c6:6d:50:b0:22:
                    32:79:93:4c:c8:c5:99:2d:10:8a:92:33:c9:38:67:
                    93:d1:12:10:a5:42:94:9c:f5:73:73:7c:fa:28:5e:
                    3f:8e:1e:61:17:2f:44:3c:81:b6:06:2e:d2:a4:aa:
                    0b:74:6f:d4:0d:6f:37:9e:72:a7:20:dc:5f:7b:53:
                    14:e0:b1:17:95:0f:0f:6b:88:10:ef:02:12:50:ca:
                    47:57:9d:b9:f0:93:b8:26:34:7d:10:29:a1:62:15:
                    a0:da:bf:d1:e0:89:89:9b:bd:5e:d3:68:a9:e4:ed:
                    3a:d2:00:9f:b9:b8:f3:3c:42:23:35:a2:f9:f3:10:
                    74:c4:84:55:18:69:f7:19:0d:90:65:7c:2f:6c:69:
                    d7:f7:0b:54:bf:de:db:4a:5d:2e:79:fa:53:68:71:
                    d2:02:8f:8c:6c:f9:b6:54:ae:98:b6:76:ac:39:18:
                    86:5e:1d:03:4f:3b:50:db:5d:e2:a3:06:7f:65:d1:
                    cd:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:63:52:E4:4D:1E:9B:0F:15:BF:B8:03:7D:33:E9:FA:AC:60:FC:4D
            X509v3 Authority Key Identifier:
                keyid:07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/B4FnXMZPqyuEXaf1EVVJgELs5Gc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.251.128.0/22
                  103.12.236.0/22
                IPv6:
                  2403:2c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:06:45:93:16:d0:48:74:df:66:2b:44:3c:c8:8b:b8:69:25:
         f4:59:24:bf:c7:98:18:91:81:ca:1a:24:61:b5:7b:ce:1b:28:
         95:9f:dc:6d:22:82:1e:92:cc:6c:47:b0:45:b2:20:76:d6:9d:
         5d:d4:83:16:41:d9:33:14:4b:97:f4:b8:04:be:f0:f2:6e:0a:
         71:8a:c8:26:ac:68:fb:10:36:ff:62:7f:db:41:71:a3:32:e8:
         25:3f:89:65:2d:59:fd:5f:f3:f7:a3:5c:a9:7e:41:98:72:e3:
         05:08:ad:8a:ee:e6:31:11:5a:4f:b3:fd:aa:f2:0f:dd:cf:13:
         33:45:23:e2:f3:8b:a7:f7:5a:7a:f8:ca:cc:d9:76:d4:20:c4:
         da:4e:7b:71:64:39:12:9a:08:c6:20:a3:39:c2:42:7f:19:04:
         ff:5a:04:c0:92:1f:5a:37:c0:43:2b:33:c1:de:d2:85:67:b2:
         8f:e7:9d:48:b9:55:92:3a:f0:a5:0a:07:e8:b0:8a:55:dc:b8:
         09:87:63:8b:0b:f6:91:cd:57:c3:62:a1:1a:6d:f3:cf:c9:72:
         f4:ef:52:3d:88:43:2a:86:52:07:33:03:27:7c:d7:16:c7:4e:
         04:5d:c9:9a:66:8d:cd:66:cf:03:7d:94:d0:f9:b3:fb:d5:3d:
         91:e0:cb:26
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICHAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0RDQjYxMTAvBgNVBAUTKDA3ODE2NzVDQzY0RkFCMkI4NDVEQTdGNTExNTU0OTgw
NDJFQ0U0NjcwHhcNMjIwOTIzMDQ1MzI5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJkM2JjOC1mYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ehaV+4fqZSMtPIcpVKLgvBbzfcs5yEZMXLk28ROH6TpUT7V7ruacS+zgS3i
NqAcs7whHCV9hmv6wu+v0BDOy5ooAe0kxm1QsCIyeZNMyMWZLRCKkjPJOGeT0RIQ
pUKUnPVzc3z6KF4/jh5hFy9EPIG2Bi7SpKoLdG/UDW83nnKnINxfe1MU4LEXlQ8P
a4gQ7wISUMpHV5258JO4JjR9ECmhYhWg2r/R4ImJm71e02ip5O060gCfubjzPEIj
NaL58xB0xIRVGGn3GQ2QZXwvbGnX9wtUv97bSl0uefpTaHHSAo+MbPm2VK6Ytnas
ORiGXh0DTztQ213iowZ/ZdHNHwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKpjUuRN
HpsPFb+4A30z6fqsYPxNMB8GA1UdIwQYMBaAFAeBZ1zGT6srhF2n9RFVSYBC7ORn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRENCNi82N0M2QUE0QThB
RjExMUU2OTgwNzgzNTVDNEY5QUUwMi9CNEZuWE1aUHF5dUVYYWYxRVZWSmdFTHM1
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I0Rm5YTVpQcXl1RVhhZjFFVlZKZ0VMczVHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0RDQjYvNjdDNkFBNEE4QUYxMTFFNjk4MDc4MzU1QzRGOUFFMDIvRkM1RjkxM0E4
QUYxMTFFNkI0ODEwRTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+4ADBAJnDOwwDQQCAAIwBwMFACQDLEAwDQYJKoZIhvcN
AQELBQADggEBAGMGRZMW0Eh032YrRDzIi7hpJfRZJL/HmBiRgcoaJGG1e84bKJWf
3G0igh6SzGxHsEWyIHbWnV3UgxZB2TMUS5f0uAS+8PJuCnGKyCasaPsQNv9if9tB
caMy6CU/iWUtWf1f8/ejXKl+QZhy4wUIrYru5jERWk+z/aryD93PEzNFI+Lzi6f3
Wnr4yszZdtQgxNpOe3FkORKaCMYgoznCQn8ZBP9aBMCSH1o3wEMrM8He0oVnso/n
nUi5VZI68KUKB+iwilXcuAmHY4sL9pHNV8NioRpt88/JcvTvUj2IQyqGUgczAyd8
1xbHTgRdyZpmjc1mzwN9lND5s/vVPZHgyyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org