Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7A36188C16C311ED91E80F56C4F9AE02.roa
File:                     7A36188C16C311ED91E80F56C4F9AE02.roa (raw, json)
Hash identifier:          AcH/zhhb9oX8sU6lYVNerWicVPD4iDx/mSC1JtjEzt0=
Subject key identifier:   F6:EE:D3:B4:A2:D8:69:23:26:55:59:3E:87:A7:1B:12:8F:64:18:AF
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       39A5
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7A36188C16C311ED91E80F56C4F9AE02.roa
Signing time:             Fri 26 Aug 2022 14:53:41 +0000
ROA not before:           Fri 26 Aug 2022 14:53:41 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     7643
IP address blocks:        103.171.92.0/24 maxlen: 24
                          103.171.93.0/24 maxlen: 24
                          123.30.70.0/23 maxlen: 24
                          123.30.72.0/23 maxlen: 24
                          123.30.94.0/23 maxlen: 24
                          123.30.104.0/23 maxlen: 24
                          123.30.108.0/23 maxlen: 24
                          123.30.127.0/24 maxlen: 24
                          123.30.128.0/23 maxlen: 24
                          123.30.132.0/22 maxlen: 24
                          123.30.136.0/22 maxlen: 24
                          123.30.140.0/24 maxlen: 24
                          123.30.142.0/23 maxlen: 24
                          123.30.160.0/23 maxlen: 24
                          123.30.163.0/24 maxlen: 24
                          123.30.164.0/23 maxlen: 24
                          123.30.230.0/24 maxlen: 24
                          123.30.244.0/24 maxlen: 24
                          123.30.250.0/24 maxlen: 24
                          123.30.253.0/24 maxlen: 24
                          203.162.2.0/24 maxlen: 24
                          203.162.36.0/23 maxlen: 23
                          203.162.36.0/24 maxlen: 24
                          203.162.37.0/24 maxlen: 24
                          203.162.49.0/24 maxlen: 24
                          203.162.51.0/24 maxlen: 24
                          203.162.53.0/24 maxlen: 24
                          203.162.55.0/24 maxlen: 24
                          203.162.56.0/24 maxlen: 24
                          203.162.59.0/24 maxlen: 24
                          203.162.68.0/23 maxlen: 23
                          203.162.68.0/24 maxlen: 24
                          203.162.69.0/24 maxlen: 24
                          203.162.76.0/23 maxlen: 24
                          203.162.78.0/23 maxlen: 24
                          203.162.80.0/23 maxlen: 24
                          203.162.96.0/24 maxlen: 24
                          203.162.100.0/24 maxlen: 24
                          203.162.101.0/24 maxlen: 24
                          203.162.102.0/23 maxlen: 24
                          203.162.153.0/24 maxlen: 24
                          203.162.155.0/24 maxlen: 24
                          203.162.163.0/24 maxlen: 24
                          222.255.64.0/24 maxlen: 24
                          222.255.102.0/23 maxlen: 24
                          222.255.121.0/24 maxlen: 24
                          222.255.122.0/24 maxlen: 24
                          222.255.210.0/24 maxlen: 24
                          222.255.211.0/24 maxlen: 24
                          222.255.234.0/23 maxlen: 24
                          222.255.237.0/24 maxlen: 24
                          222.255.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14757 (0x39a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Aug 26 14:53:41 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=6308de74-c62b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:15:04:de:fa:89:e9:ac:79:6c:d4:61:be:3a:
                    ba:49:73:4c:9f:95:20:58:d4:dc:63:79:eb:e2:f0:
                    30:43:85:42:26:cc:eb:3a:04:a5:37:bb:76:e1:06:
                    3a:5d:2d:74:2f:ec:7a:52:7e:16:bc:07:12:d0:b8:
                    09:ba:3e:70:a8:5b:46:97:80:cc:ca:d1:2d:c0:4c:
                    7d:05:2b:52:71:1d:ba:fa:41:bd:d5:27:3c:ac:ca:
                    0f:2c:c7:ff:ad:89:e3:4e:44:97:3b:0c:63:3d:9c:
                    44:64:29:e6:99:06:87:5f:0d:89:a6:c9:a8:7f:47:
                    b1:19:95:99:95:93:d9:aa:30:fb:0f:3c:60:e2:18:
                    4e:60:5f:4f:0e:1a:22:6b:f5:43:03:a5:86:54:30:
                    e3:d2:b3:6e:27:19:7a:0e:47:85:64:1a:17:d6:00:
                    f5:74:d7:19:d4:96:ff:cd:7c:fd:67:7d:a2:7e:8c:
                    2f:06:f3:80:e4:46:e3:23:a9:85:96:a7:42:1f:c8:
                    5e:85:c2:84:19:6e:c6:c2:45:2f:16:92:50:a9:aa:
                    d5:8d:1a:ea:8a:4e:be:cf:71:91:38:77:7f:d0:1f:
                    20:0b:58:8d:e3:d9:f5:10:92:3c:7d:d5:97:3d:07:
                    e1:a1:33:39:17:0d:cb:b4:9c:57:c2:71:05:d9:d3:
                    2c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:EE:D3:B4:A2:D8:69:23:26:55:59:3E:87:A7:1B:12:8F:64:18:AF
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7A36188C16C311ED91E80F56C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.171.92.0/23
                  123.30.70.0-123.30.73.255
                  123.30.94.0/23
                  123.30.104.0/23
                  123.30.108.0/23
                  123.30.127.0-123.30.129.255
                  123.30.132.0-123.30.140.255
                  123.30.142.0/23
                  123.30.160.0/23
                  123.30.163.0-123.30.165.255
                  123.30.230.0/24
                  123.30.244.0/24
                  123.30.250.0/24
                  123.30.253.0/24
                  203.162.2.0/24
                  203.162.36.0/23
                  203.162.49.0/24
                  203.162.51.0/24
                  203.162.53.0/24
                  203.162.55.0-203.162.56.255
                  203.162.59.0/24
                  203.162.68.0/23
                  203.162.76.0-203.162.81.255
                  203.162.96.0/24
                  203.162.100.0/22
                  203.162.153.0/24
                  203.162.155.0/24
                  203.162.163.0/24
                  222.255.64.0/24
                  222.255.102.0/23
                  222.255.121.0-222.255.122.255
                  222.255.210.0/23
                  222.255.234.0/23
                  222.255.237.0/24
                  222.255.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:2b:34:12:a4:d5:49:9a:97:68:a8:8a:95:80:92:05:cc:ea:
         aa:0d:65:50:64:c6:ef:6e:fe:78:16:9a:55:10:b2:28:45:2a:
         2b:f8:3a:d2:39:e3:cb:aa:f1:67:c2:c8:43:0b:72:8d:b7:64:
         df:b3:7d:24:5c:5c:aa:33:df:de:7c:0d:d8:70:8d:f0:f2:78:
         5c:6e:0e:00:14:fb:d8:84:1e:d9:ea:d4:5b:ab:35:68:39:e3:
         1d:0a:4f:8d:ca:c5:fa:5c:0e:73:51:95:5b:1c:66:62:d7:57:
         3b:db:8f:67:e2:18:5b:a2:4a:71:a8:96:a6:38:1b:fc:7e:5b:
         a6:fb:13:33:04:cd:7b:4d:34:db:af:45:0b:31:cd:53:21:7c:
         54:50:07:ab:61:b1:d4:43:bc:72:16:e6:19:a6:45:7e:18:2d:
         a2:2e:09:66:d4:76:ac:d1:9f:31:6e:97:f2:67:c3:eb:6b:01:
         21:3f:c5:67:06:c8:33:a1:ff:15:84:4a:c3:94:09:20:76:30:
         bb:3b:46:ec:51:79:14:1c:21:5c:6b:0d:87:b9:41:f3:a6:75:
         a3:da:35:c4:d3:f5:76:7d:ab:f2:33:aa:d1:07:35:49:75:cf:
         71:44:01:8c:3f:26:64:90:e0:23:c0:b6:ec:a7:b9:3c:4e:9c:
         40:8d:6a:7c
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgICOaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwODI2MTQ1MzQxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4ZGU3NC1jNjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2xUE3vqJ6ax5bNRhvjq6SXNMn5UgWNTcY3nr4vAwQ4VCJszrOgSlN7t24QY6
XS10L+x6Un4WvAcS0LgJuj5wqFtGl4DMytEtwEx9BStScR26+kG91Sc8rMoPLMf/
rYnjTkSXOwxjPZxEZCnmmQaHXw2Jpsmof0exGZWZlZPZqjD7Dzxg4hhOYF9PDhoi
a/VDA6WGVDDj0rNuJxl6DkeFZBoX1gD1dNcZ1Jb/zXz9Z32ifowvBvOA5EbjI6mF
lqdCH8hehcKEGW7GwkUvFpJQqarVjRrqik6+z3GROHd/0B8gC1iN49n1EJI8fdWX
PQfhoTM5Fw3LtJxXwnEF2dMsmwIDAQABo4IDozCCA58wHQYDVR0OBBYEFPbu07Si
2GkjJlVZPoenGxKPZBivMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvN0EzNjE4OEMx
NkMzMTFFRDkxRTgwRjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggErBggrBgEFBQcBBwEB
/wSCARowggEWMIIBEgQCAAEwggEKAwQBZ6tcMAwDBAF7HkYDBAF7HkgDBAF7Hl4D
BAF7HmgDBAF7HmwwDAMEAHsefwMEAXsegDAMAwQCex6EAwQAex6MAwQBex6OAwQB
ex6gMAwDBAB7HqMDBAF7HqQDBAB7HuYDBAB7HvQDBAB7HvoDBAB7Hv0DBADLogID
BAHLoiQDBADLojEDBADLojMDBADLojUwDAMEAMuiNwMEAMuiOAMEAMuiOwMEAcui
RDAMAwQCy6JMAwQBy6JQAwQAy6JgAwQCy6JkAwQAy6KZAwQAy6KbAwQAy6KjAwQA
3v9AAwQB3v9mMAwDBADe/3kDBADe/3oDBAHe/9IDBAHe/+oDBADe/+0DBADe/+8w
DQYJKoZIhvcNAQELBQADggEBAIQrNBKk1Umal2ioipWAkgXM6qoNZVBkxu9u/ngW
mlUQsihFKiv4OtI548uq8WfCyEMLco23ZN+zfSRcXKoz3958DdhwjfDyeFxuDgAU
+9iEHtnq1FurNWg54x0KT43KxfpcDnNRlVscZmLXVzvbj2fiGFuiSnGolqY4G/x+
W6b7EzMEzXtNNNuvRQsxzVMhfFRQB6thsdRDvHIW5hmmRX4YLaIuCWbUdqzRnzFu
l/Jnw+trASE/xWcGyDOh/xWESsOUCSB2MLs7RuxReRQcIVxrDYe5QfOmdaPaNcTT
9XZ9q/IzqtEHNUl1z3FEAYw/JmSQ4CPAtuynuTxOnECNanw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org