Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/C45D63D4B82211ECB1CAE454C4F9AE02.roa
File:                     C45D63D4B82211ECB1CAE454C4F9AE02.roa (raw, json)
Hash identifier:          /dEB4NTRGod48ryFU5E+CgoOq5BL3nxzqe2iwROzYdU=
Subject key identifier:   43:59:42:D3:89:79:C9:78:9D:34:09:DD:36:2A:E1:B8:F9:0B:7C:5F
Certificate issuer:       /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial:       0141
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/C45D63D4B82211ECB1CAE454C4F9AE02.roa
Signing time:             Sat 23 Apr 2022 06:32:59 +0000
ROA not before:           Sat 23 Apr 2022 06:32:59 +0000
ROA not after:            Sat 28 May 2022 00:00:00 +0000
asID:                     55410
IP address blocks:        42.104.64.0/21 maxlen: 24
                          42.104.72.0/21 maxlen: 24
                          42.104.80.0/21 maxlen: 24
                          42.104.96.0/21 maxlen: 24
                          42.104.104.0/21 maxlen: 24
                          42.104.120.0/21 maxlen: 24
                          118.185.200.0/21 maxlen: 24
                          118.185.208.0/21 maxlen: 24
                          122.15.0.0/21 maxlen: 24
                          122.15.8.0/21 maxlen: 24
                          122.15.16.0/21 maxlen: 24
                          122.15.24.0/21 maxlen: 24
                          122.15.32.0/21 maxlen: 24
                          122.15.40.0/21 maxlen: 24
                          122.15.48.0/21 maxlen: 24
                          122.15.56.0/21 maxlen: 24
                          122.15.64.0/21 maxlen: 24
                          122.15.72.0/21 maxlen: 24
                          122.15.80.0/21 maxlen: 24
                          122.15.96.0/21 maxlen: 24
                          122.15.104.0/21 maxlen: 24
                          122.15.112.0/21 maxlen: 24
                          122.15.120.0/21 maxlen: 24
                          122.15.128.0/21 maxlen: 24
                          122.15.136.0/21 maxlen: 24
                          122.15.144.0/21 maxlen: 24
                          122.15.152.0/21 maxlen: 24
                          122.15.160.0/21 maxlen: 24
                          122.15.168.0/21 maxlen: 24
                          122.15.176.0/21 maxlen: 24
                          122.15.184.0/21 maxlen: 24
                          122.15.192.0/21 maxlen: 24
                          122.15.200.0/21 maxlen: 24
                          122.15.208.0/21 maxlen: 24
                          122.15.224.0/21 maxlen: 24
                          122.15.232.0/21 maxlen: 24
                          122.15.248.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 321 (0x141)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
        Validity
            Not Before: Apr 23 06:32:59 2022 GMT
            Not After : May 28 00:00:00 2022 GMT
        Subject: CN=62639d9b-f324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:68:ab:b9:9f:5f:2f:d9:de:68:a5:2d:98:1c:
                    79:ed:1b:22:36:10:21:08:0b:39:74:62:92:c6:0c:
                    95:be:b6:5c:60:c9:32:f1:a1:fe:0f:4f:22:3f:ab:
                    0e:ea:20:58:8b:b1:88:2c:cb:26:96:83:68:08:a8:
                    97:6b:b9:9c:f6:49:d1:e3:c3:9b:14:ea:25:23:59:
                    26:52:3b:d9:da:69:e5:4e:52:56:61:46:41:1d:50:
                    ba:4b:c2:49:2e:21:1a:fe:dd:c8:3a:be:1b:1f:f8:
                    ea:bf:fa:80:67:bf:82:bc:51:bf:23:45:1d:3d:bd:
                    0c:5f:ce:5b:3f:27:86:0c:82:44:b6:28:06:d3:24:
                    f9:e5:ff:c3:c1:de:d7:99:77:cb:62:b6:4d:5d:d4:
                    fb:ab:7d:96:cd:1c:31:46:d9:d5:8d:18:7b:05:f6:
                    2a:a1:32:b3:47:cc:c2:11:33:4c:19:22:82:82:5f:
                    e2:5e:6b:64:c7:a8:7e:c3:66:85:1c:67:1f:68:1e:
                    ae:4c:d9:3c:88:8b:12:9e:61:84:22:cd:9e:07:36:
                    af:eb:60:7c:4e:a3:61:5b:4f:f7:15:ac:2e:f1:19:
                    09:07:c6:59:22:81:f0:0b:99:30:69:21:69:e5:b3:
                    35:ab:bf:10:27:65:26:c5:96:59:01:f6:8e:e6:c0:
                    f8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:59:42:D3:89:79:C9:78:9D:34:09:DD:36:2A:E1:B8:F9:0B:7C:5F
            X509v3 Authority Key Identifier:
                keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/C45D63D4B82211ECB1CAE454C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  42.104.64.0-42.104.87.255
                  42.104.96.0/20
                  42.104.120.0/21
                  118.185.200.0-118.185.215.255
                  122.15.0.0-122.15.87.255
                  122.15.96.0-122.15.215.255
                  122.15.224.0/20
                  122.15.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         66:65:2b:05:c0:0c:50:fe:eb:43:4f:b2:67:a8:9e:c6:d1:be:
         39:c7:de:ba:dd:c1:8b:7e:dc:82:ee:85:9f:cf:84:c6:f2:e4:
         0a:d2:5e:f6:97:25:8e:cc:85:b0:77:6e:91:df:b4:5a:33:29:
         68:58:02:b4:b0:08:cf:b6:6a:3d:2e:05:8d:56:a2:77:a0:d3:
         d1:ea:91:f3:73:91:4f:57:a2:e5:93:82:d7:df:88:6f:ad:08:
         d7:ae:8a:dd:10:a4:7b:29:56:68:0b:01:e3:79:ba:ad:95:9c:
         ae:97:65:0e:06:a1:69:e7:cf:d9:1f:6b:11:b9:c4:a3:98:66:
         c2:72:10:ba:aa:7e:44:24:11:09:98:38:d3:e3:77:27:ff:ea:
         d0:1e:bd:57:f8:3a:0a:83:aa:a1:8d:e6:b9:1d:6f:60:93:01:
         bc:8b:7f:7a:c9:18:0b:a2:67:17:59:6c:9b:25:be:3d:52:f0:
         a1:ea:51:bd:11:2f:d2:5d:83:7b:ee:7c:06:de:47:c9:9f:a8:
         cd:eb:63:ac:0f:f8:75:c7:4e:2c:64:7b:c8:91:68:ce:c0:3c:
         d5:ea:be:a2:c5:be:b2:35:b3:e3:ae:d5:c8:62:ae:9a:9b:e0:
         8a:03:c8:00:8a:43:70:18:c5:93:a6:2b:49:7a:f8:14:93:bf:
         8f:0c:a9:9f
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjIwNDIzMDYzMjU5WhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjYzOWQ5Yi1mMzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWiruZ9fL9neaKUtmBx57RsiNhAhCAs5dGKSxgyVvrZcYMky8aH+D08iP6sO
6iBYi7GILMsmloNoCKiXa7mc9knR48ObFOolI1kmUjvZ2mnlTlJWYUZBHVC6S8JJ
LiEa/t3IOr4bH/jqv/qAZ7+CvFG/I0UdPb0MX85bPyeGDIJEtigG0yT55f/Dwd7X
mXfLYrZNXdT7q32WzRwxRtnVjRh7BfYqoTKzR8zCETNMGSKCgl/iXmtkx6h+w2aF
HGcfaB6uTNk8iIsSnmGEIs2eBzav62B8TqNhW0/3Fawu8RkJB8ZZIoHwC5kwaSFp
5bM1q78QJ2UmxZZZAfaO5sD4xQIDAQABo4IC3jCCAtowHQYDVR0OBBYEFENZQtOJ
ecl4nTQJ3TYq4bj5C3xfMB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvQzQ1RDYzRDRC
ODIyMTFFQ0IxQ0FFNDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaAYIKwYBBQUHAQcBAf8E
WTBXMFUEAgABME8wDAMEBipoQAMEAypoUAMEBCpoYAMEAypoeDAMAwQDdrnIAwQD
drnQMAsDAwB6DwMEA3oPUDAMAwQFeg9gAwQDeg/QAwQEeg/gAwQDeg/4MA0GCSqG
SIb3DQEBCwUAA4IBAQBmZSsFwAxQ/utDT7JnqJ7G0b45x9663cGLftyC7oWfz4TG
8uQK0l72lyWOzIWwd26R37RaMyloWAK0sAjPtmo9LgWNVqJ3oNPR6pHzc5FPV6Ll
k4LX34hvrQjXrordEKR7KVZoCwHjebqtlZyul2UOBqFp58/ZH2sRucSjmGbCchC6
qn5EJBEJmDjT43cn/+rQHr1X+DoKg6qhjea5HW9gkwG8i396yRgLomcXWWybJb49
UvCh6lG9ES/SXYN77nwG3kfJn6jN62OsD/h1x04sZHvIkWjOwDzV6r6ixb6yNbPj
rtXIYq6am+CKA8gAikNwGMWTpitJevgUk7+PDKmf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org