Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/60C1842002DD11EE86865A23C4F9AE02.roa
File:                     60C1842002DD11EE86865A23C4F9AE02.roa (raw, json)
Hash identifier:          yGGhyLoGNzKXx0Bww38t27iKoeo3UvLbmefG18VFPzQ=
Subject key identifier:   15:EE:82:AC:C8:21:E1:80:B7:61:07:E9:99:6E:56:AD:F6:FB:87:E3
Certificate issuer:       /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Certificate serial:       0480
Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/60C1842002DD11EE86865A23C4F9AE02.roa
Signing time:             Mon 06 Nov 2023 06:48:06 +0000
ROA not before:           Mon 06 Nov 2023 06:48:06 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     13150
IP address blocks:        103.203.220.0/24 maxlen: 24
                          103.203.221.0/24 maxlen: 24
                          103.203.222.0/24 maxlen: 24
                          103.203.223.0/24 maxlen: 24
                          123.253.152.0/24 maxlen: 24
                          123.253.153.0/24 maxlen: 24
                          123.253.154.0/24 maxlen: 24
                          123.253.155.0/24 maxlen: 24
                          150.195.208.0/24 maxlen: 24
                          150.195.209.0/24 maxlen: 24
                          150.195.210.0/24 maxlen: 24
                          150.195.211.0/24 maxlen: 24
                          150.195.214.0/24 maxlen: 24
                          150.195.217.0/24 maxlen: 24
                          150.195.218.0/24 maxlen: 24
                          150.195.219.0/24 maxlen: 24
                          150.195.220.0/24 maxlen: 24
                          150.195.221.0/24 maxlen: 24
                          150.195.222.0/24 maxlen: 24
                          150.195.223.0/24 maxlen: 24
                          202.75.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1152 (0x480)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
        Validity
            Not Before: Nov  6 06:48:06 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=65488c26-b52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3d:6b:d7:23:34:ef:68:30:5f:f8:26:23:8c:
                    51:c2:9c:04:7d:5c:b5:14:00:6a:c4:3c:51:3f:e7:
                    76:a1:06:a9:5a:e6:9b:00:ed:72:0f:99:3e:ee:4a:
                    e8:e2:45:cf:03:ee:2a:9d:52:90:0a:e3:ce:b9:83:
                    2b:ae:8b:48:25:3a:c2:df:54:40:3c:6c:c4:57:be:
                    da:ef:05:02:0e:4e:21:fe:d8:ea:3d:58:af:8b:2a:
                    6a:08:5f:01:a4:f7:cb:43:4b:9d:09:66:55:cf:08:
                    16:0a:d7:e9:14:54:12:fe:89:d9:59:8b:b7:20:81:
                    56:af:28:82:fc:18:9e:e8:8c:72:a9:9f:c7:51:5c:
                    d3:c9:6f:5b:79:24:1e:4f:5a:61:60:72:05:0c:61:
                    80:44:4b:f0:34:c8:71:30:89:4d:c0:25:c6:e8:d1:
                    ef:bb:f4:2f:4a:78:8e:30:2c:08:b1:73:f9:6e:e7:
                    0f:75:c1:92:c7:41:bf:6f:c4:ac:a1:6d:c5:5b:9e:
                    08:3f:c3:ba:53:f6:19:bd:6a:f6:a1:7d:10:90:83:
                    dd:66:db:03:9c:63:fe:65:35:2c:f2:75:7b:da:e2:
                    83:88:e8:8e:f4:5a:b8:1f:cf:26:1a:27:7b:0d:d0:
                    e2:63:31:85:9f:90:32:a3:17:94:46:aa:76:72:99:
                    11:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:EE:82:AC:C8:21:E1:80:B7:61:07:E9:99:6E:56:AD:F6:FB:87:E3
            X509v3 Authority Key Identifier:
                keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/60C1842002DD11EE86865A23C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.203.220.0/22
                  123.253.152.0/22
                  150.195.208.0/22
                  150.195.214.0/24
                  150.195.217.0-150.195.223.255
                  202.75.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:34:5d:ef:0a:00:71:71:1c:63:e4:b5:1b:f4:53:92:79:d3:
         f0:b1:15:ba:c2:19:01:ec:b1:c2:c6:b6:36:45:6d:d9:c4:3d:
         d5:f9:0e:fb:66:cc:1d:85:80:a8:cd:b1:c9:11:3e:5d:11:f3:
         06:12:ff:d9:28:d0:57:09:57:01:52:cd:4a:da:0f:a0:4a:57:
         6b:1d:ab:4d:f4:24:31:c3:f1:42:c1:5e:a9:3f:2d:38:ce:ec:
         88:b3:fb:cd:41:4b:3a:96:f9:fc:1a:6d:e7:ca:5f:fd:47:be:
         98:28:ef:8a:a9:f3:1c:45:47:79:7b:cc:64:45:65:bb:06:83:
         37:a8:57:39:24:d1:dc:79:ee:2f:70:e0:6b:b7:28:31:79:6a:
         64:d8:58:9f:3c:48:72:5e:31:65:99:21:03:2a:ad:54:80:ed:
         e3:56:e5:88:8a:19:28:45:fd:12:15:4d:2b:9e:fb:28:6b:6d:
         59:99:44:79:6d:08:42:88:ef:c2:79:48:a1:9a:25:5b:3d:82:
         63:dc:2f:f1:9f:a8:2a:bb:19:18:49:e7:81:0a:a9:e4:f5:e6:
         a5:ff:d5:a0:75:7e:1f:de:39:ef:ef:65:4f:3f:fe:92:24:c6:
         71:86:c5:50:9d:b8:96:95:a4:24:f4:70:7c:4b:12:85:eb:f1:
         75:3b:ae:02
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICBIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF
Qjk4RkY3MDEwHhcNMjMxMTA2MDY0ODA2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ4OGMyNi1iNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvT1r1yM072gwX/gmI4xRwpwEfVy1FABqxDxRP+d2oQapWuabAO1yD5k+7kro
4kXPA+4qnVKQCuPOuYMrrotIJTrC31RAPGzEV77a7wUCDk4h/tjqPViviypqCF8B
pPfLQ0udCWZVzwgWCtfpFFQS/onZWYu3IIFWryiC/Bie6IxyqZ/HUVzTyW9beSQe
T1phYHIFDGGAREvwNMhxMIlNwCXG6NHvu/QvSniOMCwIsXP5bucPdcGSx0G/b8Ss
oW3FW54IP8O6U/YZvWr2oX0QkIPdZtsDnGP+ZTUs8nV72uKDiOiO9Fq4H88mGid7
DdDiYzGFn5AyoxeURqp2cpkR9QIDAQABo4ICuzCCArcwHQYDVR0OBBYEFBXugqzI
IeGAt2EH6ZluVq32+4fjMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5
d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQjAyMDJEMzJEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvNjBDMTg0MjAw
MkREMTFFRTg2ODY1QTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBAJny9wDBAJ7/ZgDBAKWw9ADBACWw9YwDAMEAJbD2QMEBZbD
wAMEAMpL8jANBgkqhkiG9w0BAQsFAAOCAQEAnzRd7woAcXEcY+S1G/RTknnT8LEV
usIZAeyxwsa2NkVt2cQ91fkO+2bMHYWAqM2xyRE+XRHzBhL/2SjQVwlXAVLNStoP
oEpXax2rTfQkMcPxQsFeqT8tOM7siLP7zUFLOpb5/Bpt58pf/Ue+mCjviqnzHEVH
eXvMZEVluwaDN6hXOSTR3HnuL3Dga7coMXlqZNhYnzxIcl4xZZkhAyqtVIDt41bl
iIoZKEX9EhVNK577KGttWZlEeW0IQojvwnlIoZolWz2CY9wv8Z+oKrsZGEnngQqp
5PXmpf/VoHV+H9457+9lTz/+kiTGcYbFUJ24lpWkJPRwfEsShevxdTuuAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org