Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D365A0345F9411EDA8B4CE5CC4F9AE02.roa
File:                     D365A0345F9411EDA8B4CE5CC4F9AE02.roa (raw, json)
Hash identifier:          rYgOfvsRf3QRwUxsePDu3yeMaSOx5PlrnwmXLs/W2uo=
Subject key identifier:   D4:2F:A7:32:6C:CC:81:72:77:89:EA:C2:AB:99:D4:FB:12:1F:8E:27
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3B09
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D365A0345F9411EDA8B4CE5CC4F9AE02.roa
Signing time:             Tue 08 Nov 2022 18:40:33 +0000
ROA not before:           Tue 08 Nov 2022 18:40:33 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     18403
IP address blocks:        1.52.0.0/14 maxlen: 24
                          42.112.0.0/13 maxlen: 24
                          43.239.148.0/22 maxlen: 24
                          58.186.0.0/15 maxlen: 24
                          103.35.64.0/22 maxlen: 24
                          103.39.92.0/22 maxlen: 24
                          103.143.206.0/23 maxlen: 24
                          103.156.10.0/23 maxlen: 24
                          103.156.12.0/23 maxlen: 24
                          103.156.30.0/23 maxlen: 24
                          103.156.32.0/23 maxlen: 24
                          103.156.34.0/23 maxlen: 24
                          103.159.54.0/24 maxlen: 24
                          103.159.55.0/24 maxlen: 24
                          103.171.92.0/23 maxlen: 23
                          103.171.92.0/24 maxlen: 24
                          103.171.93.0/24 maxlen: 24
                          113.22.0.0/16 maxlen: 24
                          113.23.0.0/17 maxlen: 24
                          118.68.0.0/14 maxlen: 24
                          144.48.20.0/22 maxlen: 24
                          183.80.0.0/16 maxlen: 24
                          183.81.0.0/17 maxlen: 24
                          203.191.8.0/21 maxlen: 24
                          210.245.0.0/17 maxlen: 24
                          2405:4800::/30 maxlen: 31
                          2405:4800::/32 maxlen: 48
                          2405:4801::/32 maxlen: 48
                          2405:4802::/32 maxlen: 48
                          2405:4803::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15113 (0x3b09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Nov  8 18:40:33 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=636aa2a0-348e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3f:4c:3a:b1:fa:8f:4e:cc:d4:1f:cb:9c:6c:
                    36:46:3a:2c:6d:a1:bd:87:14:9e:79:f7:78:ef:32:
                    f1:a4:f1:04:1c:b0:2b:6d:6a:49:58:d9:9d:18:4d:
                    a9:08:ea:9e:4f:16:f4:1e:cb:42:12:a5:11:80:aa:
                    a6:48:1d:b7:66:ac:a3:a1:52:d5:21:6b:c4:e4:92:
                    01:ec:a0:7e:a1:cc:ae:f2:9d:8d:a5:77:0d:d7:84:
                    01:70:5e:d9:d4:eb:9e:ff:a0:b1:cb:c4:7b:b5:38:
                    17:56:04:c7:fc:83:92:91:6e:24:3b:c8:04:0b:13:
                    8a:12:bc:c5:9c:36:69:35:b2:7e:f7:07:96:19:67:
                    00:d7:0a:79:da:43:ba:64:35:75:39:40:0b:f6:15:
                    1d:a3:90:aa:6c:40:03:c5:16:14:01:78:0c:ca:7a:
                    68:12:85:18:69:33:2b:b2:f8:49:86:bd:80:67:5e:
                    f8:0c:4a:05:b5:93:8c:76:0c:24:aa:5a:79:a2:92:
                    32:f8:3a:32:92:aa:f9:a1:b5:59:b0:2c:ab:dc:f7:
                    d9:fd:77:d6:9f:5f:65:b9:a0:a2:62:ad:07:df:bf:
                    7b:00:af:7e:74:2c:76:46:12:c4:9b:78:e3:82:26:
                    05:f2:b7:45:c4:85:57:d8:c7:4d:8c:1a:ec:41:15:
                    f6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:2F:A7:32:6C:CC:81:72:77:89:EA:C2:AB:99:D4:FB:12:1F:8E:27
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D365A0345F9411EDA8B4CE5CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.52.0.0/14
                  42.112.0.0/13
                  43.239.148.0/22
                  58.186.0.0/15
                  103.35.64.0/22
                  103.39.92.0/22
                  103.143.206.0/23
                  103.156.10.0-103.156.13.255
                  103.156.30.0-103.156.35.255
                  103.159.54.0/23
                  103.171.92.0/23
                  113.22.0.0-113.23.127.255
                  118.68.0.0/14
                  144.48.20.0/22
                  183.80.0.0-183.81.127.255
                  203.191.8.0/21
                  210.245.0.0/17
                IPv6:
                  2405:4800::/30

    Signature Algorithm: sha256WithRSAEncryption
         52:79:1c:4b:45:2b:8a:75:3f:43:9d:4b:84:d4:67:e5:29:1d:
         80:d4:54:09:06:b1:fd:98:db:99:35:78:fb:41:91:ce:15:2c:
         e3:8f:22:04:17:01:ad:bc:b5:57:04:ad:84:8d:99:16:97:cb:
         01:70:59:c4:de:df:4d:78:88:78:8b:bf:22:ab:f0:d0:54:2a:
         4d:c1:bf:b9:cf:4c:9c:71:16:fe:ff:83:02:ae:00:75:d2:c0:
         4b:9a:ad:64:8f:65:86:68:bf:de:52:63:9e:1a:aa:49:83:fe:
         cf:d9:18:74:4c:16:b2:d0:2c:df:33:92:e4:0f:2d:26:80:78:
         93:98:0d:38:db:43:04:f3:ee:6a:1b:7e:69:40:8d:10:a0:c6:
         7c:a7:37:45:8d:53:58:79:c2:b7:f3:4b:e3:51:e7:9e:1b:cb:
         4d:35:0e:4f:ee:23:a4:d8:47:ad:3f:a5:f1:8c:1d:1d:e4:78:
         a6:c6:bb:10:c9:04:2a:de:e0:a2:0e:0d:08:a3:79:07:97:3c:
         31:0a:31:d4:a8:16:63:9b:26:71:2c:d4:fa:4c:92:ed:a2:59:
         71:9b:ca:9d:7c:24:84:46:f2:9b:81:40:8e:05:36:82:00:68:
         c3:d7:31:4e:7d:83:81:5b:d5:c0:41:07:20:8c:a2:41:9a:e6:
         71:f0:a6:21
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgICOwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIxMTA4MTg0MDMzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhYTJhMC0zNDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoT9MOrH6j07M1B/LnGw2RjosbaG9hxSeefd47zLxpPEEHLArbWpJWNmdGE2p
COqeTxb0HstCEqURgKqmSB23ZqyjoVLVIWvE5JIB7KB+ocyu8p2NpXcN14QBcF7Z
1Oue/6Cxy8R7tTgXVgTH/IOSkW4kO8gECxOKErzFnDZpNbJ+9weWGWcA1wp52kO6
ZDV1OUAL9hUdo5CqbEADxRYUAXgMynpoEoUYaTMrsvhJhr2AZ174DEoFtZOMdgwk
qlp5opIy+Doykqr5obVZsCyr3PfZ/XfWn19luaCiYq0H3797AK9+dCx2RhLEm3jj
giYF8rdFxIVX2MdNjBrsQRX2bwIDAQABo4IDIzCCAx8wHQYDVR0OBBYEFNQvpzJs
zIFyd4nqwquZ1PsSH44nMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDM2NUEwMzQ1
Rjk0MTFFREE4QjRDRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgawGCCsGAQUFBwEHAQH/
BIGcMIGZMIGHBAIAATCBgAMDAgE0AwMDKnADBAIr75QDAwE6ugMEAmcjQAMEAmcn
XAMEAWePzjAMAwQBZ5wKAwQBZ5wMMAwDBAFnnB4DBAJnnCADBAFnnzYDBAFnq1ww
CwMDAXEWAwQHcRcAAwMCdkQDBAKQMBQwCwMDBLdQAwQHt1EAAwQDy78IAwQH0vUA
MA0EAgACMAcDBQIkBUgAMA0GCSqGSIb3DQEBCwUAA4IBAQBSeRxLRSuKdT9DnUuE
1GflKR2A1FQJBrH9mNuZNXj7QZHOFSzjjyIEFwGtvLVXBK2EjZkWl8sBcFnE3t9N
eIh4i78iq/DQVCpNwb+5z0yccRb+/4MCrgB10sBLmq1kj2WGaL/eUmOeGqpJg/7P
2Rh0TBay0CzfM5LkDy0mgHiTmA0420ME8+5qG35pQI0QoMZ8pzdFjVNYecK380vj
UeeeG8tNNQ5P7iOk2EetP6XxjB0d5HimxrsQyQQq3uCiDg0Io3kHlzwxCjHUqBZj
myZxLNT6TJLtollxm8qdfCSERvKbgUCOBTaCAGjD1zFOfYOBW9XAQQcgjKJBmuZx
8KYh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org