Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/96F10130C45311EBB305C97FC4F9AE02.roa
File:                     96F10130C45311EBB305C97FC4F9AE02.roa (raw, json)
Hash identifier:          bkfn8A1L2lc2wiwwTrnQ4i4yZUSj7wx1zZX2HHkOC+g=
Subject key identifier:   10:7E:04:CB:15:1E:2A:3B:2B:67:30:88:4E:6B:33:DE:BE:DC:AB:EC
Certificate issuer:       /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial:       105E
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/96F10130C45311EBB305C97FC4F9AE02.roa
Signing time:             Tue 16 Aug 2022 06:36:39 +0000
ROA not before:           Tue 16 Aug 2022 06:36:39 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     55430
IP address blocks:        27.125.128.0/18 maxlen: 24
                          39.109.128.0/17 maxlen: 24
                          58.96.192.0/18 maxlen: 24
                          101.127.0.0/17 maxlen: 24
                          101.127.128.0/18 maxlen: 24
                          101.127.240.0/21 maxlen: 24
                          103.17.146.0/24 maxlen: 24
                          117.20.128.0/18 maxlen: 24
                          182.19.128.0/17 maxlen: 24
                          182.55.0.0/16 maxlen: 24
                          183.90.0.0/17 maxlen: 24
                          2406:3003::/32 maxlen: 35
                          2406:3003::/32 maxlen: 36
                          2406:3003::/32 maxlen: 40
                          2406:3003::/36 maxlen: 39
                          2406:3003::/40 maxlen: 48
                          2406:3003:1000::/36 maxlen: 39
                          2406:3003:1000::/40 maxlen: 48
                          2406:3003:2000::/36 maxlen: 39
                          2406:3003:2000::/40 maxlen: 48
                          2406:3003:3000::/36 maxlen: 39
                          2406:3003:3000::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4190 (0x105e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
        Validity
            Not Before: Aug 16 06:36:39 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62fb3af6-17ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a3:84:d4:07:f2:bb:6a:5c:a7:e6:c4:f7:0e:
                    78:5a:68:1e:59:68:24:5a:94:ca:39:21:f7:91:da:
                    80:13:6d:1e:d7:a6:28:5a:ab:56:99:d5:72:5c:6e:
                    41:bc:62:84:e9:02:d4:6b:97:83:8a:8a:02:15:18:
                    03:7c:38:a4:13:ea:51:e0:51:b5:eb:d7:f8:71:26:
                    6f:b7:9b:1d:c8:ca:09:d2:a3:10:4e:a3:a2:b1:d1:
                    3d:9f:40:e1:5e:8d:7a:f7:55:2d:7a:e9:4f:6c:26:
                    73:b0:61:f9:e1:a3:4f:fa:12:c2:b1:23:d3:30:0f:
                    a8:74:20:4e:60:0b:5a:b5:4d:b9:96:e2:7d:60:7e:
                    bc:a4:b3:3e:30:be:93:3c:d6:78:fd:9b:cf:c5:d9:
                    8e:4b:af:2b:f0:34:1d:c3:f5:7f:df:fe:a1:67:b4:
                    92:6c:8e:88:e2:a6:78:fd:52:8a:53:86:84:b5:82:
                    47:35:3e:7f:63:0a:66:c1:7c:9e:ba:c8:de:ec:f3:
                    bf:8d:52:49:8c:32:9a:24:d8:55:4a:96:10:ce:49:
                    23:f7:71:57:03:4e:f1:87:6f:c8:8b:ab:ef:5d:b5:
                    27:15:ba:19:2a:0c:4e:0e:91:64:cd:47:45:d5:0b:
                    ba:a8:59:f0:15:c3:4d:3d:fc:7c:c0:b2:fe:59:76:
                    4a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7E:04:CB:15:1E:2A:3B:2B:67:30:88:4E:6B:33:DE:BE:DC:AB:EC
            X509v3 Authority Key Identifier:
                keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/96F10130C45311EBB305C97FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.125.128.0/18
                  39.109.128.0/17
                  58.96.192.0/18
                  101.127.0.0-101.127.191.255
                  101.127.240.0/21
                  103.17.146.0/24
                  117.20.128.0/18
                  182.19.128.0/17
                  182.55.0.0/16
                  183.90.0.0/17
                IPv6:
                  2406:3003::/32

    Signature Algorithm: sha256WithRSAEncryption
         07:a8:f7:8f:50:d2:0c:85:63:20:82:ba:84:21:3a:a8:64:95:
         2e:af:b6:b9:57:fd:de:78:62:09:dc:dc:45:91:90:bf:6d:75:
         29:42:50:2c:e9:af:cb:77:4d:41:6a:c8:ff:93:fe:20:54:a9:
         d2:06:f9:8c:f7:f9:b1:89:31:c6:75:91:7c:46:8b:ac:6b:df:
         ab:df:dd:1a:40:1e:1f:5f:9b:5a:e1:b7:39:08:43:6d:95:7f:
         23:9d:ea:80:01:e7:85:dc:06:80:bb:ae:74:1a:d3:b1:9a:fd:
         96:fe:18:a1:8a:a3:d9:01:a0:8d:0a:41:a9:9f:6b:49:80:96:
         77:22:71:06:c0:8b:d3:4c:83:e1:3f:44:24:15:57:81:3d:b2:
         ac:11:40:50:16:93:2b:2a:b4:a4:5b:69:e0:2a:98:42:84:4a:
         39:58:75:96:25:65:6f:0b:09:1a:35:83:f4:d1:f7:e0:0f:dd:
         55:00:80:5d:6a:ce:63:58:d4:ca:58:37:b1:c1:5e:d8:0a:42:
         62:4d:6e:f0:ac:74:f2:c2:88:7f:24:f3:74:fe:be:ef:27:31:
         d9:85:c0:53:dc:16:c9:f6:db:57:ba:76:d4:07:89:83:4b:79:
         d1:92:2b:25:2a:5a:0a:a9:25:89:01:c8:16:dd:a0:b0:e4:6b:
         d3:70:0f:09
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICEF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjIwODE2MDYzNjM5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZiM2FmNi0xN2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvaOE1Afyu2pcp+bE9w54WmgeWWgkWpTKOSH3kdqAE20e16YoWqtWmdVyXG5B
vGKE6QLUa5eDiooCFRgDfDikE+pR4FG169f4cSZvt5sdyMoJ0qMQTqOisdE9n0Dh
Xo1691UteulPbCZzsGH54aNP+hLCsSPTMA+odCBOYAtatU25luJ9YH68pLM+ML6T
PNZ4/ZvPxdmOS68r8DQdw/V/3/6hZ7SSbI6I4qZ4/VKKU4aEtYJHNT5/YwpmwXye
usje7PO/jVJJjDKaJNhVSpYQzkkj93FXA07xh2/Ii6vvXbUnFboZKgxODpFkzUdF
1Qu6qFnwFcNNPfx8wLL+WXZK5QIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFBB+BMsV
Hio7K2cwiE5rM96+3KvsMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvOTZGMTAxMzBD
NDUzMTFFQkIzMDVDOTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMEgEAgABMEIDBAYbfYADBAcnbYADBAY6YMAwCwMDAGV/AwQGZX+AAwQDZX/w
AwQAZxGSAwQGdRSAAwQHthOAAwMAtjcDBAe3WgAwDQQCAAIwBwMFACQGMAMwDQYJ
KoZIhvcNAQELBQADggEBAAeo949Q0gyFYyCCuoQhOqhklS6vtrlX/d54Ygnc3EWR
kL9tdSlCUCzpr8t3TUFqyP+T/iBUqdIG+Yz3+bGJMcZ1kXxGi6xr36vf3RpAHh9f
m1rhtzkIQ22VfyOd6oAB54XcBoC7rnQa07Ga/Zb+GKGKo9kBoI0KQamfa0mAlnci
cQbAi9NMg+E/RCQVV4E9sqwRQFAWkysqtKRbaeAqmEKESjlYdZYlZW8LCRo1g/TR
9+AP3VUAgF1qzmNY1MpYN7HBXtgKQmJNbvCsdPLCiH8k83T+vu8nMdmFwFPcFsn2
21e6dtQHiYNLedGSKyUqWgqpJYkByBbdoLDka9NwDwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org