Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/6941EC0E1B0C11EB874B8D21C4F9AE02.roa
File:                     6941EC0E1B0C11EB874B8D21C4F9AE02.roa (raw, json)
Hash identifier:          ACgfB+rqJ8RPDhnIrrnyzy0H5z6Ko4ZceVtfShuZqXo=
Subject key identifier:   6F:00:6B:A2:3E:FD:78:BA:68:91:F3:B8:4F:B4:F8:06:DE:46:AE:FE
Certificate issuer:       /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial:       0F64
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/6941EC0E1B0C11EB874B8D21C4F9AE02.roa
Signing time:             Mon 21 Mar 2022 18:24:35 +0000
ROA not before:           Mon 21 Mar 2022 18:24:35 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     9902
IP address blocks:        103.23.136.0/22 maxlen: 22
                          103.23.136.0/24 maxlen: 24
                          103.23.137.0/24 maxlen: 24
                          103.23.138.0/24 maxlen: 24
                          103.23.139.0/24 maxlen: 24
                          103.25.92.0/24 maxlen: 24
                          103.25.93.0/24 maxlen: 24
                          103.25.94.0/24 maxlen: 24
                          103.25.95.0/24 maxlen: 24
                          103.244.248.0/22 maxlen: 22
                          103.244.248.0/24 maxlen: 24
                          103.244.249.0/24 maxlen: 24
                          103.244.250.0/24 maxlen: 24
                          103.244.251.0/24 maxlen: 24
                          110.235.220.0/22 maxlen: 22
                          110.235.220.0/24 maxlen: 24
                          110.235.221.0/24 maxlen: 24
                          110.235.222.0/24 maxlen: 24
                          110.235.223.0/24 maxlen: 24
                          123.108.248.0/21 maxlen: 21
                          123.108.248.0/24 maxlen: 24
                          123.108.249.0/24 maxlen: 24
                          123.108.250.0/24 maxlen: 24
                          123.108.251.0/24 maxlen: 24
                          123.108.252.0/24 maxlen: 24
                          123.108.253.0/24 maxlen: 24
                          123.108.254.0/23 maxlen: 24
                          124.199.112.0/20 maxlen: 20
                          124.199.112.0/24 maxlen: 24
                          124.199.113.0/24 maxlen: 24
                          124.199.114.0/24 maxlen: 24
                          124.199.115.0/24 maxlen: 24
                          124.199.116.0/24 maxlen: 24
                          124.199.117.0/24 maxlen: 24
                          124.199.118.0/24 maxlen: 24
                          124.199.119.0/24 maxlen: 24
                          124.199.120.0/24 maxlen: 24
                          124.199.121.0/24 maxlen: 24
                          124.199.122.0/24 maxlen: 24
                          124.199.123.0/24 maxlen: 24
                          124.199.124.0/24 maxlen: 24
                          124.199.125.0/24 maxlen: 24
                          124.199.126.0/24 maxlen: 24
                          124.199.127.0/24 maxlen: 24
                          163.53.196.0/22 maxlen: 22
                          163.53.196.0/24 maxlen: 24
                          163.53.197.0/24 maxlen: 24
                          163.53.198.0/24 maxlen: 24
                          163.53.199.0/24 maxlen: 24
                          202.124.32.0/24 maxlen: 24
                          202.124.33.0/24 maxlen: 24
                          202.124.34.0/24 maxlen: 24
                          202.124.35.0/24 maxlen: 24
                          202.124.36.0/24 maxlen: 24
                          202.124.37.0/24 maxlen: 24
                          202.124.38.0/24 maxlen: 24
                          202.124.39.0/24 maxlen: 24
                          202.124.40.0/24 maxlen: 24
                          202.124.41.0/24 maxlen: 24
                          202.124.42.0/24 maxlen: 24
                          202.124.43.0/24 maxlen: 24
                          202.124.44.0/24 maxlen: 24
                          202.124.45.0/24 maxlen: 24
                          202.124.46.0/24 maxlen: 24
                          202.124.47.0/24 maxlen: 24
                          203.80.160.0/21 maxlen: 21
                          203.80.160.0/24 maxlen: 24
                          203.80.161.0/24 maxlen: 24
                          203.80.162.0/24 maxlen: 24
                          203.80.163.0/24 maxlen: 24
                          203.80.164.0/24 maxlen: 24
                          203.80.165.0/24 maxlen: 24
                          203.80.166.0/24 maxlen: 24
                          203.80.167.0/24 maxlen: 24
                          203.167.16.0/22 maxlen: 22
                          203.167.16.0/24 maxlen: 24
                          203.167.17.0/24 maxlen: 24
                          203.167.18.0/23 maxlen: 24
                          2402:5100::/32 maxlen: 32
                          2402:5100::/48 maxlen: 48
                          2402:5100:1::/48 maxlen: 48
                          2402:5100:2::/48 maxlen: 48
                          2402:5100:3::/48 maxlen: 48
                          2402:5100:4::/48 maxlen: 48
                          2402:5100:5::/48 maxlen: 48
                          2402:5100:6::/47 maxlen: 47
                          2402:5100:8::/45 maxlen: 45
                          2402:5100:10::/44 maxlen: 44
                          2402:5100:20::/43 maxlen: 43
                          2402:5100:40::/42 maxlen: 42
                          2402:5100:80::/41 maxlen: 41
                          2402:5100:100::/40 maxlen: 40
                          2402:5100:200::/39 maxlen: 39
                          2402:5100:400::/38 maxlen: 38
                          2402:5100:800::/37 maxlen: 37
                          2402:5100:1000::/36 maxlen: 36
                          2402:5100:2000::/35 maxlen: 35
                          2402:5100:4000::/34 maxlen: 34
                          2402:5100:8000::/33 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3940 (0xf64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
        Validity
            Not Before: Mar 21 18:24:35 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=6238c2e3-7744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:fa:d8:80:4d:0d:59:d1:1f:c6:7b:fb:a7:31:
                    3d:b9:28:b6:e2:4e:3a:f4:4b:0e:c0:b7:6d:17:f8:
                    3a:12:f7:10:57:c0:18:76:c5:a2:93:8c:e1:aa:69:
                    ff:18:a6:bf:53:86:d7:f4:5f:3e:f2:6d:8c:c9:46:
                    ea:5f:4c:6c:3d:7c:eb:bb:b0:c0:e7:91:54:ab:9b:
                    e4:54:0f:63:e0:6c:98:17:69:1c:19:33:1e:11:cc:
                    38:4f:ad:90:0d:22:48:b2:1b:35:8a:8a:52:e1:de:
                    e1:ad:a5:f4:e5:b0:bb:70:7d:cd:da:d6:2f:75:19:
                    b7:dc:c9:dc:13:84:21:61:4d:a0:96:7c:fe:49:71:
                    d5:ef:b3:19:61:eb:3c:45:7e:59:63:ae:b7:b9:79:
                    83:7f:20:7d:b6:3f:1c:a1:54:02:3f:84:4f:5a:df:
                    9a:c3:c7:3f:79:98:1c:84:eb:ad:5f:22:8f:3e:dd:
                    46:f1:a2:eb:a3:12:c7:06:bf:e5:8f:54:06:80:10:
                    79:d7:a7:ff:cc:9d:13:b9:63:7e:2e:68:df:f2:f3:
                    50:ae:3d:b9:4f:05:9d:02:fd:86:3e:0d:2d:40:b3:
                    6a:23:4f:42:c5:35:4e:6d:23:c5:3c:69:6b:9c:ea:
                    a2:88:d4:25:48:9b:0f:75:67:6c:19:d5:2d:f1:a7:
                    86:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:00:6B:A2:3E:FD:78:BA:68:91:F3:B8:4F:B4:F8:06:DE:46:AE:FE
            X509v3 Authority Key Identifier:
                keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/6941EC0E1B0C11EB874B8D21C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.136.0/22
                  103.25.92.0/22
                  103.244.248.0/22
                  110.235.220.0/22
                  123.108.248.0/21
                  124.199.112.0/20
                  163.53.196.0/22
                  202.124.32.0/20
                  203.80.160.0/21
                  203.167.16.0/22
                IPv6:
                  2402:5100::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:49:89:50:f8:04:30:49:45:90:36:a6:5d:26:b9:fe:48:9f:
         d3:4e:c6:a9:79:e1:d4:57:80:88:45:b7:74:13:16:03:7a:89:
         cc:be:46:76:58:bc:da:9c:b4:41:c8:43:a4:9d:e1:0e:8d:51:
         88:12:98:e3:96:ce:46:14:63:02:1d:b8:48:1c:aa:53:3b:ea:
         db:71:a7:1b:5d:d8:a7:13:5a:ce:b5:d9:fd:e9:0d:0d:50:63:
         d8:f6:6f:06:16:35:47:a3:26:7b:b0:35:f4:cf:75:73:b2:4a:
         92:2d:36:d0:44:f0:7d:2e:39:a9:45:8b:08:dc:9e:2c:13:66:
         f8:23:c6:b8:4e:a7:90:e9:56:23:4c:d6:45:88:fb:7e:a4:a5:
         ef:95:94:02:63:3f:be:b1:9c:eb:b7:aa:91:d4:47:a5:ba:c3:
         5a:b1:eb:86:08:7a:82:4d:cd:15:47:52:2d:5c:5b:91:4d:06:
         c5:54:6e:09:a0:0f:99:02:cf:80:5c:a9:42:4a:8c:27:8b:9a:
         e0:ba:90:95:71:73:05:8a:81:ff:4b:f5:1d:0f:6d:59:67:f2:
         72:40:91:6c:e0:a1:d6:db:c8:b1:59:9b:a2:9e:3c:a1:94:68:
         f0:b7:d1:ec:1d:7e:7d:4e:15:56:b8:f3:cf:68:52:58:11:5a:
         4c:c0:0f:f1
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICD2QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjIwMzIxMTgyNDM1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM4YzJlMy03NzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfrYgE0NWdEfxnv7pzE9uSi24k469EsOwLdtF/g6EvcQV8AYdsWik4zhqmn/
GKa/U4bX9F8+8m2MyUbqX0xsPXzru7DA55FUq5vkVA9j4GyYF2kcGTMeEcw4T62Q
DSJIshs1iopS4d7hraX05bC7cH3N2tYvdRm33MncE4QhYU2glnz+SXHV77MZYes8
RX5ZY663uXmDfyB9tj8coVQCP4RPWt+aw8c/eZgchOutXyKPPt1G8aLroxLHBr/l
j1QGgBB516f/zJ0TuWN+Lmjf8vNQrj25TwWdAv2GPg0tQLNqI09CxTVObSPFPGlr
nOqiiNQlSJsPdWdsGdUt8aeGZwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFG8Aa6I+
/Xi6aJHzuE+0+AbeRq7+MB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvNjk0MUVDMEUx
QjBDMTFFQjg3NEI4RDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3AD
BAKjNcQDBATKfCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcN
AQELBQADggEBAJdJiVD4BDBJRZA2pl0muf5In9NOxql54dRXgIhFt3QTFgN6icy+
RnZYvNqctEHIQ6Sd4Q6NUYgSmOOWzkYUYwIduEgcqlM76ttxpxtd2KcTWs612f3p
DQ1QY9j2bwYWNUejJnuwNfTPdXOySpItNtBE8H0uOalFiwjcniwTZvgjxrhOp5Dp
ViNM1kWI+36kpe+VlAJjP76xnOu3qpHUR6W6w1qx64YIeoJNzRVHUi1cW5FNBsVU
bgmgD5kCz4BcqUJKjCeLmuC6kJVxcwWKgf9L9R0PbVln8nJAkWzgodbbyLFZm6Ke
PKGUaPC30ewdfn1OFVa4889oUlgRWkzAD/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org