Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
File:                     6DB43D527D7811ED80E9B955C4F9AE02.roa (raw, json)
Hash identifier:          gZItT4W3d8HDIXAHT+Iv3hMl6L+D2j/G+XzyHSY/b0M=
Subject key identifier:   3A:D6:40:69:5D:71:32:8D:B1:AB:70:B7:BD:D6:85:2F:04:49:9E:4A
Certificate issuer:       /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial:       2036
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
Signing time:             Fri 16 Dec 2022 19:32:51 +0000
ROA not before:           Fri 16 Dec 2022 19:32:51 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     132352
IP address blocks:        59.153.200.0/22 maxlen: 25
                          103.57.20.0/22 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8246 (0x2036)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
        Validity
            Not Before: Dec 16 19:32:51 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=639cc7e3-0521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4d:55:23:a0:c3:14:5e:33:29:2e:38:15:96:
                    05:a8:b9:ad:74:63:1b:30:68:24:f3:44:54:e5:7a:
                    e2:b8:0b:15:e7:64:55:79:84:7b:e4:c6:81:ea:25:
                    93:0f:b1:0a:37:e8:5e:9c:12:3d:9e:66:dc:dd:24:
                    78:ac:66:92:4f:cd:f9:b7:d1:82:94:01:74:8f:4e:
                    6a:65:02:b0:3f:c3:f6:50:4e:bf:e1:9c:e9:94:2b:
                    34:de:fd:2b:da:14:43:e2:cf:57:84:48:06:d8:e0:
                    cc:94:bc:4f:18:b2:f9:6f:fd:62:7c:40:5d:d8:80:
                    46:bd:0b:0d:da:e4:48:f4:fc:c6:d1:17:0d:cf:58:
                    e8:b9:e0:f4:e0:1f:3f:fa:72:dc:6b:92:43:6d:5d:
                    b3:e1:41:4b:c7:ae:4e:b8:85:5f:5e:7b:87:af:69:
                    4c:49:59:e3:70:d1:98:bc:f8:5c:e4:d0:04:c1:c5:
                    b0:c0:a0:77:0f:c5:22:a0:ca:09:76:e5:72:72:9a:
                    a5:54:4b:69:f4:17:98:49:28:3e:e8:29:4c:4a:1b:
                    ac:a3:ad:0e:69:0e:93:f1:0d:95:50:28:bb:2b:dc:
                    c3:55:f3:e8:3c:80:75:83:0a:7e:30:0e:17:34:79:
                    3f:bd:a8:90:20:e8:d4:4f:bb:93:7f:04:5a:37:df:
                    36:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D6:40:69:5D:71:32:8D:B1:AB:70:B7:BD:D6:85:2F:04:49:9E:4A
            X509v3 Authority Key Identifier:
                keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/6DB43D527D7811ED80E9B955C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  59.153.200.0/22
                  103.57.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:10:4f:84:71:04:cb:80:91:b7:5e:15:dc:45:eb:65:09:3d:
         fb:19:70:78:3e:e1:c2:ea:74:32:5b:10:35:44:1d:b0:43:e9:
         f2:12:43:98:7e:92:44:6e:13:b4:76:53:5d:b8:fd:21:56:3e:
         2c:f0:50:38:85:11:2e:e4:83:f5:ae:ad:d9:df:49:9e:98:25:
         5b:7d:d7:df:7d:1c:f1:95:62:e3:81:97:94:c7:62:1e:6f:23:
         e4:b2:e2:cf:04:15:fe:61:03:1f:37:8b:e8:e1:58:d7:3f:a8:
         82:2d:ff:1a:be:d6:a1:57:c5:20:44:85:89:d3:92:b1:47:ce:
         c8:c9:19:37:e4:e7:11:49:d3:e5:24:11:ef:54:ed:aa:e6:52:
         30:fb:b2:82:fb:ab:24:55:cb:3e:0d:4d:6f:15:db:8d:33:2b:
         3d:12:68:cc:71:f5:26:be:55:6e:e9:47:79:cf:86:e8:6a:ef:
         36:43:ad:fa:5f:db:f4:b3:42:fa:11:45:89:09:96:10:16:ac:
         5a:89:02:55:c7:e4:50:91:14:34:c3:fc:73:9e:09:68:18:3f:
         01:09:aa:c8:a6:28:af:1d:63:b2:49:09:d5:43:14:c4:96:41:
         ec:0c:98:91:8a:60:b9:95:d1:08:ed:e0:ba:2b:12:30:14:dd:
         d9:44:d4:2a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMjE2MTkzMjUxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzljYzdlMy0wNTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwk1VI6DDFF4zKS44FZYFqLmtdGMbMGgk80RU5XriuAsV52RVeYR75MaB6iWT
D7EKN+henBI9nmbc3SR4rGaST835t9GClAF0j05qZQKwP8P2UE6/4ZzplCs03v0r
2hRD4s9XhEgG2ODMlLxPGLL5b/1ifEBd2IBGvQsN2uRI9PzG0RcNz1joueD04B8/
+nLca5JDbV2z4UFLx65OuIVfXnuHr2lMSVnjcNGYvPhc5NAEwcWwwKB3D8UioMoJ
duVycpqlVEtp9BeYSSg+6ClMShuso60OaQ6T8Q2VUCi7K9zDVfPoPIB1gwp+MA4X
NHk/vaiQIOjUT7uTfwRaN9828QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDrWQGld
cTKNsatwt73WhS8ESZ5KMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvNkRCNDNENTI3
RDc4MTFFRDgwRTlCOTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mcgDBAJnORQwDQYJKoZIhvcNAQELBQADggEBAH0QT4Rx
BMuAkbdeFdxF62UJPfsZcHg+4cLqdDJbEDVEHbBD6fISQ5h+kkRuE7R2U124/SFW
PizwUDiFES7kg/WurdnfSZ6YJVt91999HPGVYuOBl5THYh5vI+Sy4s8EFf5hAx83
i+jhWNc/qIIt/xq+1qFXxSBEhYnTkrFHzsjJGTfk5xFJ0+UkEe9U7armUjD7soL7
qyRVyz4NTW8V240zKz0SaMxx9Sa+VW7pR3nPhuhq7zZDrfpf2/SzQvoRRYkJlhAW
rFqJAlXH5FCRFDTD/HOeCWgYPwEJqsimKK8dY7JJCdVDFMSWQewMmJGKYLmV0Qjt
4LorEjAU3dlE1Co=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org