Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913E042/AE9B1B6E3E4A11EDBC06537DC4F9AE02/C60509E63E4E11ED9A929372C4F9AE02.roa
File:                     C60509E63E4E11ED9A929372C4F9AE02.roa (raw, json)
Hash identifier:          KpGucZf/Zcoa9kx5Vig8TAnUYv+LWcKoSnbsnw8qsAk=
Subject key identifier:   DF:AF:7D:84:DC:DF:E1:E5:EB:60:4B:4C:B3:99:08:ED:93:6B:52:1B
Certificate issuer:       /CN=A913E042/serialNumber=027F0552514F244A94EE3F06572A4AF733565737
Certificate serial:       02
Authority key identifier: 02:7F:05:52:51:4F:24:4A:94:EE:3F:06:57:2A:4A:F7:33:56:57:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/An8FUlFPJEqU7j8GVypK9zNWVzc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913E042/AE9B1B6E3E4A11EDBC06537DC4F9AE02/C60509E63E4E11ED9A929372C4F9AE02.roa
Signing time:             Tue 27 Sep 2022 10:25:57 +0000
ROA not before:           Tue 27 Sep 2022 10:25:57 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     150327
IP address blocks:        103.12.204.0/24 maxlen: 24
                          103.12.205.0/24 maxlen: 24
                          2400:ae20::/32 maxlen: 35
                          2400:ae20::/32 maxlen: 40
                          2400:ae20::/37 maxlen: 40
                          2400:ae20:800::/37 maxlen: 40
                          2400:ae20:1000::/40 maxlen: 40
                          2400:ae20:1100::/40 maxlen: 40
                          2400:ae20:1200::/40 maxlen: 40
                          2400:ae20:1300::/40 maxlen: 40
                          2400:ae20:1400::/38 maxlen: 40
                          2400:ae20:1800::/37 maxlen: 40
                          2400:ae20:2000::/37 maxlen: 40
                          2400:ae20:2800::/37 maxlen: 40
                          2400:ae20:3000::/37 maxlen: 40
                          2400:ae20:3800::/37 maxlen: 40
                          2400:ae20:4000::/37 maxlen: 40
                          2400:ae20:4800::/37 maxlen: 40
                          2400:ae20:5000::/37 maxlen: 40
                          2400:ae20:5800::/37 maxlen: 40
                          2400:ae20:6000::/37 maxlen: 40
                          2400:ae20:6800::/37 maxlen: 40
                          2400:ae20:7000::/37 maxlen: 40
                          2400:ae20:7800::/37 maxlen: 40
                          2400:ae20:8000::/37 maxlen: 40
                          2400:ae20:8800::/37 maxlen: 40
                          2400:ae20:9000::/37 maxlen: 40
                          2400:ae20:9800::/37 maxlen: 40
                          2400:ae20:a000::/37 maxlen: 40
                          2400:ae20:a800::/37 maxlen: 40
                          2400:ae20:b000::/37 maxlen: 40
                          2400:ae20:b800::/37 maxlen: 40
                          2400:ae20:c000::/37 maxlen: 40
                          2400:ae20:c800::/37 maxlen: 40
                          2400:ae20:d000::/37 maxlen: 40
                          2400:ae20:d800::/37 maxlen: 40
                          2400:ae20:e000::/37 maxlen: 40
                          2400:ae20:e800::/37 maxlen: 40
                          2400:ae20:f000::/37 maxlen: 40
                          2400:ae20:f800::/37 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913E042/serialNumber=027F0552514F244A94EE3F06572A4AF733565737
        Validity
            Not Before: Sep 27 10:25:57 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6332cfb5-c51d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:06:a2:ba:eb:f6:3d:08:06:92:8c:ad:5b:a4:
                    9c:1e:bc:75:3c:95:1a:a8:f0:30:21:33:47:a9:a8:
                    f6:d2:64:79:73:23:17:3b:9f:0b:81:ac:b8:12:65:
                    19:88:f2:bd:af:5d:93:b1:03:2c:b1:84:b9:eb:b8:
                    e7:25:d6:59:b1:d3:aa:f5:71:c7:c2:06:d9:19:7c:
                    8b:53:d5:74:c2:21:fd:ce:cc:1d:e2:0c:b7:1e:cb:
                    4e:64:13:fa:88:c7:d1:f4:37:54:6f:25:9a:b6:99:
                    2d:94:06:9e:73:55:0d:9f:56:c4:07:d3:d4:ae:08:
                    a9:93:85:b7:f8:f7:0e:dc:00:56:69:d1:99:05:60:
                    a2:a4:a5:fc:54:b7:b5:ef:c4:81:2e:ef:ba:a4:b6:
                    ff:87:9d:71:e5:6b:a0:ef:26:1f:f8:17:13:ac:c3:
                    ab:ba:6e:48:c3:9b:2f:ad:2c:67:c0:05:c5:d7:41:
                    98:dd:27:8f:35:c2:8c:61:9f:df:25:83:d2:aa:17:
                    d8:a8:28:d7:45:37:77:b2:b0:fc:50:14:04:f9:7f:
                    cb:9d:ac:bf:ee:6c:ff:94:4a:87:1f:f5:b1:a0:17:
                    ed:f6:77:d8:f7:9d:3c:c5:e1:8e:44:d8:36:46:ad:
                    c1:a8:ad:54:b3:54:36:c0:d4:8a:36:04:1d:d2:b8:
                    4c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:AF:7D:84:DC:DF:E1:E5:EB:60:4B:4C:B3:99:08:ED:93:6B:52:1B
            X509v3 Authority Key Identifier:
                keyid:02:7F:05:52:51:4F:24:4A:94:EE:3F:06:57:2A:4A:F7:33:56:57:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913E042/AE9B1B6E3E4A11EDBC06537DC4F9AE02/An8FUlFPJEqU7j8GVypK9zNWVzc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/An8FUlFPJEqU7j8GVypK9zNWVzc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E042/AE9B1B6E3E4A11EDBC06537DC4F9AE02/C60509E63E4E11ED9A929372C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.12.204.0/23
                IPv6:
                  2400:ae20::/32

    Signature Algorithm: sha256WithRSAEncryption
         94:ce:f4:84:34:0d:64:a9:2c:78:1c:f9:63:c9:8c:8e:df:30:
         f2:3a:d8:8e:43:f7:41:20:50:ac:e9:39:6a:4a:a8:cd:32:11:
         e7:0e:34:78:38:58:96:33:c6:73:75:99:90:44:36:e1:83:40:
         ca:d8:2c:59:93:fd:d2:91:4e:52:75:64:07:ec:f3:3d:54:96:
         0c:b7:a3:e9:a0:e3:81:60:68:d0:e1:d0:61:49:2a:5f:63:25:
         2a:d4:05:c4:6f:29:ff:ee:49:cb:b5:9e:7b:9a:39:a0:5e:ff:
         0f:83:f8:b1:d6:a6:98:07:2a:9a:c1:68:f8:6b:e4:c4:bd:0c:
         2a:a7:7c:ec:67:6b:fc:ba:51:55:d4:47:b7:2d:f1:76:88:ad:
         ec:41:d0:ce:14:e0:05:a5:ba:74:e8:a0:f9:72:95:3c:25:d1:
         c8:47:10:da:28:bc:63:b2:2c:75:51:19:77:d9:f9:3c:b5:97:
         78:21:d1:78:bb:34:ed:c7:61:3a:6a:a6:4c:cd:0a:db:52:57:
         01:b3:30:99:0a:37:d2:f0:5b:61:c8:a5:8d:19:45:a1:44:2a:
         0a:3c:62:40:e6:cf:45:18:9c:78:03:06:85:b4:ea:c1:4e:f5:
         5c:9e:ff:6b:03:1a:94:90:88:dc:86:0f:31:72:67:7f:cf:71:
         e6:6c:b8:95
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
RTA0MjExMC8GA1UEBRMoMDI3RjA1NTI1MTRGMjQ0QTk0RUUzRjA2NTcyQTRBRjcz
MzU2NTczNzAeFw0yMjA5MjcxMDI1NTdaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMzJjZmI1LWM1MWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVBqK66/Y9CAaSjK1bpJwevHU8lRqo8DAhM0epqPbSZHlzIxc7nwuBrLgSZRmI
8r2vXZOxAyyxhLnruOcl1lmx06r1ccfCBtkZfItT1XTCIf3OzB3iDLcey05kE/qI
x9H0N1RvJZq2mS2UBp5zVQ2fVsQH09SuCKmThbf49w7cAFZp0ZkFYKKkpfxUt7Xv
xIEu77qktv+HnXHla6DvJh/4FxOsw6u6bkjDmy+tLGfABcXXQZjdJ481woxhn98l
g9KqF9ioKNdFN3eysPxQFAT5f8udrL/ubP+USocf9bGgF+32d9j3nTzF4Y5E2DZG
rcGorVSzVDbA1Io2BB3SuEx9AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU3699hNzf
4eXrYEtMs5kI7ZNrUhswHwYDVR0jBBgwFoAUAn8FUlFPJEqU7j8GVypK9zNWVzcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNFMDQyL0FFOUIxQjZFM0U0
QTExRURCQzA2NTM3REM0RjlBRTAyL0FuOEZVbEZQSkVxVTdqOEdWeXBLOXpOV1Z6
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQW44RlVsRlBKRXFVN2o4R1Z5cEs5ek5XVnpjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RTA0Mi9BRTlCMUI2RTNFNEExMUVEQkMwNjUzN0RDNEY5QUUwMi9DNjA1MDlFNjNF
NEUxMUVEOUE5MjkzNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWcMzDANBAIAAjAHAwUAJACuIDANBgkqhkiG9w0BAQsFAAOC
AQEAlM70hDQNZKkseBz5Y8mMjt8w8jrYjkP3QSBQrOk5akqozTIR5w40eDhYljPG
c3WZkEQ24YNAytgsWZP90pFOUnVkB+zzPVSWDLej6aDjgWBo0OHQYUkqX2MlKtQF
xG8p/+5Jy7Wee5o5oF7/D4P4sdammAcqmsFo+GvkxL0MKqd87Gdr/LpRVdRHty3x
doit7EHQzhTgBaW6dOig+XKVPCXRyEcQ2ii8Y7IsdVEZd9n5PLWXeCHReLs07cdh
OmqmTM0K21JXAbMwmQo30vBbYciljRlFoUQqCjxiQObPRRiceAMGhbTqwU71XJ7/
awMalJCI3IYPMXJnf89x5my4lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org