Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/ABC83CB4921911EDB2D4A126C4F9AE02.roa
File:                     ABC83CB4921911EDB2D4A126C4F9AE02.roa (raw, json)
Hash identifier:          izyStsDmv2PR0vtwmtjBhlzYkPYioZfHPf8Z6cl4/ME=
Subject key identifier:   A9:4C:11:68:1A:AA:DF:12:9F:26:E7:89:3B:9E:A9:BB:EB:D9:A9:13
Certificate issuer:       /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial:       098B
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/ABC83CB4921911EDB2D4A126C4F9AE02.roa
Signing time:             Thu 12 Jan 2023 01:37:27 +0000
ROA not before:           Thu 12 Jan 2023 01:37:27 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     9311
IP address blocks:        43.246.128.0/24 maxlen: 24
                          43.246.130.0/24 maxlen: 24
                          43.246.196.0/24 maxlen: 24
                          43.246.198.0/24 maxlen: 24
                          103.8.85.0/24 maxlen: 24
                          103.8.87.0/24 maxlen: 24
                          103.15.32.0/24 maxlen: 24
                          103.15.34.0/24 maxlen: 24
                          103.15.77.0/24 maxlen: 24
                          103.15.79.0/24 maxlen: 24
                          103.24.160.0/24 maxlen: 24
                          103.24.161.0/24 maxlen: 24
                          103.24.162.0/24 maxlen: 24
                          103.24.163.0/24 maxlen: 24
                          103.244.208.0/24 maxlen: 24
                          103.244.209.0/24 maxlen: 24
                          103.244.210.0/24 maxlen: 24
                          103.244.211.0/24 maxlen: 24
                          103.248.148.0/24 maxlen: 24
                          103.248.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2443 (0x98b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
        Validity
            Not Before: Jan 12 01:37:27 2023 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=63bf6457-c5f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:11:94:7e:23:8e:2b:df:99:a6:e0:53:81:77:
                    a5:60:96:3a:c6:1e:92:bb:d0:29:da:75:a1:49:d2:
                    b0:61:1f:4b:b0:4c:33:6a:19:e6:d1:12:53:28:44:
                    50:5b:91:20:d3:44:89:3c:a5:70:30:69:d5:96:60:
                    20:4f:74:08:76:84:18:05:6e:4d:41:fa:fe:82:5e:
                    02:a1:6b:28:f9:95:e5:86:40:04:ff:d9:a7:ac:25:
                    71:d1:49:f8:44:4b:40:d4:b8:f5:b3:c8:64:9f:21:
                    81:6f:0e:bd:9e:e6:a6:a3:63:05:a6:e0:ae:90:5d:
                    18:13:7f:4d:86:32:5d:59:00:38:a8:bd:50:f3:35:
                    7e:de:6d:93:56:8e:e9:51:94:52:06:8d:61:b8:8f:
                    e3:17:32:77:ad:3a:d5:93:b4:81:24:0c:5c:e8:2d:
                    cd:92:27:a6:ca:3c:a5:9b:78:39:10:8f:6a:4c:0b:
                    47:e5:36:a7:f0:76:89:c0:4d:e6:9b:35:90:ff:24:
                    ae:f3:62:2d:c1:bf:56:e2:83:1b:e6:1d:5f:28:33:
                    df:7d:04:8d:ca:df:2f:c7:bc:6c:ae:8d:6e:35:18:
                    9e:8b:61:68:24:59:29:57:9a:be:a6:77:3a:60:20:
                    c2:64:b9:f1:42:2a:35:c4:12:c3:38:1c:4a:34:bc:
                    c8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:4C:11:68:1A:AA:DF:12:9F:26:E7:89:3B:9E:A9:BB:EB:D9:A9:13
            X509v3 Authority Key Identifier:
                keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/ABC83CB4921911EDB2D4A126C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.246.128.0/24
                  43.246.130.0/24
                  43.246.196.0/24
                  43.246.198.0/24
                  103.8.85.0/24
                  103.8.87.0/24
                  103.15.32.0/24
                  103.15.34.0/24
                  103.15.77.0/24
                  103.15.79.0/24
                  103.24.160.0/22
                  103.244.208.0/22
                  103.248.148.0/24
                  103.248.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:c9:f5:99:a1:86:b2:8c:75:88:ae:a2:8d:ad:00:96:13:ac:
         37:63:9c:3d:81:39:55:66:f9:4d:cb:4c:83:53:24:34:42:d6:
         e9:b4:81:aa:fa:f2:e3:4a:d5:a6:29:a2:a9:25:9d:a4:3c:d9:
         15:30:35:1b:4f:12:55:60:7c:0a:ff:5a:26:05:7c:bc:e9:4c:
         5d:ab:f8:a3:2c:98:30:b5:f2:d6:fb:91:8b:a4:e9:41:1d:c5:
         67:dd:e9:a5:9a:aa:cd:77:9a:cd:45:60:77:4f:eb:ca:a9:3a:
         ce:cd:f0:0d:77:ad:2a:82:3e:82:ea:a9:d5:bc:cf:43:a4:f6:
         25:aa:2d:08:be:fb:3b:f6:22:9f:66:6c:35:8d:00:72:36:47:
         14:7f:8f:1a:bc:a6:6e:dc:c9:b2:28:81:db:2c:3f:ef:ec:eb:
         f2:a3:b7:f9:74:5a:0e:f4:de:92:ee:4d:e8:99:8e:77:fa:94:
         3e:a7:b9:82:bb:dc:bf:65:74:bd:77:d3:a0:15:0c:61:46:7d:
         14:4a:f9:25:25:a2:d0:01:0c:e4:2b:41:1c:ec:2b:0d:01:69:
         d2:20:ed:88:cd:30:56:ff:6b:43:3e:f7:5a:97:b1:bd:7f:59:
         99:ff:86:24:55:c4:da:92:72:f3:d4:fa:e9:3a:12:9d:87:1a:
         30:3e:e9:8d
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICCYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjMwMTEyMDEzNzI3WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JmNjQ1Ny1jNWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxBGUfiOOK9+ZpuBTgXelYJY6xh6Su9Ap2nWhSdKwYR9LsEwzahnm0RJTKERQ
W5Eg00SJPKVwMGnVlmAgT3QIdoQYBW5NQfr+gl4CoWso+ZXlhkAE/9mnrCVx0Un4
REtA1Lj1s8hknyGBbw69nuamo2MFpuCukF0YE39NhjJdWQA4qL1Q8zV+3m2TVo7p
UZRSBo1huI/jFzJ3rTrVk7SBJAxc6C3Nkiemyjylm3g5EI9qTAtH5Tan8HaJwE3m
mzWQ/ySu82Itwb9W4oMb5h1fKDPffQSNyt8vx7xsro1uNRiei2FoJFkpV5q+pnc6
YCDCZLnxQio1xBLDOBxKNLzIFwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFKlMEWga
qt8SnybniTueqbvr2akTMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQUJDODNDQjQ5
MjE5MTFFREIyRDRBMTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E
XjBcMFoEAgABMFQDBAAr9oADBAAr9oIDBAAr9sQDBAAr9sYDBABnCFUDBABnCFcD
BABnDyADBABnDyIDBABnD00DBABnD08DBAJnGKADBAJn9NADBABn+JQDBABn+JYw
DQYJKoZIhvcNAQELBQADggEBAFfJ9ZmhhrKMdYiuoo2tAJYTrDdjnD2BOVVm+U3L
TINTJDRC1um0gar68uNK1aYpoqklnaQ82RUwNRtPElVgfAr/WiYFfLzpTF2r+KMs
mDC18tb7kYuk6UEdxWfd6aWaqs13ms1FYHdP68qpOs7N8A13rSqCPoLqqdW8z0Ok
9iWqLQi++zv2Ip9mbDWNAHI2RxR/jxq8pm7cybIogdssP+/s6/Kjt/l0Wg703pLu
TeiZjnf6lD6nuYK73L9ldL1306AVDGFGfRRK+SUlotABDOQrQRzsKw0BadIg7YjN
MFb/a0M+91qXsb1/WZn/hiRVxNqScvPU+uk6Ep2HGjA+6Y0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org