Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/30DDB72AF80811EA86F23717C4F9AE02.roa
File:                     30DDB72AF80811EA86F23717C4F9AE02.roa (raw, json)
Hash identifier:          OH29Lb3o4Zc1HwWu/hcl3mqMjiG4wFnNZBSoA5zA7oI=
Subject key identifier:   10:EC:25:E0:97:58:6C:ED:97:43:0A:04:F3:DB:09:20:3B:65:28:40
Certificate issuer:       /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
Certificate serial:       11DE
Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/30DDB72AF80811EA86F23717C4F9AE02.roa
Signing time:             Fri 27 May 2022 10:16:12 +0000
ROA not before:           Fri 27 May 2022 10:16:12 +0000
ROA not after:            Fri 30 Sep 2022 00:00:00 +0000
asID:                     8757
IP address blocks:        103.255.60.0/24 maxlen: 24
                          103.255.61.0/24 maxlen: 24
                          103.255.62.0/24 maxlen: 24
                          103.255.63.0/24 maxlen: 24
                          119.8.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4574 (0x11de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
        Validity
            Not Before: May 27 10:16:12 2022 GMT
            Not After : Sep 30 00:00:00 2022 GMT
        Subject: CN=6290a4eb-3ba8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9d:5c:bc:8b:97:6d:75:e3:c3:89:f4:e1:13:
                    40:f4:7b:da:3f:fb:19:c9:58:b3:ab:e3:36:51:13:
                    6c:72:63:53:9b:ea:7d:7c:45:58:93:f0:f7:61:ce:
                    17:f1:30:a7:da:a6:e0:31:3d:77:04:f1:c6:43:c9:
                    ed:43:24:86:3a:4a:64:fb:d8:5c:77:cf:fd:93:11:
                    28:41:11:fd:a2:b7:f5:49:72:0f:af:a3:cb:3f:a4:
                    7e:44:da:7b:e7:c9:c6:fd:78:5c:31:17:b6:dc:53:
                    37:ef:6c:11:70:5a:a7:3f:38:c0:28:65:a4:6b:7e:
                    08:33:75:8c:01:03:a4:d4:44:e9:b8:1a:21:e7:58:
                    60:a2:a4:3e:15:f7:7d:60:67:9b:29:90:76:ef:23:
                    26:71:65:3f:b1:9e:73:dc:33:e4:47:2a:55:ba:dd:
                    fb:39:c3:4e:1d:1f:e4:f6:cd:ff:6b:03:2d:ae:c3:
                    45:27:c4:21:96:13:5b:36:6f:ae:78:ca:d4:62:16:
                    86:f4:32:f4:e3:1a:bc:87:02:2e:1d:b5:75:fd:d4:
                    5c:ef:1d:82:9f:f9:3a:80:a3:c8:cf:14:73:36:52:
                    24:ec:07:59:0c:4f:35:30:28:fd:50:b7:89:8d:1d:
                    29:d9:fc:8b:ae:53:06:34:c8:f6:a6:6e:e8:5e:12:
                    21:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:EC:25:E0:97:58:6C:ED:97:43:0A:04:F3:DB:09:20:3B:65:28:40
            X509v3 Authority Key Identifier:
                keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/30DDB72AF80811EA86F23717C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.255.60.0/22
                  119.8.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:1f:77:5b:0a:fc:0c:41:7e:d1:01:b7:2c:a5:3b:9e:ef:7a:
         fa:3a:01:ca:d3:a5:89:54:63:5c:88:7b:e5:db:d6:6d:22:4d:
         de:c1:ff:a1:78:38:3e:d3:57:98:72:7f:ab:93:60:e5:7b:c3:
         b4:0c:e2:ca:33:5f:01:f4:eb:15:20:bc:6d:ab:6f:55:3f:af:
         12:af:3f:4d:71:8e:ac:f2:3c:8e:44:49:4b:eb:c8:d3:d9:60:
         f3:66:2b:6e:b7:dc:b0:c7:69:28:44:cb:5b:f9:52:51:4d:55:
         a2:1f:30:2b:28:19:c8:f6:70:31:99:d2:c8:dd:da:ee:c5:2c:
         68:1d:69:cb:c5:be:eb:e2:d4:07:fe:cc:42:b5:28:df:99:32:
         94:dd:44:7d:e6:4f:4a:0d:e8:71:6c:ef:e3:17:bf:50:90:89:
         81:de:32:1e:e9:89:4a:af:21:53:fe:02:1f:27:17:0c:be:6b:
         02:bd:cf:96:96:b2:df:00:bd:e3:88:53:12:fb:04:4f:5e:9e:
         f9:61:64:b1:71:4c:79:e2:eb:37:9f:cc:38:50:be:9e:ab:ed:
         77:15:48:ce:33:bb:83:69:f2:f0:c3:73:53:ec:fe:89:b0:78:
         f6:1d:4c:84:82:ad:77:3e:b9:95:67:ce:df:87:27:ca:51:e7:
         68:39:0f:fa
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2
NDI5RDg4QjgwHhcNMjIwNTI3MTAxNjEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjkwYTRlYi0zYmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyZ1cvIuXbXXjw4n04RNA9HvaP/sZyVizq+M2URNscmNTm+p9fEVYk/D3Yc4X
8TCn2qbgMT13BPHGQ8ntQySGOkpk+9hcd8/9kxEoQRH9orf1SXIPr6PLP6R+RNp7
58nG/XhcMRe23FM372wRcFqnPzjAKGWka34IM3WMAQOk1ETpuBoh51hgoqQ+Ffd9
YGebKZB27yMmcWU/sZ5z3DPkRypVut37OcNOHR/k9s3/awMtrsNFJ8QhlhNbNm+u
eMrUYhaG9DL04xq8hwIuHbV1/dRc7x2Cn/k6gKPIzxRzNlIk7AdZDE81MCj9ULeJ
jR0p2fyLrlMGNMj2pm7oXhIh5wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBDsJeCX
WGztl0MKBPPbCSA7ZShAMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp
TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvNzI1ODNBRkE2OTU3MTFFOEE0MkJFNjgwQzRGOUFFMDIvMzBEREI3MkFG
ODA4MTFFQTg2RjIzNzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/zwDBAB3COEwDQYJKoZIhvcNAQELBQADggEBAFMfd1sK
/AxBftEBtyylO57vevo6AcrTpYlUY1yIe+Xb1m0iTd7B/6F4OD7TV5hyf6uTYOV7
w7QM4sozXwH06xUgvG2rb1U/rxKvP01xjqzyPI5ESUvryNPZYPNmK2633LDHaShE
y1v5UlFNVaIfMCsoGcj2cDGZ0sjd2u7FLGgdacvFvuvi1Af+zEK1KN+ZMpTdRH3m
T0oN6HFs7+MXv1CQiYHeMh7piUqvIVP+Ah8nFwy+awK9z5aWst8AveOIUxL7BE9e
nvlhZLFxTHni6zefzDhQvp6r7XcVSM4zu4Np8vDDc1Ps/omwePYdTISCrXc+uZVn
zt+HJ8pR52g5D/o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org