Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/598AFE7CF6B611ECA8E02D58C4F9AE02.roa
File:                     598AFE7CF6B611ECA8E02D58C4F9AE02.roa (raw, json)
Hash identifier:          AmrFe6fE1PfuRldBymA7cHKiou89Y0lGyAykFZ1i+5E=
Subject key identifier:   A1:9C:68:7A:66:5B:E0:81:C5:B0:A2:96:E8:95:52:92:DD:A4:A4:0C
Certificate issuer:       /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
Certificate serial:       093F
Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/598AFE7CF6B611ECA8E02D58C4F9AE02.roa
Signing time:             Fri 24 Mar 2023 21:28:23 +0000
ROA not before:           Fri 24 Mar 2023 21:28:23 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     141731
IP address blocks:        103.136.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2367 (0x93f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
        Validity
            Not Before: Mar 24 21:28:23 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=641e15f6-8971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:18:7a:99:23:91:0b:bb:cd:b3:f5:40:b4:20:
                    14:1a:4a:39:1b:ce:fb:59:89:87:99:3c:b8:38:6b:
                    9c:9c:6e:2e:3b:11:93:41:6f:a1:9c:8a:63:4f:d7:
                    e5:ba:21:b3:a7:11:f0:1a:f5:3a:cf:9c:91:32:fb:
                    ee:1c:8a:ee:b6:ee:6b:65:50:71:19:ec:f7:88:62:
                    d9:c6:9c:f1:d9:3d:63:6d:04:b8:95:cb:88:93:1a:
                    b4:d8:e7:63:7e:90:11:6a:ef:19:1a:80:cc:0c:f9:
                    4b:63:0a:cf:b0:6c:a1:b5:bb:20:91:0e:3d:1d:b1:
                    09:49:73:9d:4d:f4:57:09:b4:8d:2c:aa:37:c1:c3:
                    d6:9e:f2:d3:8b:1e:ad:61:ae:92:c8:a0:c6:15:3b:
                    3c:fa:21:ee:41:5a:16:a3:58:8f:14:a5:a5:81:c4:
                    76:ef:f3:7b:7d:8b:c5:a7:e7:6e:be:05:47:1f:15:
                    d5:1a:93:70:19:eb:57:ca:03:fb:9a:1e:fb:bd:83:
                    be:bd:30:c9:7e:71:0f:10:e1:07:c9:fa:47:de:88:
                    0e:dc:bf:4b:97:1b:d2:9f:02:03:c2:2d:7b:82:d9:
                    d0:a7:72:fc:39:77:3a:04:2d:3e:3d:7e:13:c0:8b:
                    9c:78:e8:ef:7c:51:e7:00:ad:7a:09:be:61:f4:79:
                    14:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:9C:68:7A:66:5B:E0:81:C5:B0:A2:96:E8:95:52:92:DD:A4:A4:0C
            X509v3 Authority Key Identifier:
                keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/598AFE7CF6B611ECA8E02D58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:21:12:67:41:7d:cc:97:8b:5c:9f:e2:fd:06:60:8a:24:70:
         b6:29:a7:0e:95:ad:83:0a:3a:f2:e6:11:1f:7d:71:03:12:22:
         4d:45:86:8b:11:13:31:41:d3:04:eb:7c:7a:f0:a7:92:77:66:
         5c:27:da:3f:78:96:7f:fe:7a:e6:19:97:eb:38:3d:5d:49:1d:
         c3:9d:75:e9:ec:28:1a:aa:f5:cf:9c:1a:f7:c4:52:b5:e3:32:
         e0:6d:c3:b8:26:61:1a:c3:14:e0:f2:2c:a8:a3:e1:1b:78:06:
         5b:9a:a5:7f:d9:b2:e7:50:76:6b:3c:bd:fd:e1:5a:aa:28:82:
         29:33:23:7e:f4:36:40:6e:37:c3:d3:36:16:f8:f0:94:44:ee:
         24:37:72:37:79:25:9c:e2:df:ef:f9:93:d6:69:8c:67:90:37:
         38:c3:4d:73:5a:8f:81:e2:4c:ec:0d:e9:8e:35:83:e1:a0:c5:
         fb:74:61:e6:f7:14:6a:a2:b0:4d:77:7c:66:0d:9d:1d:77:f0:
         5a:66:20:12:15:03:31:36:76:57:ef:b5:8e:b7:f5:84:1a:96:
         28:56:da:3d:85:d2:2d:15:97:e2:02:81:53:3b:f5:c3:44:67:
         55:61:9d:09:94:7c:1a:c1:ae:4f:15:45:0c:ae:72:db:04:57:
         80:d7:f6:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5
NkRCQ0VGQjQwHhcNMjMwMzI0MjEyODIzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFlMTVmNi04OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhh6mSORC7vNs/VAtCAUGko5G877WYmHmTy4OGucnG4uOxGTQW+hnIpjT9fl
uiGzpxHwGvU6z5yRMvvuHIrutu5rZVBxGez3iGLZxpzx2T1jbQS4lcuIkxq02Odj
fpARau8ZGoDMDPlLYwrPsGyhtbsgkQ49HbEJSXOdTfRXCbSNLKo3wcPWnvLTix6t
Ya6SyKDGFTs8+iHuQVoWo1iPFKWlgcR27/N7fYvFp+duvgVHHxXVGpNwGetXygP7
mh77vYO+vTDJfnEPEOEHyfpH3ogO3L9LlxvSnwIDwi17gtnQp3L8OXc6BC0+PX4T
wIuceOjvfFHnAK16Cb5h9HkUjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKGcaHpm
W+CBxbCiluiVUpLdpKQMMB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG
QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUU2Q0EvNzQwOUI0N0E0RkM3MTFFQThFNDZENDE1QzRGOUFFMDIvNTk4QUZFN0NG
NkI2MTFFQ0E4RTAyRDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniJ8wDQYJKoZIhvcNAQELBQADggEBAHIhEmdBfcyXi1yf
4v0GYIokcLYppw6VrYMKOvLmER99cQMSIk1FhosREzFB0wTrfHrwp5J3Zlwn2j94
ln/+euYZl+s4PV1JHcOddensKBqq9c+cGvfEUrXjMuBtw7gmYRrDFODyLKij4Rt4
BluapX/ZsudQdms8vf3hWqoogikzI370NkBuN8PTNhb48JRE7iQ3cjd5JZzi3+/5
k9ZpjGeQNzjDTXNaj4HiTOwN6Y41g+Ggxft0Yeb3FGqisE13fGYNnR138FpmIBIV
AzE2dlfvtY639YQalihW2j2F0i0Vl+ICgVM79cNEZ1VhnQmUfBrBrk8VRQyuctsE
V4DX9ns=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org