Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911E369/0E2FB3C888D811ED9B85E548C4F9AE02/241C7C6C88DC11ED9998B643C4F9AE02.roa
File:                     241C7C6C88DC11ED9998B643C4F9AE02.roa (raw, json)
Hash identifier:          yJUev9FC00JkMFPahxjv8KZ9e93QRCJcBbQs9GWWgFM=
Subject key identifier:   23:67:C0:AA:2B:A1:01:FE:A3:23:50:36:C4:40:43:A8:BF:41:84:03
Certificate issuer:       /CN=A911E369/serialNumber=FE1391C0B226C8CEBFA4A2AD6696AE4B82BF7E27
Certificate serial:       02
Authority key identifier: FE:13:91:C0:B2:26:C8:CE:BF:A4:A2:AD:66:96:AE:4B:82:BF:7E:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_hORwLImyM6_pKKtZpauS4K_fic.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911E369/0E2FB3C888D811ED9B85E548C4F9AE02/241C7C6C88DC11ED9998B643C4F9AE02.roa
Signing time:             Sat 31 Dec 2022 07:24:20 +0000
ROA not before:           Sat 31 Dec 2022 07:24:20 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     150695
IP address blocks:        103.60.6.0/24 maxlen: 24
                          103.60.7.0/24 maxlen: 24
                          2001:df1:bbc0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911E369/serialNumber=FE1391C0B226C8CEBFA4A2AD6696AE4B82BF7E27
        Validity
            Not Before: Dec 31 07:24:20 2022 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63afe3a4-45f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:26:31:94:1d:bb:14:b9:9d:69:74:01:27:f9:
                    c8:00:8a:6c:78:25:20:2c:08:24:73:b8:bb:d3:33:
                    91:fc:68:26:42:4b:b9:8a:42:2c:f8:21:71:70:c0:
                    0c:ae:f9:ce:7d:f2:84:e0:be:01:d0:87:b6:6f:18:
                    45:bd:9a:d3:cf:f4:2e:46:60:00:5d:79:ec:9e:0a:
                    12:03:05:36:0d:fe:76:5a:ed:d4:d4:ca:81:d6:9c:
                    a5:9c:9f:7b:69:69:22:77:ef:9e:3a:50:79:f7:cf:
                    aa:fe:9f:f0:c2:75:58:47:5f:2a:23:4b:ec:3c:f7:
                    14:13:66:e3:bd:28:22:93:d5:26:c8:88:db:d2:d1:
                    e9:88:3d:be:c5:a4:9b:e3:0e:02:cd:76:9e:29:a3:
                    1d:39:80:0a:3e:75:11:dd:61:e0:db:21:ca:5a:f5:
                    7d:2a:05:01:75:ea:25:d8:c8:fa:0c:23:c0:80:34:
                    07:15:03:b2:67:9d:6d:d9:e6:e3:ad:51:0c:0a:0a:
                    84:74:96:19:27:d2:12:09:e1:d6:0f:58:4c:4f:14:
                    03:fb:05:49:4a:fc:fe:80:5c:7e:37:91:0a:c0:b4:
                    5a:56:ec:d9:9d:6d:c9:2a:11:0e:e0:f9:3e:d1:57:
                    21:42:23:8a:25:4c:b6:32:17:dc:28:a9:c3:91:8b:
                    04:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:67:C0:AA:2B:A1:01:FE:A3:23:50:36:C4:40:43:A8:BF:41:84:03
            X509v3 Authority Key Identifier:
                keyid:FE:13:91:C0:B2:26:C8:CE:BF:A4:A2:AD:66:96:AE:4B:82:BF:7E:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911E369/0E2FB3C888D811ED9B85E548C4F9AE02/_hORwLImyM6_pKKtZpauS4K_fic.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_hORwLImyM6_pKKtZpauS4K_fic.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E369/0E2FB3C888D811ED9B85E548C4F9AE02/241C7C6C88DC11ED9998B643C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.60.6.0/23
                IPv6:
                  2001:df1:bbc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:8b:52:14:54:e5:55:28:84:c0:96:8c:1a:9c:21:09:70:15:
         3e:b9:ed:08:69:9e:55:14:e8:08:8b:66:0e:4b:b9:06:03:ad:
         24:a6:ad:1f:a6:21:9d:0e:a0:9a:66:bb:c9:f4:eb:6b:9d:0b:
         99:c2:85:87:f3:6e:6f:ea:2d:08:06:ae:5a:3a:8e:85:d6:41:
         6a:45:ca:49:ed:ec:9e:15:46:c0:6c:bc:d8:03:6a:15:52:ea:
         fc:ec:11:33:38:22:09:6a:9f:ca:2d:3c:54:e9:10:1c:3c:db:
         3a:ca:4d:00:6c:67:3a:03:3c:c9:66:64:2a:ad:6d:7b:37:83:
         0c:7d:24:47:32:27:10:76:58:e1:ce:1c:a5:f8:1a:81:ab:42:
         79:53:13:ba:6a:87:95:b3:9c:fa:59:75:46:fc:c9:a2:af:6c:
         02:51:44:3d:bb:b7:f4:af:08:6a:62:41:7a:6c:4c:c3:4b:93:
         4a:fa:ca:4b:3a:d9:56:06:29:81:f4:a4:46:cd:6f:e6:83:40:
         ac:61:8c:ca:10:8d:25:97:8c:08:ba:52:f1:d2:9d:3e:1c:95:
         7a:16:eb:d8:67:45:92:f2:da:98:a6:14:92:10:45:b0:37:34:
         99:8e:93:c4:f8:e8:4c:c2:fc:3f:8d:34:85:c0:fc:83:dc:6e:
         c4:1b:5b:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RTM2OTExMC8GA1UEBRMoRkUxMzkxQzBCMjI2QzhDRUJGQTRBMkFENjY5NkFFNEI4
MkJGN0UyNzAeFw0yMjEyMzEwNzI0MjBaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWZlM2E0LTQ1ZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8JjGUHbsUuZ1pdAEn+cgAimx4JSAsCCRzuLvTM5H8aCZCS7mKQiz4IXFwwAyu
+c598oTgvgHQh7ZvGEW9mtPP9C5GYABdeeyeChIDBTYN/nZa7dTUyoHWnKWcn3tp
aSJ37546UHn3z6r+n/DCdVhHXyojS+w89xQTZuO9KCKT1SbIiNvS0emIPb7FpJvj
DgLNdp4pox05gAo+dRHdYeDbIcpa9X0qBQF16iXYyPoMI8CANAcVA7JnnW3Z5uOt
UQwKCoR0lhkn0hIJ4dYPWExPFAP7BUlK/P6AXH43kQrAtFpW7NmdbckqEQ7g+T7R
VyFCI4olTLYyF9woqcORiwQTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUI2fAqiuh
Af6jI1A2xEBDqL9BhAMwHwYDVR0jBBgwFoAU/hORwLImyM6/pKKtZpauS4K/ficw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFMzY5LzBFMkZCM0M4ODhE
ODExRUQ5Qjg1RTU0OEM0RjlBRTAyL19oT1J3TElteU02X3BLS3RacGF1UzRLX2Zp
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvX2hPUndMSW15TTZfcEtLdFpwYXVTNEtfZmljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RTM2OS8wRTJGQjNDODg4RDgxMUVEOUI4NUU1NDhDNEY5QUUwMi8yNDFDN0M2Qzg4
REMxMUVEOTk5OEI2NDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWc8BjAPBAIAAjAJAwcAIAEN8bvAMA0GCSqGSIb3DQEBCwUA
A4IBAQB9i1IUVOVVKITAlowanCEJcBU+ue0IaZ5VFOgIi2YOS7kGA60kpq0fpiGd
DqCaZrvJ9OtrnQuZwoWH825v6i0IBq5aOo6F1kFqRcpJ7eyeFUbAbLzYA2oVUur8
7BEzOCIJap/KLTxU6RAcPNs6yk0AbGc6AzzJZmQqrW17N4MMfSRHMicQdljhzhyl
+BqBq0J5UxO6aoeVs5z6WXVG/Mmir2wCUUQ9u7f0rwhqYkF6bEzDS5NK+spLOtlW
BimB9KRGzW/mg0CsYYzKEI0ll4wIulLx0p0+HJV6FuvYZ0WS8tqYphSSEEWwNzSZ
jpPE+OhMwvw/jTSFwPyD3G7EG1st
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org