Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/2A2DF56CFC2E11ECB17F2C75C4F9AE02.roa
File:                     2A2DF56CFC2E11ECB17F2C75C4F9AE02.roa (raw, json)
Hash identifier:          1Vlfz6V/gG62ydLRNqogFfu1/XY+MO8qkIJxaMpVhXQ=
Subject key identifier:   56:0D:5B:B7:8F:90:14:41:9E:E0:76:37:96:A0:63:54:69:9F:19:4D
Certificate issuer:       /CN=A9136655/serialNumber=70579F7F5F1B21DFC9DE667C6B3C21F16F87D572
Certificate serial:       0982
Authority key identifier: 70:57:9F:7F:5F:1B:21:DF:C9:DE:66:7C:6B:3C:21:F1:6F:87:D5:72
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cFeff18bId_J3mZ8azwh8W-H1XI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/2A2DF56CFC2E11ECB17F2C75C4F9AE02.roa
Signing time:             Tue 05 Jul 2022 06:46:15 +0000
ROA not before:           Tue 05 Jul 2022 06:46:15 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     138541
IP address blocks:        103.132.176.0/22 maxlen: 22
                          103.132.176.0/23 maxlen: 23
                          103.132.176.0/24 maxlen: 24
                          103.132.177.0/24 maxlen: 24
                          103.132.178.0/23 maxlen: 23
                          103.132.178.0/24 maxlen: 24
                          103.132.179.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2434 (0x982)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9136655/serialNumber=70579F7F5F1B21DFC9DE667C6B3C21F16F87D572
        Validity
            Not Before: Jul  5 06:46:15 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=62c3de37-a88d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7c:f6:1e:fd:ea:a0:3e:6e:b1:58:6c:cd:5d:
                    b3:0a:e2:ad:47:6e:6a:41:69:de:d9:45:42:0f:d3:
                    8e:36:c8:66:b3:f2:8b:2f:2c:f5:e5:ee:f3:ff:ba:
                    2c:e5:84:03:37:f0:fc:ec:cd:9d:e5:be:8a:21:89:
                    29:59:a1:5f:7a:2a:f5:08:86:23:9b:21:24:85:ee:
                    26:4f:cc:5c:86:4a:c0:14:12:38:a8:b9:49:63:84:
                    f0:36:b7:0f:c8:01:f8:c1:d4:e2:35:f7:24:86:88:
                    21:af:50:8d:e4:dd:01:61:5e:ae:46:12:88:35:3b:
                    8d:04:ef:28:3d:05:1f:da:fd:f3:3c:c3:8c:91:13:
                    33:11:0e:7c:8e:35:38:87:62:c1:2e:46:5f:d2:35:
                    4a:a4:d1:12:2f:db:ae:88:97:f1:61:0c:33:c1:3b:
                    3c:d5:d0:cb:d4:89:e8:de:96:e5:39:59:c9:24:88:
                    9d:99:f5:0c:d1:28:bf:6a:51:b7:6e:2a:40:46:f9:
                    50:f4:5c:f4:01:36:62:2d:23:fd:77:21:d4:03:b3:
                    a1:be:bb:e5:5e:3e:9e:bf:d8:35:36:40:df:00:25:
                    1e:24:f7:6d:78:6e:38:11:cd:70:b6:d0:82:05:2e:
                    1e:f0:07:99:04:28:de:7d:c6:a6:33:a2:94:0f:52:
                    6f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0D:5B:B7:8F:90:14:41:9E:E0:76:37:96:A0:63:54:69:9F:19:4D
            X509v3 Authority Key Identifier:
                keyid:70:57:9F:7F:5F:1B:21:DF:C9:DE:66:7C:6B:3C:21:F1:6F:87:D5:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/cFeff18bId_J3mZ8azwh8W-H1XI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cFeff18bId_J3mZ8azwh8W-H1XI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136655/F707F4640A9811EABDCAA17CC4F9AE02/2A2DF56CFC2E11ECB17F2C75C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.132.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:db:48:6b:a1:01:76:73:5b:53:90:65:4b:ad:15:e0:1c:ca:
         a7:f8:b4:d9:fe:5e:de:80:d8:58:e0:29:02:04:2a:27:b0:dc:
         3f:55:a0:99:1b:f6:55:03:78:35:d1:45:e1:eb:79:58:fc:a4:
         a6:d9:e5:a2:91:ff:b5:65:fc:27:8c:11:5a:01:2c:fd:78:eb:
         65:7e:3a:a3:aa:19:a5:2d:e6:ea:31:60:8f:3c:b1:6d:4b:60:
         e3:fb:39:a5:5e:65:ca:5a:b2:e4:e2:ba:63:fe:84:8b:3d:02:
         74:c9:af:d9:a8:8c:c3:54:d6:83:9d:d1:5b:9b:44:89:eb:6a:
         ec:11:a8:13:2e:2e:d3:4e:12:b6:86:fd:46:da:34:59:02:69:
         b1:a7:e0:0d:ab:cd:c5:a7:4d:e5:8b:ae:29:fd:0c:5a:c8:9d:
         5e:5d:61:09:31:27:ea:39:62:4f:6c:e2:b4:2a:bc:3a:da:e7:
         61:15:2d:ca:4b:a3:f0:87:20:9b:eb:fd:83:12:55:dc:15:18:
         6f:55:e6:16:f3:0b:cd:f5:b9:c7:72:95:cf:b1:4e:7b:9f:e1:
         99:b9:1d:47:58:a6:86:1b:ce:be:48:52:35:de:b3:6f:70:4a:
         d7:a5:8c:c8:9c:a2:7d:51:08:db:ee:c7:14:9c:43:cc:02:57:
         70:5b:af:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzY2NTUxMTAvBgNVBAUTKDcwNTc5RjdGNUYxQjIxREZDOURFNjY3QzZCM0MyMUYx
NkY4N0Q1NzIwHhcNMjIwNzA1MDY0NjE1WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMzZGUzNy1hODhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAynz2Hv3qoD5usVhszV2zCuKtR25qQWne2UVCD9OONshms/KLLyz15e7z/7os
5YQDN/D87M2d5b6KIYkpWaFfeir1CIYjmyEkhe4mT8xchkrAFBI4qLlJY4TwNrcP
yAH4wdTiNfckhoghr1CN5N0BYV6uRhKINTuNBO8oPQUf2v3zPMOMkRMzEQ58jjU4
h2LBLkZf0jVKpNESL9uuiJfxYQwzwTs81dDL1Ino3pblOVnJJIidmfUM0Si/alG3
bipARvlQ9Fz0ATZiLSP9dyHUA7OhvrvlXj6ev9g1NkDfACUeJPdteG44Ec1wttCC
BS4e8AeZBCjefcamM6KUD1JvIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFYNW7eP
kBRBnuB2N5agY1RpnxlNMB8GA1UdIwQYMBaAFHBXn39fGyHfyd5mfGs8IfFvh9Vy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjY1NS9GNzA3RjQ2NDBB
OTgxMUVBQkRDQUExN0NDNEY5QUUwMi9jRmVmZjE4YklkX0ozbVo4YXp3aDhXLUgx
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NGZWZmMThiSWRfSjNtWjhhendoOFctSDFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzY2NTUvRjcwN0Y0NjQwQTk4MTFFQUJEQ0FBMTdDQzRGOUFFMDIvMkEyREY1NkNG
QzJFMTFFQ0IxN0YyQzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhLAwDQYJKoZIhvcNAQELBQADggEBAIjbSGuhAXZzW1OQ
ZUutFeAcyqf4tNn+Xt6A2FjgKQIEKiew3D9VoJkb9lUDeDXRReHreVj8pKbZ5aKR
/7Vl/CeMEVoBLP1462V+OqOqGaUt5uoxYI88sW1LYOP7OaVeZcpasuTiumP+hIs9
AnTJr9mojMNU1oOd0VubRInrauwRqBMuLtNOEraG/UbaNFkCabGn4A2rzcWnTeWL
rin9DFrInV5dYQkxJ+o5Yk9s4rQqvDra52EVLcpLo/CHIJvr/YMSVdwVGG9V5hbz
C831ucdylc+xTnuf4Zm5HUdYpoYbzr5IUjXes29wSteljMicon1RCNvuxxScQ8wC
V3Bbr18=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org