Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDCF0/3127B018CEAE11E789784825C4F9AE02/6CE96CDA82DA11EA88E82287C4F9AE02.roa
File:                     6CE96CDA82DA11EA88E82287C4F9AE02.roa (raw, json)
Hash identifier:          7Tu7+VV1CjJyjYwIurL1fJfqd3VvetnLaw7xhsDQ3KI=
Subject key identifier:   67:43:1D:4E:A3:71:EF:25:65:7D:DA:54:63:54:FC:CB:EE:83:DA:6A
Certificate issuer:       /CN=A91FDCF0/serialNumber=39D09B4A5360808205A9D6914719E0B989CF560B
Certificate serial:       161F
Authority key identifier: 39:D0:9B:4A:53:60:80:82:05:A9:D6:91:47:19:E0:B9:89:CF:56:0B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OdCbSlNggIIFqdaRRxnguYnPVgs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FDCF0/3127B018CEAE11E789784825C4F9AE02/6CE96CDA82DA11EA88E82287C4F9AE02.roa
Signing time:             Wed 21 Jun 2023 06:55:52 +0000
ROA not before:           Wed 21 Jun 2023 06:55:52 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     132111
IP address blocks:        103.13.75.0/24 maxlen: 24
                          103.26.170.0/23 maxlen: 24
                          103.28.162.0/24 maxlen: 24
                          103.230.124.0/22 maxlen: 24
                          113.11.188.0/22 maxlen: 22
                          113.11.188.0/23 maxlen: 24
                          113.11.190.0/23 maxlen: 24
                          2001:df0:272::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5663 (0x161f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FDCF0/serialNumber=39D09B4A5360808205A9D6914719E0B989CF560B
        Validity
            Not Before: Jun 21 06:55:52 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64929ef8-9fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:0b:89:bc:82:68:6c:00:e1:06:91:34:64:ff:
                    f2:a9:d9:f9:49:39:25:cc:2e:e2:f6:38:c5:24:57:
                    f0:16:f3:ec:b8:24:bc:6d:2f:f4:2e:ac:aa:40:7f:
                    3f:d3:e0:3a:78:99:d4:c0:03:83:c7:1a:df:7a:39:
                    6f:49:e3:61:3f:f3:bd:93:ad:45:9f:23:eb:78:97:
                    94:5b:6b:1c:a7:0b:48:9b:6c:5b:16:49:a0:71:e8:
                    fd:6a:ac:ba:b5:cb:14:e3:fe:7e:53:e2:f5:ae:7b:
                    ca:77:8f:cf:21:9e:ac:b3:6f:aa:79:b3:1b:1a:04:
                    d5:5b:4a:21:43:7b:be:9b:6f:c2:3a:37:70:0d:fe:
                    ff:bd:d4:3a:0e:b2:78:f2:82:34:fe:89:8d:39:bb:
                    34:ab:df:0d:9d:7c:aa:5c:00:5d:13:24:65:d4:d7:
                    a4:89:38:7f:75:2d:f9:b2:2b:2b:f0:11:a2:44:c2:
                    d7:b8:cc:15:bd:7d:36:c2:94:cd:00:ca:c5:dd:87:
                    a4:66:45:5f:01:ae:e3:85:b7:af:6c:40:18:c9:dd:
                    35:ab:cf:49:77:63:92:09:ef:db:91:99:21:6b:db:
                    5b:71:ba:ae:4c:ec:a4:4a:cb:42:ac:8b:15:3e:80:
                    a0:90:1c:ae:b3:a6:4d:37:25:f2:f0:73:c8:8f:9d:
                    38:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:43:1D:4E:A3:71:EF:25:65:7D:DA:54:63:54:FC:CB:EE:83:DA:6A
            X509v3 Authority Key Identifier:
                keyid:39:D0:9B:4A:53:60:80:82:05:A9:D6:91:47:19:E0:B9:89:CF:56:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FDCF0/3127B018CEAE11E789784825C4F9AE02/OdCbSlNggIIFqdaRRxnguYnPVgs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OdCbSlNggIIFqdaRRxnguYnPVgs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDCF0/3127B018CEAE11E789784825C4F9AE02/6CE96CDA82DA11EA88E82287C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.13.75.0/24
                  103.26.170.0/23
                  103.28.162.0/24
                  103.230.124.0/22
                  113.11.188.0/22
                IPv6:
                  2001:df0:272::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:a5:19:ad:db:b2:2b:b1:c9:b7:57:14:6a:14:3c:50:18:16:
         48:87:25:c7:b2:5d:0e:b1:e8:d9:4c:82:93:7a:cd:4f:a1:83:
         cd:cb:47:bc:a8:b3:40:71:c4:91:7e:6f:c4:a1:23:58:9c:4b:
         4f:f9:0a:49:16:2c:d6:c8:2b:be:fa:74:93:7c:2a:77:a5:a1:
         ab:e8:af:56:18:71:6d:f8:30:fb:d2:c1:61:50:7a:9d:76:2b:
         a4:0d:94:27:43:0e:bc:f3:cd:48:9f:5d:3b:08:46:bc:86:64:
         86:8c:39:b4:85:6f:ee:cd:bd:67:f9:7a:01:da:3e:bb:0a:e7:
         b8:7b:82:51:e8:2f:8b:f5:af:e7:f6:51:c4:84:59:a2:89:2e:
         e3:dc:6d:20:88:98:d9:77:6d:18:d4:b1:9c:02:61:7d:1d:08:
         0d:77:a8:2d:70:a3:8a:62:8f:50:b3:19:06:24:11:76:0a:9f:
         f1:34:ba:bc:c9:6c:35:13:e3:92:e7:88:a7:70:39:93:5a:8c:
         2f:c1:42:bb:78:cd:6c:73:37:f6:87:35:56:04:f8:bf:5e:3c:
         8c:13:d1:ff:18:c6:80:6f:a8:c0:d1:59:4d:e8:41:b2:91:d9:
         17:2a:5c:70:3e:09:22:4d:e0:8a:70:a0:30:bb:a4:f7:c7:90:
         14:d1:53:f8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICFh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRDRjAxMTAvBgNVBAUTKDM5RDA5QjRBNTM2MDgwODIwNUE5RDY5MTQ3MTlFMEI5
ODlDRjU2MEIwHhcNMjMwNjIxMDY1NTUyWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDkyOWVmOC05ZmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8wuJvIJobADhBpE0ZP/yqdn5STklzC7i9jjFJFfwFvPsuCS8bS/0LqyqQH8/
0+A6eJnUwAODxxrfejlvSeNhP/O9k61FnyPreJeUW2scpwtIm2xbFkmgcej9aqy6
tcsU4/5+U+L1rnvKd4/PIZ6ss2+qebMbGgTVW0ohQ3u+m2/COjdwDf7/vdQ6DrJ4
8oI0/omNObs0q98NnXyqXABdEyRl1NekiTh/dS35sisr8BGiRMLXuMwVvX02wpTN
AMrF3YekZkVfAa7jhbevbEAYyd01q89Jd2OSCe/bkZkha9tbcbquTOykSstCrIsV
PoCgkByus6ZNNyXy8HPIj504EQIDAQABo4ICvjCCArowHQYDVR0OBBYEFGdDHU6j
ce8lZX3aVGNU/Mvug9pqMB8GA1UdIwQYMBaAFDnQm0pTYICCBanWkUcZ4LmJz1YL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRENGMC8zMTI3QjAxOENF
QUUxMUU3ODk3ODQ4MjVDNEY5QUUwMi9PZENiU2xOZ2dJSUZxZGFSUnhuZ3VZblBW
Z3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09kQ2JTbE5nZ0lJRnFkYVJSeG5ndVluUFZncy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRDRjAvMzEyN0IwMThDRUFFMTFFNzg5Nzg0ODI1QzRGOUFFMDIvNkNFOTZDREE4
MkRBMTFFQTg4RTgyMjg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCQEAgABMB4DBABnDUsDBAFnGqoDBABnHKIDBAJn5nwDBAJxC7wwDwQCAAIw
CQMHACABDfACcjANBgkqhkiG9w0BAQsFAAOCAQEAeaUZrduyK7HJt1cUahQ8UBgW
SIclx7JdDrHo2UyCk3rNT6GDzctHvKizQHHEkX5vxKEjWJxLT/kKSRYs1sgrvvp0
k3wqd6Whq+ivVhhxbfgw+9LBYVB6nXYrpA2UJ0MOvPPNSJ9dOwhGvIZkhow5tIVv
7s29Z/l6Ado+uwrnuHuCUegvi/Wv5/ZRxIRZooku49xtIIiY2XdtGNSxnAJhfR0I
DXeoLXCjimKPULMZBiQRdgqf8TS6vMlsNRPjkueIp3A5k1qML8FCu3jNbHM39oc1
VgT4v148jBPR/xjGgG+owNFZTehBspHZFypccD4JIk3ginCgMLuk98eQFNFT+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org