Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/22FA0A82607211EB9273350EC4F9AE02.roa
File:                     22FA0A82607211EB9273350EC4F9AE02.roa (raw, json)
Hash identifier:          R9NADe7A23ZQmIfjU4jL4bNwbtYZTslJ15e71KtkiL4=
Subject key identifier:   B8:BC:6B:A2:05:FE:9C:58:82:85:D0:5E:5A:4B:AE:0B:48:9D:47:D6
Certificate issuer:       /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial:       0975
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/22FA0A82607211EB9273350EC4F9AE02.roa
Signing time:             Sat 11 Jun 2022 08:59:22 +0000
ROA not before:           Sat 11 Jun 2022 08:59:22 +0000
ROA not after:            Fri 30 Sep 2022 00:00:00 +0000
asID:                     134371
IP address blocks:        103.62.140.0/22 maxlen: 22
                          103.62.140.0/24 maxlen: 24
                          103.62.141.0/24 maxlen: 24
                          103.62.142.0/24 maxlen: 24
                          103.62.143.0/24 maxlen: 24
                          202.136.88.0/22 maxlen: 22
                          202.136.88.0/24 maxlen: 24
                          202.136.89.0/24 maxlen: 24
                          202.136.90.0/24 maxlen: 24
                          202.136.91.0/24 maxlen: 24
                          2400:3dc0::/32 maxlen: 32
                          2400:3dc0::/36 maxlen: 36
                          2400:3dc0::/44 maxlen: 48
                          2400:3dc0:10::/44 maxlen: 48
                          2400:3dc0:2e::/48 maxlen: 48
                          2400:3dc0:2f::/48 maxlen: 48
                          2400:3dc0:3e::/48 maxlen: 48
                          2400:3dc0:3f::/48 maxlen: 48
                          2400:3dc0:100::/48 maxlen: 48
                          2400:3dc0:101::/48 maxlen: 48
                          2400:3dc0:200::/48 maxlen: 48
                          2400:3dc0:201::/48 maxlen: 48
                          2400:3dc0:300::/48 maxlen: 48
                          2400:3dc0:400::/48 maxlen: 48
                          2400:3dc0:500::/48 maxlen: 48
                          2400:3dc0:600::/48 maxlen: 48
                          2400:3dc0:700::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2421 (0x975)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
        Validity
            Not Before: Jun 11 08:59:22 2022 GMT
            Not After : Sep 30 00:00:00 2022 GMT
        Subject: CN=62a45969-9bb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b6:8b:8a:d1:d2:f8:d0:c9:bc:08:46:f6:49:
                    f6:ab:67:fc:20:cf:3e:0b:a8:22:02:01:23:04:3b:
                    2d:2b:86:c0:1a:d4:fc:18:6d:8e:90:d1:99:3e:6a:
                    c9:de:9e:4d:34:96:76:02:55:24:0c:4a:4b:a6:6b:
                    3b:df:e1:e7:03:77:97:37:b9:94:67:72:2d:16:db:
                    ff:f2:2c:fd:85:37:65:63:15:ba:94:5d:d8:9c:ef:
                    a6:65:7a:7b:2b:93:d3:f9:e0:75:32:72:f9:6a:61:
                    8c:22:bc:e7:18:e7:13:42:57:11:4b:df:03:38:0c:
                    34:b4:b9:b8:30:fd:04:b1:4b:7d:8b:21:b3:28:f0:
                    45:bc:47:b0:2b:09:0e:aa:31:58:9f:8f:31:6a:06:
                    05:d8:e7:71:4c:c2:33:97:91:3e:7a:4e:58:e2:2a:
                    2e:aa:a2:b9:1f:fc:e5:72:1d:07:c7:0b:74:f8:5d:
                    26:b7:26:28:c6:dc:93:1a:43:a1:c7:08:fd:cc:e0:
                    0c:df:8c:6c:74:d0:da:f5:99:4e:b7:a3:7d:92:8f:
                    2e:0f:f3:dd:aa:61:c1:bc:bc:57:3e:e3:52:b4:57:
                    e2:d7:72:75:eb:08:e3:82:d4:a7:49:10:91:87:c2:
                    5e:b4:64:d5:64:7d:c2:05:8f:16:69:f8:81:01:df:
                    7c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:BC:6B:A2:05:FE:9C:58:82:85:D0:5E:5A:4B:AE:0B:48:9D:47:D6
            X509v3 Authority Key Identifier:
                keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/22FA0A82607211EB9273350EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.62.140.0/22
                  202.136.88.0/22
                IPv6:
                  2400:3dc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:4e:28:9a:0e:55:59:66:38:66:09:44:17:5f:81:fe:e8:f4:
         1c:c9:a8:fc:a0:7f:90:ae:1a:e1:8a:4c:4f:d9:e0:42:22:4b:
         70:fa:c1:6b:45:36:24:cc:b6:74:bb:36:b3:95:96:ed:48:6c:
         bb:4d:11:65:dc:9b:26:db:b4:05:32:f6:aa:e0:19:d2:dd:89:
         22:88:a0:85:1d:6c:33:31:82:77:8e:a1:ab:64:29:b4:10:cc:
         3f:50:02:30:80:d5:9e:1d:de:bf:be:bb:b9:b2:b7:76:ee:df:
         ff:6f:e7:60:7b:f4:7b:90:fe:24:d0:9d:77:80:3d:d1:65:4f:
         f5:d6:0c:7d:92:bd:c0:45:2d:d5:70:df:69:0c:97:31:94:f1:
         e5:96:61:ba:a0:71:3c:dc:04:22:f4:49:34:ea:e6:37:d1:6b:
         22:49:c7:b0:63:0b:0e:5f:14:9a:7d:53:a8:e2:f8:16:2b:af:
         8a:a8:b4:23:31:9a:79:df:e5:46:92:33:de:db:b0:e6:40:ee:
         5e:fc:31:b8:7e:fd:95:b7:20:9e:70:7d:6a:21:4d:18:31:35:
         ed:01:77:ee:84:2e:e5:41:41:67:81:1e:ca:87:85:6a:28:e6:
         18:0f:3e:b9:7b:b0:9a:cc:8b:06:27:c3:22:5b:f5:da:ed:8e:
         15:d5:d8:a1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjIwNjExMDg1OTIyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmE0NTk2OS05YmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLaLitHS+NDJvAhG9kn2q2f8IM8+C6giAgEjBDstK4bAGtT8GG2OkNGZPmrJ
3p5NNJZ2AlUkDEpLpms73+HnA3eXN7mUZ3ItFtv/8iz9hTdlYxW6lF3YnO+mZXp7
K5PT+eB1MnL5amGMIrznGOcTQlcRS98DOAw0tLm4MP0EsUt9iyGzKPBFvEewKwkO
qjFYn48xagYF2OdxTMIzl5E+ek5Y4iouqqK5H/zlch0Hxwt0+F0mtyYoxtyTGkOh
xwj9zOAM34xsdNDa9ZlOt6N9ko8uD/PdqmHBvLxXPuNStFfi13J16wjjgtSnSRCR
h8JetGTVZH3CBY8WafiBAd98tQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLi8a6IF
/pxYgoXQXlpLrgtInUfWMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvMjJGQTBBODI2
MDcyMTFFQjkyNzMzNTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAINOKJoOVVlmOGYJRBdfgf7o9BzJqPygf5CuGuGKTE/Z4EIiS3D6
wWtFNiTMtnS7NrOVlu1IbLtNEWXcmybbtAUy9qrgGdLdiSKIoIUdbDMxgneOoatk
KbQQzD9QAjCA1Z4d3r++u7myt3bu3/9v52B79HuQ/iTQnXeAPdFlT/XWDH2SvcBF
LdVw32kMlzGU8eWWYbqgcTzcBCL0STTq5jfRayJJx7BjCw5fFJp9U6ji+BYrr4qo
tCMxmnnf5UaSM97bsOZA7l78Mbh+/ZW3IJ5wfWohTRgxNe0Bd+6ELuVBQWeBHsqH
hWoo5hgPPrl7sJrMiwYnwyJb9drtjhXV2KE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org