Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/2F773AB85AB811ED8A62025BC4F9AE02.roa
File:                     2F773AB85AB811ED8A62025BC4F9AE02.roa (raw, json)
Hash identifier:          /buJzjQNc+LEPwuSNLiRIhdx7lWLlA4M/P2vinK7OwY=
Subject key identifier:   4B:C0:1E:D6:D4:9E:A3:06:07:F3:F5:0F:D5:BC:F4:9F:BA:D5:C0:CB
Certificate issuer:       /CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Certificate serial:       0575
Authority key identifier: C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/2F773AB85AB811ED8A62025BC4F9AE02.roa
Signing time:             Wed 02 Nov 2022 14:11:04 +0000
ROA not before:           Wed 02 Nov 2022 14:11:04 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     139325
IP address blocks:        103.158.158.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1397 (0x575)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
        Validity
            Not Before: Nov  2 14:11:04 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=63627a77-a044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c0:af:2e:9f:c2:f8:f0:e5:28:ff:2d:bc:fc:
                    e4:2d:ba:30:4c:ab:cf:90:30:12:84:20:2d:8f:6e:
                    98:cf:67:d0:33:27:f6:3a:e1:e0:12:c1:e0:be:27:
                    72:f0:8e:f0:94:60:12:d6:ff:29:fc:96:3e:ff:88:
                    88:da:7c:22:d8:9d:ed:6b:3f:5f:96:3d:de:e4:21:
                    32:b0:c7:a4:8e:12:2c:1b:a0:af:f4:13:45:93:7f:
                    86:2f:96:8c:73:00:7b:51:04:2f:2f:c1:ab:f1:7d:
                    54:db:02:f5:69:a1:6a:56:7e:a2:a0:3d:8a:93:8e:
                    dc:a4:a2:a5:5b:1f:8f:86:14:35:c3:fc:2c:57:78:
                    10:0f:3c:61:7c:b2:56:cb:b9:0a:cd:a9:91:40:76:
                    5a:fe:ca:89:fc:8a:7d:38:06:27:b5:47:fb:a4:80:
                    b1:39:f8:8e:17:ae:3a:60:91:86:15:76:7a:c6:cb:
                    d1:7c:22:c6:85:30:2d:11:ce:48:04:50:92:15:c8:
                    5c:29:a7:ce:7a:0d:a4:47:33:1e:07:4b:b7:e6:fc:
                    a8:98:c7:ee:21:fb:c1:a8:4a:f0:cf:a7:91:71:be:
                    2e:4b:a6:1c:65:94:af:9b:17:aa:6c:23:23:6f:bf:
                    d8:7f:02:fb:01:e3:9e:dd:fd:e3:91:ba:cc:13:72:
                    ba:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C0:1E:D6:D4:9E:A3:06:07:F3:F5:0F:D5:BC:F4:9F:BA:D5:C0:CB
            X509v3 Authority Key Identifier:
                keyid:C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/2F773AB85AB811ED8A62025BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:59:45:30:dc:8d:c0:2c:f0:13:05:39:af:16:96:31:95:c0:
         26:bf:46:1f:c5:89:14:a9:a2:dc:29:6c:c0:10:74:dc:ae:36:
         2f:d8:26:46:99:d6:cd:0d:b3:88:5a:41:8c:35:c9:63:18:1c:
         54:b8:69:e7:e2:f5:de:c7:20:84:46:b0:2d:98:06:90:37:34:
         7c:da:1e:94:82:e8:d7:9b:49:9a:79:55:98:85:a6:59:cd:1c:
         94:35:b1:11:28:91:d7:7c:4a:a3:90:79:19:eb:d3:d1:f4:c6:
         48:48:13:e7:8d:2c:72:99:72:a1:c5:b8:ed:42:14:18:cd:16:
         e5:e2:aa:b4:97:63:71:bb:e3:ca:e2:bf:44:47:fa:c9:2d:d4:
         92:17:ae:8c:78:98:b8:15:ba:33:dd:98:47:c7:40:c0:dc:7d:
         0c:e3:5d:56:83:42:b7:12:89:f3:98:01:ea:97:8a:be:ea:96:
         57:9a:c3:89:cb:72:0b:ee:48:b4:52:ad:0a:0c:86:7a:34:d0:
         55:e6:16:e2:fc:3a:d2:a6:5a:dc:ae:59:e3:d0:2c:53:9d:d0:
         71:38:16:04:4d:27:e0:59:44:85:90:58:4b:8b:6f:75:19:cf:
         53:05:02:e2:73:d2:1a:7f:1a:55:0b:65:ac:22:e1:df:cb:2f:
         6b:a9:b3:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQzOEYxMTAvBgNVBAUTKEM4ODhEMUVFRTA0QkVGM0U4MTVGMDlEREZBMTkxOTNE
Njk5QjRGNDcwHhcNMjIxMTAyMTQxMTA0WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyN2E3Ny1hMDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8CvLp/C+PDlKP8tvPzkLbowTKvPkDAShCAtj26Yz2fQMyf2OuHgEsHgvidy
8I7wlGAS1v8p/JY+/4iI2nwi2J3taz9flj3e5CEysMekjhIsG6Cv9BNFk3+GL5aM
cwB7UQQvL8Gr8X1U2wL1aaFqVn6ioD2Kk47cpKKlWx+PhhQ1w/wsV3gQDzxhfLJW
y7kKzamRQHZa/sqJ/Ip9OAYntUf7pICxOfiOF646YJGGFXZ6xsvRfCLGhTAtEc5I
BFCSFchcKafOeg2kRzMeB0u35vyomMfuIfvBqErwz6eRcb4uS6YcZZSvmxeqbCMj
b7/YfwL7AeOe3f3jkbrME3K6RQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEvAHtbU
nqMGB/P1D9W89J+61cDLMB8GA1UdIwQYMBaAFMiI0e7gS+8+gV8J3foZGT1pm09H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDM4Ri9DNzU5MEJENjI1
QUUxMUVCOEVFQzIyMEFDNEY5QUUwMi95SWpSN3VCTDd6NkJYd25kLWhrWlBXbWJU
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lJalI3dUJMN3o2Qlh3bmQtaGtaUFdtYlQwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQzOEYvQzc1OTBCRDYyNUFFMTFFQjhFRUMyMjBBQzRGOUFFMDIvMkY3NzNBQjg1
QUI4MTFFRDhBNjIwMjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnp4wDQYJKoZIhvcNAQELBQADggEBAChZRTDcjcAs8BMF
Oa8WljGVwCa/Rh/FiRSpotwpbMAQdNyuNi/YJkaZ1s0Ns4haQYw1yWMYHFS4aefi
9d7HIIRGsC2YBpA3NHzaHpSC6NebSZp5VZiFplnNHJQ1sREokdd8SqOQeRnr09H0
xkhIE+eNLHKZcqHFuO1CFBjNFuXiqrSXY3G748riv0RH+skt1JIXrox4mLgVujPd
mEfHQMDcfQzjXVaDQrcSifOYAeqXir7qlleaw4nLcgvuSLRSrQoMhno00FXmFuL8
OtKmWtyuWePQLFOd0HE4FgRNJ+BZRIWQWEuLb3UZz1MFAuJz0hp/GlULZawi4d/L
L2ups3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org