Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6EC6D3B405E311EE8C4A7469C4F9AE02.roa
File:                     6EC6D3B405E311EE8C4A7469C4F9AE02.roa (raw, json)
Hash identifier:          uwo33XeZ2cqTDFVSaE67agOcC7YLtYGKtxakVafSj3Y=
Subject key identifier:   C6:41:00:27:39:F5:6A:69:8C:45:5F:67:C9:1B:09:5D:CB:57:90:AD
Certificate issuer:       /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial:       1C4E
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6EC6D3B405E311EE8C4A7469C4F9AE02.roa
Signing time:             Thu 08 Jun 2023 10:01:27 +0000
ROA not before:           Thu 08 Jun 2023 10:01:27 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     38283
IP address blocks:        125.64.0.0/24 maxlen: 24
                          125.64.1.0/24 maxlen: 24
                          125.64.2.0/24 maxlen: 24
                          125.64.3.0/24 maxlen: 24
                          125.64.4.0/24 maxlen: 24
                          125.64.5.0/24 maxlen: 24
                          125.64.6.0/24 maxlen: 24
                          125.64.8.0/24 maxlen: 24
                          125.64.9.0/24 maxlen: 24
                          125.64.10.0/24 maxlen: 24
                          125.64.11.0/24 maxlen: 24
                          125.64.12.0/24 maxlen: 24
                          125.64.13.0/24 maxlen: 24
                          125.64.14.0/24 maxlen: 24
                          125.64.15.0/24 maxlen: 24
                          125.64.16.0/24 maxlen: 24
                          125.64.17.0/24 maxlen: 24
                          125.64.18.0/24 maxlen: 24
                          125.64.19.0/24 maxlen: 24
                          125.64.20.0/24 maxlen: 24
                          125.64.21.0/24 maxlen: 24
                          125.64.23.0/24 maxlen: 24
                          125.64.24.0/24 maxlen: 24
                          125.64.25.0/24 maxlen: 24
                          125.64.26.0/24 maxlen: 24
                          125.64.27.0/24 maxlen: 24
                          125.64.28.0/24 maxlen: 24
                          125.64.29.0/24 maxlen: 24
                          125.64.30.0/23 maxlen: 23
                          125.64.32.0/21 maxlen: 24
                          125.64.40.0/24 maxlen: 24
                          125.64.41.0/24 maxlen: 24
                          125.64.43.0/24 maxlen: 24
                          125.64.92.0/24 maxlen: 24
                          125.64.93.0/24 maxlen: 24
                          125.64.94.0/24 maxlen: 24
                          125.64.95.0/24 maxlen: 24
                          125.64.96.0/24 maxlen: 24
                          125.64.97.0/24 maxlen: 24
                          125.64.98.0/24 maxlen: 24
                          125.64.99.0/24 maxlen: 24
                          125.64.100.0/24 maxlen: 24
                          125.64.101.0/24 maxlen: 24
                          125.64.102.0/24 maxlen: 24
                          125.64.103.0/24 maxlen: 24
                          125.64.104.0/21 maxlen: 21
                          125.64.128.0/20 maxlen: 20
                          125.64.144.0/22 maxlen: 22
                          125.65.46.0/24 maxlen: 24
                          125.65.114.0/24 maxlen: 24
                          125.65.134.0/24 maxlen: 24
                          125.65.135.0/24 maxlen: 24
                          125.65.153.0/24 maxlen: 24
                          125.65.154.0/24 maxlen: 24
                          125.65.216.0/22 maxlen: 22
                          125.65.245.0/24 maxlen: 24
                          125.65.247.0/24 maxlen: 24
                          125.67.234.0/24 maxlen: 24
                          125.67.235.0/24 maxlen: 24
                          202.98.123.0/24 maxlen: 24
                          218.6.168.0/24 maxlen: 24
                          218.6.169.0/24 maxlen: 24
                          218.6.170.0/24 maxlen: 24
                          218.6.171.0/24 maxlen: 24
                          218.6.172.0/24 maxlen: 24
                          218.6.173.0/24 maxlen: 24
                          218.6.174.0/24 maxlen: 24
                          218.6.175.0/24 maxlen: 24
                          218.6.196.0/24 maxlen: 24
                          218.6.197.0/24 maxlen: 24
                          218.6.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7246 (0x1c4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
        Validity
            Not Before: Jun  8 10:01:27 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6481a6f7-2217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:1d:8c:a1:80:a9:47:71:27:eb:f1:81:ee:42:
                    2d:d4:99:bc:46:8c:9d:b7:20:da:c4:30:c3:4a:d6:
                    e1:95:a7:ca:1d:5f:00:7e:27:93:76:fa:b8:d1:33:
                    dd:f8:26:d1:b4:38:06:e7:7d:24:06:ca:6e:01:33:
                    3c:c5:3d:d2:b0:38:34:8a:39:af:38:74:90:3d:d4:
                    dd:e9:fe:36:59:ff:4b:13:d3:f1:2b:6a:91:13:83:
                    de:0f:a8:04:dd:58:0c:03:7d:c6:eb:ce:80:57:99:
                    2a:e5:fc:ca:ae:7c:af:2f:f5:2f:89:76:c8:e0:22:
                    c1:c2:cc:ca:1d:56:ae:1c:70:18:d7:e5:31:2a:45:
                    00:c4:b8:02:a0:67:35:6f:3e:1f:67:f9:6c:10:cb:
                    ca:0a:03:92:3f:cd:33:2b:33:02:00:8a:66:35:13:
                    6b:3d:65:2a:37:7e:92:b1:92:5e:20:83:e8:14:c8:
                    13:ac:e6:33:48:15:46:47:e2:d4:18:98:1e:d1:c6:
                    0a:1b:92:cb:ee:07:0a:cb:43:76:46:d6:a2:cf:2d:
                    60:b2:ec:51:46:10:d6:cb:0c:23:d8:0d:7e:e9:d2:
                    02:0f:04:4d:de:1f:6d:06:9e:f9:b3:30:3b:f8:2b:
                    d0:24:a6:07:52:d8:b3:78:df:fa:4d:f2:08:d7:75:
                    c4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:41:00:27:39:F5:6A:69:8C:45:5F:67:C9:1B:09:5D:CB:57:90:AD
            X509v3 Authority Key Identifier:
                keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6EC6D3B405E311EE8C4A7469C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.64.0.0-125.64.6.255
                  125.64.8.0-125.64.21.255
                  125.64.23.0-125.64.41.255
                  125.64.43.0/24
                  125.64.92.0-125.64.111.255
                  125.64.128.0-125.64.147.255
                  125.65.46.0/24
                  125.65.114.0/24
                  125.65.134.0/23
                  125.65.153.0-125.65.154.255
                  125.65.216.0/22
                  125.65.245.0/24
                  125.65.247.0/24
                  125.67.234.0/23
                  202.98.123.0/24
                  218.6.168.0/21
                  218.6.196.0-218.6.198.255

    Signature Algorithm: sha256WithRSAEncryption
         69:63:f9:18:fa:c7:26:74:97:d5:42:ee:94:47:f0:3d:94:4a:
         c0:01:ac:e1:17:95:08:ba:de:0e:dc:01:be:e5:3b:82:cf:d7:
         91:13:b4:7a:b2:05:41:93:21:24:73:9c:d0:a7:85:8d:b2:6a:
         d2:5b:3c:a6:4c:ce:cd:2d:03:41:da:ba:e5:ed:01:2d:df:c8:
         a5:14:ac:06:9e:85:41:ef:74:ff:79:57:2d:db:27:7b:4f:91:
         2a:3a:72:c9:a8:97:62:85:3a:37:af:f2:e5:2a:8f:f4:c1:ae:
         d4:3b:0d:07:6f:9f:63:d1:26:83:d1:99:18:ca:11:c4:e9:8d:
         bc:49:ca:1e:20:b7:73:f3:2b:e8:cc:cd:ad:a5:3e:1c:f7:00:
         07:7e:82:03:81:f5:1c:d4:e7:84:b0:eb:20:2b:3e:6c:46:b6:
         e3:e1:ea:71:5d:54:7e:4f:80:bd:05:ba:ce:79:f1:6e:d7:90:
         e4:17:d0:9b:61:8c:33:d1:39:89:5a:14:ab:cf:74:4f:4e:2e:
         91:f1:60:cf:a3:ad:16:b6:97:29:a1:41:2c:1d:e9:a5:4b:16:
         6c:8f:8b:19:cf:7d:33:9a:49:b1:5e:4e:8b:50:c2:8a:4c:0f:
         74:a1:0b:7c:aa:6d:ee:c9:d1:1e:b8:8b:5a:1b:18:3f:cb:4a:
         87:72:72:3f
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICHE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjMwNjA4MTAwMTI3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxYTZmNy0yMjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsR2MoYCpR3En6/GB7kIt1Jm8RoydtyDaxDDDStbhlafKHV8AfieTdvq40TPd
+CbRtDgG530kBspuATM8xT3SsDg0ijmvOHSQPdTd6f42Wf9LE9PxK2qRE4PeD6gE
3VgMA33G686AV5kq5fzKrnyvL/UviXbI4CLBwszKHVauHHAY1+UxKkUAxLgCoGc1
bz4fZ/lsEMvKCgOSP80zKzMCAIpmNRNrPWUqN36SsZJeIIPoFMgTrOYzSBVGR+LU
GJge0cYKG5LL7gcKy0N2Rtaizy1gsuxRRhDWywwj2A1+6dICDwRN3h9tBp75szA7
+CvQJKYHUtizeN/6TfII13XEwQIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFMZBACc5
9WppjEVfZ8kbCV3LV5CtMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNkVDNkQzQjQw
NUUzMTFFRThDNEE3NDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMIGkBAIAATCBnTALAwMGfUADBAB9QAYwDAMEA31ACAMEAX1AFDAMAwQA
fUAXAwQBfUAoAwQAfUArMAwDBAJ9QFwDBAR9QGAwDAMEB31AgAMEAn1AkAMEAH1B
LgMEAH1BcgMEAX1BhjAMAwQAfUGZAwQAfUGaAwQCfUHYAwQAfUH1AwQAfUH3AwQB
fUPqAwQAymJ7AwQD2gaoMAwDBALaBsQDBADaBsYwDQYJKoZIhvcNAQELBQADggEB
AGlj+Rj6xyZ0l9VC7pRH8D2USsABrOEXlQi63g7cAb7lO4LP15ETtHqyBUGTISRz
nNCnhY2yatJbPKZMzs0tA0HauuXtAS3fyKUUrAaehUHvdP95Vy3bJ3tPkSo6csmo
l2KFOjev8uUqj/TBrtQ7DQdvn2PRJoPRmRjKEcTpjbxJyh4gt3PzK+jMza2lPhz3
AAd+ggOB9RzU54Sw6yArPmxGtuPh6nFdVH5PgL0Fus558W7XkOQX0JthjDPROYla
FKvPdE9OLpHxYM+jrRa2lymhQSwd6aVLFmyPixnPfTOaSbFeTotQwopMD3ShC3yq
be7J0R64i1obGD/LSodycj8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org