Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9122B00/14C28082F1AA11ECBF355C29C4F9AE02/296D37C0F1AF11EC9D428B2EC4F9AE02.roa
File:                     296D37C0F1AF11EC9D428B2EC4F9AE02.roa (raw, json)
Hash identifier:          HHwSvOqsUbtsvw4bDVDg5T6g0DT1QrcFPY/eM3lnlVU=
Subject key identifier:   FB:E8:65:D9:05:E6:77:8B:6A:8B:B3:1C:B7:4E:F7:E8:E8:72:81:62
Certificate issuer:       /CN=A9122B00/serialNumber=93C12D83DBB88F2177AB58E39FAE8ACA31239D91
Certificate serial:       02
Authority key identifier: 93:C1:2D:83:DB:B8:8F:21:77:AB:58:E3:9F:AE:8A:CA:31:23:9D:91
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8Etg9u4jyF3q1jjn66KyjEjnZE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9122B00/14C28082F1AA11ECBF355C29C4F9AE02/296D37C0F1AF11EC9D428B2EC4F9AE02.roa
Signing time:             Tue 21 Jun 2022 22:11:56 +0000
ROA not before:           Tue 21 Jun 2022 22:11:56 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     136024
IP address blocks:        103.80.76.0/24 maxlen: 24
                          103.123.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9122B00/serialNumber=93C12D83DBB88F2177AB58E39FAE8ACA31239D91
        Validity
            Not Before: Jun 21 22:11:56 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62b2422c-ff15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:26:2a:5d:c7:a0:09:c3:23:f9:0a:dd:e5:e3:
                    de:34:70:cf:f5:68:f7:d6:86:3a:7e:4e:91:0f:00:
                    06:42:5a:de:ff:89:59:a9:88:2a:70:91:38:9d:02:
                    ed:55:72:ad:53:68:f4:38:1f:5a:e9:b5:88:17:37:
                    62:96:0e:f5:75:a9:64:ea:d0:9c:58:7c:99:2e:d9:
                    f1:54:67:77:96:85:4c:0e:19:c0:48:6e:3a:79:82:
                    d7:ba:36:63:bc:c9:0f:58:58:64:c3:ce:b1:fe:f7:
                    77:a8:93:62:7e:ad:50:db:48:71:62:8a:29:98:7b:
                    12:74:04:4d:e7:9d:fe:ab:5a:bd:1e:a2:18:48:6d:
                    0b:7e:42:4c:0b:32:d7:94:1a:e7:ec:93:04:c5:fb:
                    6a:df:ee:77:d6:09:82:5c:68:32:ed:36:b7:9b:2e:
                    42:6e:f2:d1:4b:b0:55:f1:ae:60:b7:e2:80:72:24:
                    14:68:1e:57:66:22:82:18:fa:38:64:64:67:a3:6c:
                    7a:e9:29:de:3e:bb:36:83:15:6f:83:f4:8d:0d:50:
                    b0:2b:ac:34:93:ec:2e:bb:aa:36:44:0f:97:d5:4d:
                    8f:f2:5e:64:24:93:fc:1a:12:17:de:fe:a5:4c:e6:
                    a4:dc:65:df:d4:f0:62:0b:3a:3a:bb:01:39:29:7d:
                    d5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:E8:65:D9:05:E6:77:8B:6A:8B:B3:1C:B7:4E:F7:E8:E8:72:81:62
            X509v3 Authority Key Identifier:
                keyid:93:C1:2D:83:DB:B8:8F:21:77:AB:58:E3:9F:AE:8A:CA:31:23:9D:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9122B00/14C28082F1AA11ECBF355C29C4F9AE02/k8Etg9u4jyF3q1jjn66KyjEjnZE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8Etg9u4jyF3q1jjn66KyjEjnZE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122B00/14C28082F1AA11ECBF355C29C4F9AE02/296D37C0F1AF11EC9D428B2EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.80.76.0/24
                  103.123.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:09:17:6f:33:c5:f4:25:e3:7c:ad:00:c0:b3:92:ec:6b:7e:
         fb:1d:2f:38:f5:b0:8e:07:0a:2c:d1:80:54:29:2e:ed:3d:24:
         ae:f4:75:50:1c:e7:96:28:76:d1:b7:10:31:34:9a:3c:2d:04:
         01:a6:73:70:c1:3a:ef:95:ec:b1:b4:ef:60:62:5f:db:de:a0:
         81:26:7e:ec:19:ae:bb:f7:62:15:44:b9:16:14:49:2c:41:6c:
         7d:7b:95:76:06:d8:5b:4c:96:1f:5f:ce:cd:e6:98:21:6b:86:
         d0:d7:d3:37:6e:9f:cf:4b:08:05:89:37:04:0c:43:ca:3b:ea:
         d8:02:67:e4:0a:1d:32:9d:78:a8:77:16:7e:52:8e:cc:8d:bf:
         a7:4e:0d:a6:e1:1a:fe:77:b7:aa:68:9f:80:93:84:58:09:c1:
         a2:99:0b:8f:17:c0:85:b5:8f:da:b8:be:f3:55:20:67:17:e5:
         4f:16:80:96:48:f4:cb:c2:a0:e1:86:2d:61:c3:f7:05:1e:d3:
         b9:b5:85:88:0a:eb:3a:9d:a1:4b:f2:2d:d2:4a:c1:5a:e7:22:
         1c:4a:18:65:d8:b6:50:f8:e3:86:d7:e4:c5:74:b9:79:d9:e5:
         36:5f:e2:af:c5:3e:7c:d0:b8:4b:62:f9:00:62:0e:63:8b:4c:
         3d:5e:05:61
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MkIwMDExMC8GA1UEBRMoOTNDMTJEODNEQkI4OEYyMTc3QUI1OEUzOUZBRThBQ0Ez
MTIzOUQ5MTAeFw0yMjA2MjEyMjExNTZaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYjI0MjJjLWZmMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD3Jipdx6AJwyP5Ct3l4940cM/1aPfWhjp+TpEPAAZCWt7/iVmpiCpwkTidAu1V
cq1TaPQ4H1rptYgXN2KWDvV1qWTq0JxYfJku2fFUZ3eWhUwOGcBIbjp5gte6NmO8
yQ9YWGTDzrH+93eok2J+rVDbSHFiiimYexJ0BE3nnf6rWr0eohhIbQt+QkwLMteU
GufskwTF+2rf7nfWCYJcaDLtNrebLkJu8tFLsFXxrmC34oByJBRoHldmIoIY+jhk
ZGejbHrpKd4+uzaDFW+D9I0NULArrDST7C67qjZED5fVTY/yXmQkk/waEhfe/qVM
5qTcZd/U8GILOjq7ATkpfdV5AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU++hl2QXm
d4tqi7Mct0736OhygWIwHwYDVR0jBBgwFoAUk8Etg9u4jyF3q1jjn66KyjEjnZEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIyQjAwLzE0QzI4MDgyRjFB
QTExRUNCRjM1NUMyOUM0RjlBRTAyL2s4RXRnOXU0anlGM3ExampuNjZLeWpFam5a
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvazhFdGc5dTRqeUYzcTFqam42Nkt5akVqblpFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MkIwMC8xNEMyODA4MkYxQUExMUVDQkYzNTVDMjlDNEY5QUUwMi8yOTZEMzdDMEYx
QUYxMUVDOUQ0MjhCMkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGdQTAMEAGd7nzANBgkqhkiG9w0BAQsFAAOCAQEAfgkXbzPF
9CXjfK0AwLOS7Gt++x0vOPWwjgcKLNGAVCku7T0krvR1UBznlih20bcQMTSaPC0E
AaZzcME675XssbTvYGJf296ggSZ+7Bmuu/diFUS5FhRJLEFsfXuVdgbYW0yWH1/O
zeaYIWuG0NfTN26fz0sIBYk3BAxDyjvq2AJn5AodMp14qHcWflKOzI2/p04NpuEa
/ne3qmifgJOEWAnBopkLjxfAhbWP2ri+81UgZxflTxaAlkj0y8Kg4YYtYcP3BR7T
ubWFiArrOp2hS/It0krBWuciHEoYZdi2UPjjhtfkxXS5ednlNl/ir8U+fNC4S2L5
AGIOY4tMPV4FYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org