Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/0253CEEEFBF211EDBEAD0A26C4F9AE02.roa
File:                     0253CEEEFBF211EDBEAD0A26C4F9AE02.roa (raw, json)
Hash identifier:          jl94nl8DQuEpmnPvvca5Ma45sJvjPdoFqWf11uYcshs=
Subject key identifier:   A8:C0:44:50:9C:4A:9B:74:CC:FA:D4:E7:68:D5:B9:AB:1E:43:D0:4D
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3CD8
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/0253CEEEFBF211EDBEAD0A26C4F9AE02.roa
Signing time:             Fri 26 May 2023 18:20:36 +0000
ROA not before:           Fri 26 May 2023 18:20:36 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     7552
IP address blocks:        27.64.0.0/14 maxlen: 24
                          27.68.0.0/15 maxlen: 24
                          27.70.0.0/16 maxlen: 24
                          27.72.0.0/13 maxlen: 24
                          115.72.0.0/13 maxlen: 24
                          117.0.0.0/16 maxlen: 24
                          117.2.0.0/15 maxlen: 24
                          117.4.0.0/14 maxlen: 24
                          125.234.0.0/17 maxlen: 24
                          125.234.128.0/19 maxlen: 24
                          125.234.176.0/20 maxlen: 24
                          125.234.192.0/18 maxlen: 24
                          125.235.0.0/20 maxlen: 24
                          125.235.16.0/21 maxlen: 24
                          125.235.24.0/22 maxlen: 24
                          125.235.29.0/24 maxlen: 24
                          125.235.30.0/23 maxlen: 24
                          125.235.32.0/22 maxlen: 24
                          125.235.36.0/23 maxlen: 24
                          125.235.40.0/21 maxlen: 24
                          125.235.48.0/20 maxlen: 24
                          125.235.64.0/18 maxlen: 24
                          125.235.128.0/17 maxlen: 24
                          171.224.0.0/16 maxlen: 24
                          171.225.0.0/16 maxlen: 24
                          171.227.0.0/16 maxlen: 24
                          171.228.0.0/16 maxlen: 24
                          171.229.0.0/16 maxlen: 24
                          171.230.0.0/16 maxlen: 24
                          171.231.0.0/16 maxlen: 24
                          171.232.0.0/16 maxlen: 24
                          171.233.0.0/16 maxlen: 24
                          171.234.0.0/16 maxlen: 24
                          171.235.0.0/16 maxlen: 24
                          171.236.0.0/16 maxlen: 24
                          171.238.0.0/16 maxlen: 24
                          171.239.0.0/16 maxlen: 24
                          171.240.0.0/16 maxlen: 24
                          171.241.0.0/16 maxlen: 24
                          171.242.0.0/16 maxlen: 24
                          171.243.0.0/16 maxlen: 24
                          171.244.208.0/20 maxlen: 24
                          171.245.0.0/16 maxlen: 24
                          171.246.12.0/22 maxlen: 24
                          171.252.132.0/22 maxlen: 24
                          171.252.136.0/21 maxlen: 24
                          171.252.144.0/22 maxlen: 24
                          171.253.0.0/20 maxlen: 24
                          171.253.16.0/20 maxlen: 24
                          171.253.32.0/21 maxlen: 24
                          171.253.40.0/21 maxlen: 24
                          171.253.128.0/20 maxlen: 24
                          171.253.144.0/20 maxlen: 24
                          171.253.160.0/20 maxlen: 24
                          171.253.176.0/20 maxlen: 24
                          171.253.192.0/21 maxlen: 24
                          171.253.200.0/21 maxlen: 24
                          171.253.208.0/21 maxlen: 24
                          171.253.216.0/21 maxlen: 24
                          171.253.224.0/22 maxlen: 24
                          171.254.128.0/19 maxlen: 24
                          171.254.160.0/19 maxlen: 24
                          171.255.64.0/20 maxlen: 24
                          171.255.80.0/20 maxlen: 24
                          171.255.96.0/20 maxlen: 24
                          171.255.112.0/20 maxlen: 24
                          171.255.128.0/20 maxlen: 24
                          171.255.144.0/20 maxlen: 24
                          171.255.160.0/22 maxlen: 24
                          171.255.164.0/22 maxlen: 24
                          171.255.168.0/22 maxlen: 24
                          171.255.172.0/22 maxlen: 24
                          203.113.128.0/19 maxlen: 24
                          203.113.160.0/21 maxlen: 24
                          203.113.168.0/22 maxlen: 24
                          203.113.176.0/20 maxlen: 24
                          220.231.64.0/24 maxlen: 24
                          220.231.66.0/23 maxlen: 24
                          220.231.68.0/22 maxlen: 24
                          220.231.72.0/21 maxlen: 24
                          220.231.80.0/20 maxlen: 24
                          220.231.96.0/20 maxlen: 24
                          220.231.112.0/21 maxlen: 24
                          220.231.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15576 (0x3cd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: May 26 18:20:36 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=6470f874-e651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cf:b9:e1:f9:20:74:56:45:60:5a:fc:1c:4c:
                    e8:d0:59:1e:25:93:bf:35:b1:8d:23:44:9a:c5:3b:
                    99:c0:82:c2:14:01:de:1c:a5:e4:08:d9:b3:63:fd:
                    be:08:68:8b:aa:e9:60:93:b2:26:95:4e:84:42:f8:
                    47:07:4c:ce:3e:07:05:6d:64:2e:2d:36:4d:95:1e:
                    46:b3:b0:f0:1f:97:09:86:d4:43:2b:a7:ae:30:ac:
                    9c:b7:6b:fc:7e:40:42:d5:a1:57:88:70:6c:a2:1e:
                    50:14:a3:3e:23:f3:99:9d:6d:3c:8d:2b:ca:1e:27:
                    39:4f:49:3c:cf:29:1a:e1:ac:fd:9a:57:da:b2:41:
                    80:68:c6:66:99:10:11:ac:a4:b5:25:b0:83:ba:9d:
                    ea:ac:e1:58:9f:d8:23:2a:91:8d:9e:bd:40:c8:98:
                    08:96:3c:96:ca:f3:dc:a5:65:a6:d1:45:14:f0:a2:
                    82:41:a4:8e:0d:cb:b7:f2:76:25:78:00:13:a0:78:
                    90:af:af:51:92:3d:d5:67:b5:05:1b:25:7d:40:65:
                    c6:da:47:75:d2:54:78:16:a6:81:45:81:6e:7d:b8:
                    6e:34:b7:38:02:a0:e4:6d:10:9e:67:c1:44:49:c8:
                    a2:53:16:6c:72:5a:ec:89:d3:7b:86:0f:6a:b0:12:
                    23:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:C0:44:50:9C:4A:9B:74:CC:FA:D4:E7:68:D5:B9:AB:1E:43:D0:4D
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/0253CEEEFBF211EDBEAD0A26C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.64.0.0-27.70.255.255
                  27.72.0.0/13
                  115.72.0.0/13
                  117.0.0.0/16
                  117.2.0.0-117.7.255.255
                  125.234.0.0-125.234.159.255
                  125.234.176.0-125.235.27.255
                  125.235.29.0-125.235.37.255
                  125.235.40.0-125.235.255.255
                  171.224.0.0/15
                  171.227.0.0-171.236.255.255
                  171.238.0.0-171.243.255.255
                  171.244.208.0/20
                  171.245.0.0/16
                  171.246.12.0/22
                  171.252.132.0-171.252.147.255
                  171.253.0.0-171.253.47.255
                  171.253.128.0-171.253.227.255
                  171.254.128.0/18
                  171.255.64.0-171.255.175.255
                  203.113.128.0-203.113.171.255
                  203.113.176.0/20
                  220.231.64.0/24
                  220.231.66.0-220.231.123.255

    Signature Algorithm: sha256WithRSAEncryption
         59:21:bb:ef:b8:ef:9e:73:8e:08:95:72:42:8d:27:1f:df:1e:
         ac:27:6b:8d:8b:bb:f1:77:4a:d9:c8:ef:ab:21:9e:7a:ea:ae:
         e6:ea:d5:23:a0:4c:cc:d6:8c:b1:11:ea:8d:67:b6:07:74:6b:
         9b:a9:79:19:31:a0:e4:a5:bd:6f:ad:ca:94:d5:2b:8f:56:68:
         67:02:ee:8f:4e:54:0c:a2:98:72:06:1d:05:fd:3f:33:b3:cc:
         df:fb:f0:c3:f6:24:f4:88:36:eb:e0:8c:f8:be:54:61:bf:e9:
         07:c5:73:51:1f:63:43:d8:04:67:7c:5b:c3:91:64:be:15:b1:
         d4:13:21:2f:41:d3:e4:1f:3c:68:8b:1f:2c:0b:cd:4f:fd:05:
         d4:97:c9:21:c4:63:bd:59:15:6e:20:ac:fb:24:84:37:23:9e:
         a6:7c:20:0e:42:ba:7b:91:e3:f7:76:e4:80:9a:0c:21:e0:d5:
         12:ef:86:06:48:80:8d:01:52:37:44:83:67:61:ab:b8:90:6a:
         fd:8a:cf:91:d5:94:72:98:a5:7f:df:c8:38:ef:23:05:53:2b:
         ff:2b:9d:17:4e:be:48:72:16:29:90:54:03:fb:3d:f3:18:c1:
         5f:61:b9:47:f5:6e:e6:cb:fe:89:2f:1a:6e:44:9f:6b:7e:93:
         7e:30:87:24
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICPNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwNTI2MTgyMDM2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcwZjg3NC1lNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8+54fkgdFZFYFr8HEzo0FkeJZO/NbGNI0SaxTuZwILCFAHeHKXkCNmzY/2+
CGiLqulgk7ImlU6EQvhHB0zOPgcFbWQuLTZNlR5Gs7DwH5cJhtRDK6euMKyct2v8
fkBC1aFXiHBsoh5QFKM+I/OZnW08jSvKHic5T0k8zyka4az9mlfaskGAaMZmmRAR
rKS1JbCDup3qrOFYn9gjKpGNnr1AyJgIljyWyvPcpWWm0UUU8KKCQaSODcu38nYl
eAAToHiQr69Rkj3VZ7UFGyV9QGXG2kd10lR4FqaBRYFufbhuNLc4AqDkbRCeZ8FE
SciiUxZsclrsidN7hg9qsBIjRQIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFKjARFCc
Spt0zPrU52jVuaseQ9BNMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMDI1M0NFRUVG
QkYyMTFFREJFQUQwQTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggENBggrBgEFBQcBBwEB
/wSB/TCB+jCB9wQCAAEwgfAwCgMDBhtAAwMAG0YDAwMbSAMDA3NIAwMAdQAwCgMD
AXUCAwMDdQAwCwMDAX3qAwQFfeqAMAwDBAR96rADBAJ96xgwDAMEAH3rHQMEAX3r
JDALAwQDfesoAwMCfegDAwGr4DAKAwMAq+MDAwCr7DAKAwMBq+4DAwKr8AMEBKv0
0AMDAKv1AwQCq/YMMAwDBAKr/IQDBAKr/JAwCwMDAKv9AwQEq/0gMAwDBAer/YAD
BAKr/eADBAar/oAwDAMEBqv/QAMEBKv/oDAMAwQHy3GAAwQCy3GoAwQEy3GwAwQA
3OdAMAwDBAHc50IDBALc53gwDQYJKoZIhvcNAQELBQADggEBAFkhu++4755zjgiV
ckKNJx/fHqwna42Lu/F3StnI76shnnrqrubq1SOgTMzWjLER6o1ntgd0a5upeRkx
oOSlvW+typTVK49WaGcC7o9OVAyimHIGHQX9PzOzzN/78MP2JPSINuvgjPi+VGG/
6QfFc1EfY0PYBGd8W8ORZL4VsdQTIS9B0+QfPGiLHywLzU/9BdSXySHEY71ZFW4g
rPskhDcjnqZ8IA5CunuR4/d25ICaDCHg1RLvhgZIgI0BUjdEg2dhq7iQav2Kz5HV
lHKYpX/fyDjvIwVTK/8rnRdOvkhyFimQVAP7PfMYwV9huUf1bubL/okvGm5En2t+
k34whyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org