Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/D676014EC36511ED84D13C77C4F9AE02.roa
File:                     D676014EC36511ED84D13C77C4F9AE02.roa (raw, json)
Hash identifier:          aNpbLtLEDGIDtc935T29+FJXumSsne6oqz9a1IneYHU=
Subject key identifier:   F3:AA:7D:BB:B6:08:B3:4D:E4:CE:65:C1:49:D7:26:E3:42:75:63:5A
Certificate issuer:       /CN=A911B310/serialNumber=E31667960480CF07E3C22D790DE4E201EF7040DB
Certificate serial:       17
Authority key identifier: E3:16:67:96:04:80:CF:07:E3:C2:2D:79:0D:E4:E2:01:EF:70:40:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4xZnlgSAzwfjwi15DeTiAe9wQNs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/D676014EC36511ED84D13C77C4F9AE02.roa
Signing time:             Wed 15 Mar 2023 19:16:08 +0000
ROA not before:           Wed 15 Mar 2023 19:16:08 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     150178
IP address blocks:        103.84.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B310/serialNumber=E31667960480CF07E3C22D790DE4E201EF7040DB
        Validity
            Not Before: Mar 15 19:16:08 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=64121977-90eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3a:74:7c:5d:5c:0a:7d:99:72:2d:97:df:b6:
                    24:04:c4:28:4f:d4:15:d7:b2:e6:d1:d6:e5:80:14:
                    66:73:b6:e5:1a:d3:c9:f2:5c:f5:c6:12:fc:90:10:
                    46:e9:46:04:1b:89:d3:26:e8:fd:f5:81:dd:fa:26:
                    5a:3b:8d:bb:04:7c:e4:8f:bc:b0:9e:c1:72:eb:df:
                    54:77:35:c4:b4:3b:0b:56:2f:18:ec:f8:a5:d4:3a:
                    a3:22:8e:7e:02:96:30:96:ec:27:87:29:e5:c5:1a:
                    a3:7a:21:4d:e0:bb:b9:58:74:1d:f4:f1:c1:88:ae:
                    28:d9:c6:d3:7a:ea:54:e6:2a:96:a1:ce:49:69:d1:
                    4f:ae:32:1b:61:9c:e6:0c:52:4b:85:7c:82:56:16:
                    e4:9f:c6:18:a6:00:11:cd:77:03:55:e0:e0:79:e8:
                    c2:3b:d2:28:1d:1e:9e:f8:8e:89:ce:ea:41:92:9c:
                    8e:75:e6:42:db:b5:64:be:a9:13:1c:8c:59:0f:35:
                    21:b2:55:6d:7c:31:ae:59:4b:14:f2:12:70:71:f2:
                    49:3c:3a:41:37:10:eb:31:7a:c3:c1:d3:ba:c4:4b:
                    c9:11:97:d7:50:69:ba:f0:2a:f6:97:e3:ef:58:2c:
                    c7:d2:a0:ee:f1:aa:73:16:d5:be:ce:54:8b:b6:56:
                    a5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:AA:7D:BB:B6:08:B3:4D:E4:CE:65:C1:49:D7:26:E3:42:75:63:5A
            X509v3 Authority Key Identifier:
                keyid:E3:16:67:96:04:80:CF:07:E3:C2:2D:79:0D:E4:E2:01:EF:70:40:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/4xZnlgSAzwfjwi15DeTiAe9wQNs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4xZnlgSAzwfjwi15DeTiAe9wQNs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B310/3EBD17C2AD1011ED854A3E1DC4F9AE02/D676014EC36511ED84D13C77C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.84.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:78:72:96:a4:a4:70:ff:9e:d6:d1:e8:5c:4e:30:4c:4a:7e:
         96:8f:07:27:11:0a:68:ab:1f:c7:fa:0f:ce:b2:ea:ea:c2:5b:
         50:4b:be:51:5b:80:aa:26:00:ea:ef:35:81:7e:bf:cb:23:9a:
         98:58:be:5a:63:14:97:44:9c:77:22:ce:c8:b5:62:3d:0a:1f:
         f5:9a:3f:1e:d5:d4:a5:26:c9:a6:1f:ef:bd:bc:85:39:94:84:
         bb:3a:87:fa:e5:a0:76:7d:1a:0d:76:a7:19:6b:31:30:12:f6:
         8e:77:b5:16:ce:a3:82:dc:4c:37:3f:80:11:1b:fd:de:eb:0a:
         14:2c:52:61:95:b7:1b:78:20:93:ba:ea:d5:31:50:9b:26:12:
         47:17:c2:93:25:09:f5:2b:e1:56:d0:56:2f:c3:57:9d:92:3d:
         d3:0c:85:ec:46:db:00:cc:62:f3:63:cd:11:7c:9c:c3:a9:e1:
         15:fc:63:7a:8a:26:22:71:d4:ab:16:d9:de:34:37:b0:70:7d:
         89:f7:47:84:29:2f:cc:c9:cb:82:25:02:86:fc:5f:4d:9e:55:
         54:63:e2:b3:7e:5a:66:93:bd:73:23:53:71:d0:c9:b6:62:c6:
         6e:35:f6:df:a5:a7:a5:2f:df:9a:27:77:fe:81:2d:c9:ef:5c:
         ca:be:10:65
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QjMxMDExMC8GA1UEBRMoRTMxNjY3OTYwNDgwQ0YwN0UzQzIyRDc5MERFNEUyMDFF
RjcwNDBEQjAeFw0yMzAzMTUxOTE2MDhaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTIxOTc3LTkwZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrOnR8XVwKfZlyLZfftiQExChP1BXXsubR1uWAFGZztuUa08nyXPXGEvyQEEbp
RgQbidMm6P31gd36Jlo7jbsEfOSPvLCewXLr31R3NcS0OwtWLxjs+KXUOqMijn4C
ljCW7CeHKeXFGqN6IU3gu7lYdB308cGIrijZxtN66lTmKpahzklp0U+uMhthnOYM
UkuFfIJWFuSfxhimABHNdwNV4OB56MI70igdHp74jonO6kGSnI515kLbtWS+qRMc
jFkPNSGyVW18Ma5ZSxTyEnBx8kk8OkE3EOsxesPB07rES8kRl9dQabrwKvaX4+9Y
LMfSoO7xqnMW1b7OVIu2VqUvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU86p9u7YI
s03kzmXBSdcm40J1Y1owHwYDVR0jBBgwFoAU4xZnlgSAzwfjwi15DeTiAe9wQNsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFCMzEwLzNFQkQxN0MyQUQx
MDExRUQ4NTRBM0UxREM0RjlBRTAyLzR4Wm5sZ1NBendmandpMTVEZVRpQWU5d1FO
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNHhabmxnU0F6d2Zqd2kxNURlVGlBZTl3UU5zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QjMxMC8zRUJEMTdDMkFEMTAxMUVEODU0QTNFMURDNEY5QUUwMi9ENjc2MDE0RUMz
NjUxMUVEODREMTNDNzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdUOzANBgkqhkiG9w0BAQsFAAOCAQEAs3hylqSkcP+e1tHo
XE4wTEp+lo8HJxEKaKsfx/oPzrLq6sJbUEu+UVuAqiYA6u81gX6/yyOamFi+WmMU
l0ScdyLOyLViPQof9Zo/HtXUpSbJph/vvbyFOZSEuzqH+uWgdn0aDXanGWsxMBL2
jne1Fs6jgtxMNz+AERv93usKFCxSYZW3G3ggk7rq1TFQmyYSRxfCkyUJ9SvhVtBW
L8NXnZI90wyF7EbbAMxi82PNEXycw6nhFfxjeoomInHUqxbZ3jQ3sHB9ifdHhCkv
zMnLgiUChvxfTZ5VVGPis35aZpO9cyNTcdDJtmLGbjX236WnpS/fmid3/oEtye9c
yr4QZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org