Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/A3435EBC21ED11ED945CE952C4F9AE02.roa
File:                     A3435EBC21ED11ED945CE952C4F9AE02.roa (raw, json)
Hash identifier:          dye+L6f7EJGWnf19weSwoDurWZfqlCW1UX7/CBjzp3U=
Subject key identifier:   F1:81:CD:79:10:AF:4B:EE:65:AF:1B:8E:3A:E3:07:FF:79:FF:65:CE
Certificate issuer:       /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial:       0664
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/A3435EBC21ED11ED945CE952C4F9AE02.roa
Signing time:             Tue 25 Oct 2022 02:10:22 +0000
ROA not before:           Tue 25 Oct 2022 02:10:22 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     132203
IP address blocks:        43.128.222.0/23 maxlen: 23
                          43.130.63.0/24 maxlen: 24
                          43.135.58.0/24 maxlen: 24
                          43.135.187.0/24 maxlen: 24
                          43.152.96.0/19 maxlen: 24
                          43.152.192.0/19 maxlen: 19
                          43.152.224.0/19 maxlen: 19
                          43.153.0.0/18 maxlen: 18
                          43.153.64.0/18 maxlen: 18
                          43.153.128.0/18 maxlen: 18
                          43.153.164.0/24 maxlen: 24
                          43.153.187.0/24 maxlen: 24
                          43.153.192.0/18 maxlen: 18
                          43.154.0.0/18 maxlen: 18
                          43.154.64.0/18 maxlen: 18
                          43.154.128.0/18 maxlen: 18
                          43.154.192.0/18 maxlen: 18
                          43.155.0.0/17 maxlen: 18
                          43.155.127.0/24 maxlen: 24
                          43.155.128.0/17 maxlen: 18
                          43.156.0.0/18 maxlen: 18
                          43.156.64.0/18 maxlen: 18
                          43.156.128.0/18 maxlen: 18
                          43.156.192.0/18 maxlen: 18
                          43.156.252.0/24 maxlen: 24
                          43.156.254.0/24 maxlen: 24
                          43.157.0.0/17 maxlen: 24
                          43.157.128.0/18 maxlen: 24
                          43.157.192.0/18 maxlen: 24
                          43.158.0.0/16 maxlen: 16
                          43.158.0.0/17 maxlen: 24
                          43.158.128.0/18 maxlen: 24
                          43.158.192.0/18 maxlen: 24
                          43.159.0.0/16 maxlen: 16
                          43.159.0.0/20 maxlen: 24
                          43.159.16.0/20 maxlen: 24
                          43.159.32.0/19 maxlen: 24
                          43.159.76.0/24 maxlen: 24
                          43.159.128.0/18 maxlen: 24
                          43.159.192.0/18 maxlen: 24
                          43.160.0.0/16 maxlen: 24
                          43.161.0.0/17 maxlen: 24
                          43.161.128.0/17 maxlen: 24
                          43.162.0.0/17 maxlen: 24
                          43.162.128.0/17 maxlen: 24
                          43.163.0.0/16 maxlen: 16
                          43.163.192.0/18 maxlen: 24
                          43.164.0.0/16 maxlen: 24
                          43.165.0.0/16 maxlen: 24
                          43.166.0.0/16 maxlen: 24
                          43.167.0.0/16 maxlen: 24
                          43.168.0.0/16 maxlen: 24
                          43.169.0.0/16 maxlen: 24
                          43.170.0.0/16 maxlen: 24
                          43.171.0.0/16 maxlen: 24
                          43.172.0.0/16 maxlen: 24
                          43.173.0.0/16 maxlen: 24
                          43.174.0.0/16 maxlen: 24
                          101.32.140.0/24 maxlen: 24
                          101.33.114.0/23 maxlen: 24
                          240d:c000::/24 maxlen: 32
                          240d:c000:1000::/36 maxlen: 36
                          240d:c000:2000::/36 maxlen: 36
                          240d:c000:3000::/36 maxlen: 36
                          240d:c010::/48 maxlen: 48
                          240d:c010::/56 maxlen: 56
                          240d:c010:0:100::/56 maxlen: 56
                          240d:c010:10::/48 maxlen: 48
                          240d:c010:11::/48 maxlen: 48
                          240d:c010:12::/48 maxlen: 48
                          240d:c010:13::/48 maxlen: 48
                          240d:c010:14::/48 maxlen: 48
                          240d:c010:16::/48 maxlen: 48
                          240d:c010:17::/48 maxlen: 48
                          240d:c010:1d::/48 maxlen: 48
                          240d:c010:1f::/48 maxlen: 48
                          240d:c010:20::/44 maxlen: 44
                          240d:c010:20::/56 maxlen: 56
                          240d:c010:20:100::/56 maxlen: 56
                          240d:c010:20:200::/56 maxlen: 56
                          240d:c010:30::/48 maxlen: 48
                          240d:c010:30::/56 maxlen: 56
                          240d:c010:30:100::/56 maxlen: 56
                          240d:c010:31::/48 maxlen: 48
                          240d:c010:50::/48 maxlen: 48
                          240d:c010:57::/48 maxlen: 48
                          240d:c010:58::/47 maxlen: 48
                          240d:c010:5b::/48 maxlen: 48
                          240d:c010:5c::/46 maxlen: 48
                          240d:c010:60::/48 maxlen: 48
                          240d:c010:66::/47 maxlen: 48
                          240d:c010:68::/48 maxlen: 48
                          240d:c010:6a::/48 maxlen: 48
                          240d:c010:6c::/47 maxlen: 48
                          240d:c010:6e::/48 maxlen: 48
                          240d:c040::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1636 (0x664)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
        Validity
            Not Before: Oct 25 02:10:22 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6357458e-514f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c1:40:92:c4:a8:4d:da:a0:37:c1:a7:bb:71:
                    bf:70:55:fe:c0:8a:cd:84:47:9d:b5:d8:35:70:06:
                    e1:a9:ba:a4:67:04:0f:f5:e8:5a:90:7d:b8:1d:97:
                    b3:b5:d5:64:dd:b9:9c:0a:41:58:be:22:ea:ef:3b:
                    05:01:05:5d:6b:fd:a6:32:b1:4e:a3:3a:d1:80:9a:
                    0e:40:35:e3:a5:df:b5:08:01:d4:0d:63:ed:1c:cb:
                    dd:2a:14:f9:2d:da:0f:da:29:b7:04:30:19:bf:b1:
                    a1:f6:28:d3:f0:0a:a7:cc:e7:e9:c5:50:db:0a:57:
                    1b:e4:45:4b:af:ff:d1:44:22:c6:5d:40:5b:d6:0b:
                    ab:22:c6:70:ec:d0:69:d3:4a:96:6b:37:03:cf:6a:
                    28:73:c4:58:9d:08:f7:ab:04:e9:0a:08:2d:e6:b8:
                    5e:f8:c4:c9:fe:24:16:1e:c9:e3:6c:91:6d:7b:fa:
                    0d:02:ba:90:99:d6:4b:3e:72:b5:de:8a:53:d0:aa:
                    a5:4b:2c:eb:73:e9:36:c0:6e:ad:1d:01:8c:82:c9:
                    b0:ac:57:6d:35:81:82:81:20:3b:06:a6:82:5e:eb:
                    1e:53:3d:0e:35:80:f8:08:e2:99:fa:29:55:44:0c:
                    68:9e:e4:73:0a:84:83:c1:2b:d3:1a:92:9d:5a:86:
                    2b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:81:CD:79:10:AF:4B:EE:65:AF:1B:8E:3A:E3:07:FF:79:FF:65:CE
            X509v3 Authority Key Identifier:
                keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/A3435EBC21ED11ED945CE952C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.128.222.0/23
                  43.130.63.0/24
                  43.135.58.0/24
                  43.135.187.0/24
                  43.152.96.0/19
                  43.152.192.0-43.174.255.255
                  101.32.140.0/24
                  101.33.114.0/23
                IPv6:
                  240d:c000::/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:73:40:ff:80:43:62:81:87:85:e1:96:a3:fa:d7:90:d3:96:
         b8:28:2d:54:f1:a5:92:1d:a9:e5:40:a8:76:74:64:31:7d:74:
         3e:48:05:64:2c:39:9b:0a:bc:8e:40:19:e1:30:c1:62:87:b1:
         4e:28:64:9e:40:8c:8c:19:e8:d1:bf:39:14:ab:56:b3:1a:33:
         4f:dc:56:9d:05:4e:9d:71:74:dd:1b:c6:63:73:26:9d:ed:33:
         33:6d:33:f7:95:ff:32:9c:7b:ba:5b:ff:55:ae:e4:26:25:ce:
         b7:b9:3d:ea:3d:d2:2e:de:2f:cc:36:c4:c4:d0:fb:62:8a:c5:
         64:8d:48:6c:b3:b1:80:06:9d:db:9b:dd:dc:5e:49:96:8f:22:
         02:47:c2:2e:89:9f:54:20:ac:5d:1b:9b:bd:bc:30:98:90:d4:
         db:11:1a:1b:65:ef:97:e1:bd:d7:a6:d0:e9:44:29:42:57:63:
         74:8f:91:5a:20:ee:37:6a:c7:31:53:81:f6:9f:db:81:6c:fb:
         ed:bd:d0:b8:0f:57:ee:d2:ce:ff:b2:e5:0d:96:48:1f:d6:59:
         f1:18:45:94:2c:79:4e:f4:be:63:cf:ea:fd:c9:fc:88:65:e4:
         18:2c:25:e3:3d:65:53:e7:16:f4:91:12:66:09:af:ab:d2:3c:
         90:53:df:46
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjIxMDI1MDIxMDIyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU3NDU4ZS01MTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3cFAksSoTdqgN8Gnu3G/cFX+wIrNhEedtdg1cAbhqbqkZwQP9ehakH24HZez
tdVk3bmcCkFYviLq7zsFAQVda/2mMrFOozrRgJoOQDXjpd+1CAHUDWPtHMvdKhT5
LdoP2im3BDAZv7Gh9ijT8AqnzOfpxVDbClcb5EVLr//RRCLGXUBb1gurIsZw7NBp
00qWazcDz2ooc8RYnQj3qwTpCggt5rhe+MTJ/iQWHsnjbJFte/oNArqQmdZLPnK1
3opT0KqlSyzrc+k2wG6tHQGMgsmwrFdtNYGCgSA7BqaCXuseUz0ONYD4COKZ+ilV
RAxonuRzCoSDwSvTGpKdWoYrBQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFPGBzXkQ
r0vuZa8bjjrjB/95/2XOMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvQTM0MzVFQkMy
MUVEMTFFRDk0NUNFOTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMD0EAgABMDcDBAErgN4DBAArgj8DBAArhzoDBAArh7sDBAUrmGAwCwMEBiuY
wAMDACuuAwQAZSCMAwQBZSFyMAwEAgACMAYDBAAkDcAwDQYJKoZIhvcNAQELBQAD
ggEBAAxzQP+AQ2KBh4XhlqP615DTlrgoLVTxpZIdqeVAqHZ0ZDF9dD5IBWQsOZsK
vI5AGeEwwWKHsU4oZJ5AjIwZ6NG/ORSrVrMaM0/cVp0FTp1xdN0bxmNzJp3tMzNt
M/eV/zKce7pb/1Wu5CYlzre5Peo90i7eL8w2xMTQ+2KKxWSNSGyzsYAGndub3dxe
SZaPIgJHwi6Jn1QgrF0bm728MJiQ1NsRGhtl75fhvdem0OlEKUJXY3SPkVog7jdq
xzFTgfaf24Fs++290LgPV+7Szv+y5Q2WSB/WWfEYRZQseU70vmPP6v3J/Ihl5Bgs
JeM9ZVPnFvSREmYJr6vSPJBT30Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org