Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/5E62C27E416111EBB84E8650C4F9AE02.roa
File:                     5E62C27E416111EBB84E8650C4F9AE02.roa (raw, json)
Hash identifier:          G251PIWrMm3aZrJZ5cWiVrTQ/Vds8PoemMjatn9MN7U=
Subject key identifier:   42:2D:39:2C:15:26:F6:80:F0:46:22:1C:F0:A1:A2:FC:F9:E6:6D:80
Certificate issuer:       /CN=A91A654C/serialNumber=5EA11C8A3A29E06973C1F121611D5A5C2A1B069D
Certificate serial:       046E
Authority key identifier: 5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/5E62C27E416111EBB84E8650C4F9AE02.roa
Signing time:             Tue 05 Jul 2022 11:49:47 +0000
ROA not before:           Tue 05 Jul 2022 11:49:47 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     136969
IP address blocks:        103.12.196.0/22 maxlen: 22
                          103.12.196.0/24 maxlen: 24
                          103.12.197.0/24 maxlen: 24
                          103.12.198.0/24 maxlen: 24
                          103.12.199.0/24 maxlen: 24
                          103.73.100.0/22 maxlen: 22
                          103.73.100.0/24 maxlen: 24
                          103.73.101.0/24 maxlen: 24
                          103.73.102.0/24 maxlen: 24
                          103.73.103.0/24 maxlen: 24
                          2406:f480::/32 maxlen: 32
                          2406:f480::/64 maxlen: 64
                          2406:f480:0:1::/64 maxlen: 64
                          2406:f480:0:2::/64 maxlen: 64
                          2406:f480:0:3::/64 maxlen: 64
                          2406:f480:8000::/35 maxlen: 35
                          2406:f480:8000::/64 maxlen: 64
                          2406:f480:8000:40::/64 maxlen: 64
                          2406:f480:8000:41::/64 maxlen: 64
                          2406:f480:8000:42::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1134 (0x46e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A654C/serialNumber=5EA11C8A3A29E06973C1F121611D5A5C2A1B069D
        Validity
            Not Before: Jul  5 11:49:47 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=62c4255b-2719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:92:20:16:5f:a0:4c:c7:7b:be:49:d8:55:40:
                    d0:a8:4e:61:e9:2c:0c:52:53:ed:89:7c:c3:0a:e7:
                    91:e9:73:4c:03:c3:d9:66:37:37:a4:e6:78:1e:48:
                    da:3a:e4:fc:b9:e3:6c:c7:e3:79:23:de:99:74:d5:
                    48:63:fc:04:bd:00:4a:1d:d6:2f:5b:f0:86:21:19:
                    22:c6:d1:27:9d:32:11:49:de:f8:39:9b:19:f3:b6:
                    07:48:96:ee:fa:89:c9:7b:16:67:7e:05:ac:4d:a7:
                    ba:ff:37:8e:dd:7a:cc:b6:c9:8f:d6:bd:7a:47:7e:
                    1b:8e:d2:24:60:44:6d:49:68:63:19:6c:0b:c9:a3:
                    89:8d:3c:01:7e:e5:b1:d7:77:14:58:26:26:4c:49:
                    45:e2:b3:c1:33:2a:e0:75:7a:f4:5f:64:6f:ee:bb:
                    f1:5f:f4:06:30:87:97:95:e0:b6:fa:56:c3:16:74:
                    ab:82:85:d6:92:dc:7c:79:11:ce:26:b9:1a:a9:99:
                    83:4c:24:08:0d:44:36:54:50:4b:97:d1:bc:b6:11:
                    a2:99:4e:a0:b9:eb:bf:6d:ab:1a:8a:cb:dd:e4:22:
                    42:20:0d:77:02:46:cd:f7:79:7f:b2:7c:ff:79:cf:
                    c7:82:3f:ac:ea:62:88:c5:91:31:0e:4a:c2:cb:1c:
                    fc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:2D:39:2C:15:26:F6:80:F0:46:22:1C:F0:A1:A2:FC:F9:E6:6D:80
            X509v3 Authority Key Identifier:
                keyid:5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/5E62C27E416111EBB84E8650C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.12.196.0/22
                  103.73.100.0/22
                IPv6:
                  2406:f480::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:b6:b6:a4:c3:ac:fa:67:38:63:71:18:ad:e2:c2:fa:d6:e3:
         0e:be:ed:29:70:c6:e3:55:b3:e3:fb:ee:a5:7e:e5:a8:c4:b8:
         e4:5b:e6:56:28:41:70:c9:4b:a2:11:37:19:f6:8b:a2:c6:56:
         5e:87:0c:df:c1:2f:5c:82:96:5e:e7:ea:b7:57:be:0c:47:6b:
         7a:41:dd:76:2f:df:59:e7:b8:70:ef:20:40:74:a6:79:b1:17:
         3b:fa:95:85:72:02:af:ba:79:9d:5e:ca:21:ae:9c:2f:7a:36:
         2b:75:f7:1d:9c:dc:a0:ae:db:8c:c5:64:b2:f3:1f:4d:41:5b:
         eb:4a:c8:b3:e0:20:52:9f:ea:11:cd:61:63:79:f0:01:65:7f:
         a6:14:6e:66:89:2f:6c:b7:c3:53:2e:04:8c:ed:9e:a6:19:d2:
         49:ba:88:61:43:d4:93:8c:a5:fc:73:da:69:15:8f:47:4f:8d:
         c9:76:ae:c4:8a:7c:61:33:a8:c0:fc:c7:a4:55:1d:02:7f:ab:
         96:f8:11:68:50:e5:d8:8d:e6:f1:d4:88:5d:2a:37:10:2e:e1:
         44:8a:cd:ce:55:99:14:7c:8e:b0:01:93:d2:85:3a:aa:85:bb:
         df:34:4d:21:c9:0a:00:ce:4b:d7:8d:72:91:7b:d0:db:ce:a6:
         c5:e1:c7:25
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY1NEMxMTAvBgNVBAUTKDVFQTExQzhBM0EyOUUwNjk3M0MxRjEyMTYxMUQ1QTVD
MkExQjA2OUQwHhcNMjIwNzA1MTE0OTQ3WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM0MjU1Yi0yNzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+pIgFl+gTMd7vknYVUDQqE5h6SwMUlPtiXzDCueR6XNMA8PZZjc3pOZ4Hkja
OuT8ueNsx+N5I96ZdNVIY/wEvQBKHdYvW/CGIRkixtEnnTIRSd74OZsZ87YHSJbu
+onJexZnfgWsTae6/zeO3XrMtsmP1r16R34bjtIkYERtSWhjGWwLyaOJjTwBfuWx
13cUWCYmTElF4rPBMyrgdXr0X2Rv7rvxX/QGMIeXleC2+lbDFnSrgoXWktx8eRHO
JrkaqZmDTCQIDUQ2VFBLl9G8thGimU6gueu/basaisvd5CJCIA13AkbN93l/snz/
ec/Hgj+s6mKIxZExDkrCyxz8EQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEItOSwV
JvaA8EYiHPChovz55m2AMB8GA1UdIwQYMBaAFF6hHIo6KeBpc8HxIWEdWlwqGwad
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjU0Qy81MUE5RUFDQzQx
NjAxMUVCOTA4NzQ0NTBDNEY5QUUwMi9YcUVjaWpvcDRHbHp3ZkVoWVIxYVhDb2JC
cDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hxRWNpam9wNEdsendmRWhZUjFhWENvYkJwMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY1NEMvNTFBOUVBQ0M0MTYwMTFFQjkwODc0NDUwQzRGOUFFMDIvNUU2MkMyN0U0
MTYxMTFFQkI4NEU4NjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnDMQDBAJnSWQwDQQCAAIwBwMFACQG9IAwDQYJKoZIhvcN
AQELBQADggEBAAi2tqTDrPpnOGNxGK3iwvrW4w6+7SlwxuNVs+P77qV+5ajEuORb
5lYoQXDJS6IRNxn2i6LGVl6HDN/BL1yCll7n6rdXvgxHa3pB3XYv31nnuHDvIEB0
pnmxFzv6lYVyAq+6eZ1eyiGunC96Nit19x2c3KCu24zFZLLzH01BW+tKyLPgIFKf
6hHNYWN58AFlf6YUbmaJL2y3w1MuBIztnqYZ0km6iGFD1JOMpfxz2mkVj0dPjcl2
rsSKfGEzqMD8x6RVHQJ/q5b4EWhQ5diN5vHUiF0qNxAu4USKzc5VmRR8jrABk9KF
OqqFu980TSHJCgDOS9eNcpF70NvOpsXhxyU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org