Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C86037C2D8D511EBA4DA3C84C4F9AE02.roa
File:                     C86037C2D8D511EBA4DA3C84C4F9AE02.roa (raw, json)
Hash identifier:          m594Qhc5PKnMBgoRrCk+b+46ng7FLA2G0NWWm9T5XBs=
Subject key identifier:   32:CC:3D:22:E1:DA:13:60:DF:F2:00:BE:E4:B6:34:9B:C0:39:97:00
Certificate issuer:       /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial:       2FB7
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C86037C2D8D511EBA4DA3C84C4F9AE02.roa
Signing time:             Tue 29 Jun 2021 12:50:28 +0000
ROA not before:           Tue 29 Jun 2021 12:50:28 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     141342
IP address blocks:        115.186.72.0/22 maxlen: 22
                          115.186.94.0/24 maxlen: 24
                          115.186.124.0/24 maxlen: 24
                          117.102.11.0/24 maxlen: 24
                          117.102.14.0/24 maxlen: 24
                          117.102.15.0/24 maxlen: 24
                          117.102.20.0/24 maxlen: 24
                          117.102.22.0/24 maxlen: 24
                          117.102.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12215 (0x2fb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
        Validity
            Not Before: Jun 29 12:50:28 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=60db1714-e672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:74:d0:62:7e:fd:1e:76:62:13:a0:d3:68:92:
                    c5:36:71:1b:29:3c:86:b4:b3:1a:3b:88:ae:69:a6:
                    d6:4a:51:34:80:e1:3a:4f:2f:99:ca:57:f1:e2:e1:
                    a4:af:5d:eb:0b:ca:9f:cc:82:a0:86:db:a8:ea:62:
                    4d:0e:e6:25:99:fe:1c:61:56:dc:a6:56:bf:b7:57:
                    89:67:74:e8:2d:78:5f:1f:e5:93:7a:a7:9d:64:9c:
                    97:59:d9:23:36:6b:ee:71:93:25:00:f8:7d:4f:20:
                    93:bf:a0:8e:8a:92:6d:83:13:36:9d:3e:08:6c:10:
                    5c:90:2b:3c:ca:24:ee:92:86:8c:a2:6e:15:79:9c:
                    2f:53:8c:9d:1c:9e:16:e4:1b:91:af:32:3e:34:f1:
                    13:73:c3:45:48:46:ba:a8:29:27:e6:9e:3f:d9:19:
                    0d:65:97:79:5a:b1:bf:d2:f1:a0:47:c7:6a:e0:51:
                    4a:10:8a:65:66:6d:8a:b6:5d:da:3c:8f:f1:b9:8d:
                    ce:64:2a:07:e8:ce:23:c3:89:65:0c:b1:ff:d9:5f:
                    c3:47:3e:0c:94:29:03:17:47:d0:61:d4:ea:81:58:
                    57:89:44:1e:9b:b9:4d:a1:17:43:9e:ec:43:51:34:
                    2b:08:76:f5:ec:38:d7:3a:a3:97:f6:83:46:cb:e6:
                    d5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CC:3D:22:E1:DA:13:60:DF:F2:00:BE:E4:B6:34:9B:C0:39:97:00
            X509v3 Authority Key Identifier:
                keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C86037C2D8D511EBA4DA3C84C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.186.72.0/22
                  115.186.94.0/24
                  115.186.124.0/24
                  117.102.11.0/24
                  117.102.14.0/23
                  117.102.20.0/24
                  117.102.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ae:d3:c4:98:bb:8a:84:11:60:c2:56:f9:86:80:91:b3:04:be:
         1a:23:56:7b:b8:38:37:70:1a:50:88:4a:36:c7:32:2d:31:b9:
         c5:b8:e0:02:fd:69:c8:99:13:7d:b8:71:33:18:74:a0:9e:97:
         ef:57:b4:a4:8b:cf:9d:15:a5:73:3f:15:41:d3:ac:75:d2:ab:
         c4:20:37:81:28:fe:7c:b7:1f:82:55:d7:16:40:2e:0a:e1:43:
         aa:78:cc:fd:61:de:31:f7:fb:bb:0b:03:bc:29:0b:12:4d:16:
         6f:0d:44:e0:94:62:46:2e:68:64:2b:15:61:df:82:50:8d:27:
         44:88:df:17:5c:0d:39:0d:58:04:e0:96:5d:19:05:9d:f2:4d:
         2d:ea:24:ab:1f:9a:e8:8f:9d:63:e4:07:c9:93:ea:0c:cd:e1:
         f5:af:88:dd:75:38:65:ce:6c:97:b3:7e:a5:e6:0d:d2:72:0a:
         2f:dd:f1:8c:73:4e:d9:52:4a:c4:36:0d:13:36:06:30:a9:59:
         d3:47:f2:9a:34:46:f4:57:6c:0a:f5:3d:24:7a:b0:24:44:9d:
         60:42:d1:9e:43:b8:2a:ff:60:18:8f:de:c5:a7:6d:a8:cb:10:
         bd:bf:4d:0e:f3:f3:c5:a7:6b:e8:8a:ea:90:f5:6c:da:3e:57:
         c1:ba:c2:a4
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICL7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjEwNjI5MTI1MDI4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGRiMTcxNC1lNjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHTQYn79HnZiE6DTaJLFNnEbKTyGtLMaO4iuaabWSlE0gOE6Ty+Zylfx4uGk
r13rC8qfzIKghtuo6mJNDuYlmf4cYVbcpla/t1eJZ3ToLXhfH+WTeqedZJyXWdkj
NmvucZMlAPh9TyCTv6COipJtgxM2nT4IbBBckCs8yiTukoaMom4VeZwvU4ydHJ4W
5BuRrzI+NPETc8NFSEa6qCkn5p4/2RkNZZd5WrG/0vGgR8dq4FFKEIplZm2Ktl3a
PI/xuY3OZCoH6M4jw4llDLH/2V/DRz4MlCkDF0fQYdTqgVhXiUQem7lNoRdDnuxD
UTQrCHb17DjXOqOX9oNGy+bV6QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDLMPSLh
2hNg3/IAvuS2NJvAOZcAMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQzg2MDM3QzJE
OEQ1MTFFQkE0REEzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAJzukgDBABzul4DBABzunwDBAB1ZgsDBAF1Zg4DBAB1ZhQD
BAF1ZhYwDQYJKoZIhvcNAQELBQADggEBAK7TxJi7ioQRYMJW+YaAkbMEvhojVnu4
ODdwGlCISjbHMi0xucW44AL9aciZE324cTMYdKCel+9XtKSLz50VpXM/FUHTrHXS
q8QgN4Eo/ny3H4JV1xZALgrhQ6p4zP1h3jH3+7sLA7wpCxJNFm8NROCUYkYuaGQr
FWHfglCNJ0SI3xdcDTkNWATgll0ZBZ3yTS3qJKsfmuiPnWPkB8mT6gzN4fWviN11
OGXObJezfqXmDdJyCi/d8YxzTtlSSsQ2DRM2BjCpWdNH8po0RvRXbAr1PSR6sCRE
nWBC0Z5DuCr/YBiP3sWnbajLEL2/TQ7z88Wna+iK6pD1bNo+V8G6wqQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org