Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05526842A96A11ED8B8E3027C4F9AE02.roa
File:                     05526842A96A11ED8B8E3027C4F9AE02.roa (raw, json)
Hash identifier:          axUR7r34UfVTNw1zyiJ4XEerCgUmUFPhQv4p7mwusNo=
Subject key identifier:   04:F8:9F:4F:FB:BD:54:0A:91:77:6A:C9:EF:99:C8:C0:0B:FD:C7:20
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3BFC
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05526842A96A11ED8B8E3027C4F9AE02.roa
Signing time:             Fri 10 Feb 2023 18:00:36 +0000
ROA not before:           Fri 10 Feb 2023 18:00:36 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     7552
IP address blocks:        27.64.0.0/14 maxlen: 24
                          27.68.0.0/15 maxlen: 24
                          27.70.0.0/16 maxlen: 24
                          27.72.0.0/13 maxlen: 24
                          115.72.72.0/23 maxlen: 24
                          115.72.74.0/23 maxlen: 24
                          115.73.200.0/23 maxlen: 24
                          115.73.202.0/23 maxlen: 24
                          115.76.56.0/22 maxlen: 24
                          115.76.60.0/22 maxlen: 24
                          125.234.0.0/17 maxlen: 24
                          125.234.128.0/19 maxlen: 24
                          125.234.176.0/20 maxlen: 24
                          125.234.192.0/18 maxlen: 24
                          125.235.0.0/20 maxlen: 24
                          125.235.16.0/21 maxlen: 24
                          125.235.24.0/22 maxlen: 24
                          125.235.29.0/24 maxlen: 24
                          125.235.30.0/23 maxlen: 24
                          125.235.32.0/22 maxlen: 24
                          125.235.36.0/23 maxlen: 24
                          125.235.40.0/21 maxlen: 24
                          125.235.48.0/20 maxlen: 24
                          125.235.64.0/18 maxlen: 24
                          125.235.128.0/17 maxlen: 24
                          171.244.208.0/20 maxlen: 24
                          171.246.8.0/22 maxlen: 24
                          171.246.12.0/22 maxlen: 24
                          171.252.132.0/22 maxlen: 24
                          171.252.136.0/21 maxlen: 24
                          171.252.144.0/22 maxlen: 24
                          171.253.0.0/20 maxlen: 24
                          171.253.16.0/20 maxlen: 24
                          171.253.32.0/21 maxlen: 24
                          171.253.40.0/21 maxlen: 24
                          171.253.128.0/20 maxlen: 24
                          171.253.144.0/20 maxlen: 24
                          171.253.160.0/20 maxlen: 24
                          171.253.176.0/20 maxlen: 24
                          171.253.192.0/21 maxlen: 24
                          171.253.200.0/21 maxlen: 24
                          171.253.208.0/21 maxlen: 24
                          171.253.216.0/21 maxlen: 24
                          171.253.224.0/22 maxlen: 24
                          171.254.128.0/19 maxlen: 24
                          171.254.160.0/19 maxlen: 24
                          171.255.64.0/20 maxlen: 24
                          171.255.80.0/20 maxlen: 24
                          171.255.96.0/20 maxlen: 24
                          171.255.112.0/20 maxlen: 24
                          171.255.128.0/20 maxlen: 24
                          171.255.144.0/20 maxlen: 24
                          171.255.160.0/22 maxlen: 24
                          171.255.164.0/22 maxlen: 24
                          171.255.168.0/22 maxlen: 24
                          171.255.172.0/22 maxlen: 24
                          203.113.128.0/19 maxlen: 24
                          203.113.160.0/21 maxlen: 24
                          203.113.168.0/22 maxlen: 24
                          203.113.176.0/20 maxlen: 24
                          220.231.64.0/24 maxlen: 24
                          220.231.66.0/23 maxlen: 24
                          220.231.68.0/22 maxlen: 24
                          220.231.72.0/21 maxlen: 24
                          220.231.80.0/20 maxlen: 24
                          220.231.96.0/20 maxlen: 24
                          220.231.112.0/21 maxlen: 24
                          220.231.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15356 (0x3bfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Feb 10 18:00:36 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=63e68644-f54e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0c:9a:24:a4:c0:1a:86:55:62:c2:1c:11:d9:
                    5e:66:25:5a:96:c4:35:1c:c4:66:d5:3c:b8:38:a0:
                    28:7f:ac:62:3f:e3:b5:29:34:7a:5a:63:15:d4:de:
                    0d:49:a0:44:98:df:79:60:64:40:94:a4:9f:91:60:
                    6b:55:b5:a0:91:4b:eb:bc:45:0a:28:79:73:85:e6:
                    45:b0:07:a5:9b:38:c7:0d:80:fd:39:77:c5:24:77:
                    2c:39:34:25:ab:30:18:4b:aa:e9:f9:ee:92:57:61:
                    75:86:78:d9:a3:13:56:b3:4a:4b:42:0c:ca:b6:39:
                    81:e7:4f:e9:43:49:85:6a:f0:81:f2:36:40:b7:e2:
                    d2:26:4a:1a:28:0d:55:40:ad:0d:07:72:0c:b1:28:
                    c1:a2:1e:33:67:66:e5:5b:d9:ca:ce:e2:3e:42:26:
                    94:f2:26:70:c7:5d:2b:f4:21:31:e1:8a:dc:1f:33:
                    ac:00:bf:de:82:bd:4a:bd:c8:10:01:e9:09:bd:5d:
                    2d:58:56:7a:d6:14:16:6f:66:df:be:16:b2:02:d1:
                    2f:d0:50:5b:b2:03:0f:1b:35:a0:24:7d:7e:7b:a9:
                    cc:41:82:80:4c:5f:8c:0d:dc:3d:5e:39:b3:9a:ac:
                    73:c3:f7:cb:de:3f:2d:ee:d9:68:3b:85:4a:80:40:
                    35:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:F8:9F:4F:FB:BD:54:0A:91:77:6A:C9:EF:99:C8:C0:0B:FD:C7:20
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/05526842A96A11ED8B8E3027C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.64.0.0-27.70.255.255
                  27.72.0.0/13
                  115.72.72.0/22
                  115.73.200.0/22
                  115.76.56.0/21
                  125.234.0.0-125.234.159.255
                  125.234.176.0-125.235.27.255
                  125.235.29.0-125.235.37.255
                  125.235.40.0-125.235.255.255
                  171.244.208.0/20
                  171.246.8.0/21
                  171.252.132.0-171.252.147.255
                  171.253.0.0-171.253.47.255
                  171.253.128.0-171.253.227.255
                  171.254.128.0/18
                  171.255.64.0-171.255.175.255
                  203.113.128.0-203.113.171.255
                  203.113.176.0/20
                  220.231.64.0/24
                  220.231.66.0-220.231.123.255

    Signature Algorithm: sha256WithRSAEncryption
         17:f8:6a:e4:9a:ea:f1:e9:2f:f5:dd:57:0c:03:a7:ab:11:26:
         18:28:fb:4d:01:0c:23:ae:44:36:bc:0e:d8:a4:db:43:da:8c:
         ed:f5:3c:58:f4:74:a5:81:70:ba:ff:db:12:5a:3b:96:c5:b0:
         72:5d:9b:c6:8d:37:5d:8e:16:e5:29:5e:e1:ad:80:79:fb:b1:
         3e:20:eb:24:45:d1:c2:ca:16:54:f9:bb:7c:93:c4:08:9a:8f:
         84:f8:9e:4b:4f:9f:5a:65:d0:2b:b5:6f:84:0a:6b:51:39:8e:
         41:70:19:4e:0b:35:ff:42:09:8c:37:f1:28:2b:5f:81:5b:29:
         ea:9b:f1:c7:c5:e5:2f:b3:53:a9:d4:10:4f:f9:fc:fe:b0:58:
         fa:99:06:7a:83:fd:35:4c:55:c1:a4:8a:f6:30:7f:91:89:68:
         46:a7:5d:af:76:86:83:48:6e:47:e4:94:82:9b:8a:28:a0:74:
         71:95:3e:2d:6d:e9:cb:db:17:08:0e:67:3e:0d:e7:ac:67:4a:
         83:df:ea:79:60:f2:41:4d:79:2d:99:ad:b9:43:23:3f:21:4a:
         e0:2b:06:cb:22:aa:da:8d:75:23:20:89:5e:2e:ab:28:b2:63:
         81:f4:25:54:6b:6e:a3:aa:52:90:5c:82:f0:a5:11:63:c1:d6:
         3d:68:e6:48
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgICO/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwMjEwMTgwMDM2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U2ODY0NC1mNTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwwyaJKTAGoZVYsIcEdleZiValsQ1HMRm1Ty4OKAof6xiP+O1KTR6WmMV1N4N
SaBEmN95YGRAlKSfkWBrVbWgkUvrvEUKKHlzheZFsAelmzjHDYD9OXfFJHcsOTQl
qzAYS6rp+e6SV2F1hnjZoxNWs0pLQgzKtjmB50/pQ0mFavCB8jZAt+LSJkoaKA1V
QK0NB3IMsSjBoh4zZ2blW9nKzuI+QiaU8iZwx10r9CEx4YrcHzOsAL/egr1KvcgQ
AekJvV0tWFZ61hQWb2bfvhayAtEv0FBbsgMPGzWgJH1+e6nMQYKATF+MDdw9Xjmz
mqxzw/fL3j8t7tloO4VKgEA1NwIDAQABo4IDXjCCA1owHQYDVR0OBBYEFAT4n0/7
vVQKkXdqye+ZyMAL/ccgMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMDU1MjY4NDJB
OTZBMTFFRDhCOEUzMDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgecGCCsGAQUFBwEHAQH/
BIHXMIHUMIHRBAIAATCByjAKAwMGG0ADAwAbRgMDAxtIAwQCc0hIAwQCc0nIAwQD
c0w4MAsDAwF96gMEBX3qgDAMAwQEfeqwAwQCfesYMAwDBAB96x0DBAF96yQwCwME
A33rKAMDAn3oAwQEq/TQAwQDq/YIMAwDBAKr/IQDBAKr/JAwCwMDAKv9AwQEq/0g
MAwDBAer/YADBAKr/eADBAar/oAwDAMEBqv/QAMEBKv/oDAMAwQHy3GAAwQCy3Go
AwQEy3GwAwQA3OdAMAwDBAHc50IDBALc53gwDQYJKoZIhvcNAQELBQADggEBABf4
auSa6vHpL/XdVwwDp6sRJhgo+00BDCOuRDa8Dtik20PajO31PFj0dKWBcLr/2xJa
O5bFsHJdm8aNN12OFuUpXuGtgHn7sT4g6yRF0cLKFlT5u3yTxAiaj4T4nktPn1pl
0Cu1b4QKa1E5jkFwGU4LNf9CCYw38SgrX4FbKeqb8cfF5S+zU6nUEE/5/P6wWPqZ
BnqD/TVMVcGkivYwf5GJaEanXa92hoNIbkfklIKbiiigdHGVPi1t6cvbFwgOZz4N
56xnSoPf6nlg8kFNeS2ZrblDIz8hSuArBssiqtqNdSMgiV4uqyiyY4H0JVRrbqOq
UpBcgvClEWPB1j1o5kg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org