Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/B097BEBA682D11ED92E1CB22C4F9AE02.roa
File:                     B097BEBA682D11ED92E1CB22C4F9AE02.roa (raw, json)
Hash identifier:          Bnr2RGqLCyMI4euAdz+bMF1cVeWRun502x9J8HJo47A=
Subject key identifier:   2D:18:DD:C2:D0:9B:DA:0B:01:08:6A:A9:C7:C5:D1:80:39:B2:93:E4
Certificate issuer:       /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
Certificate serial:       3C
Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/B097BEBA682D11ED92E1CB22C4F9AE02.roa
Signing time:             Wed 28 Dec 2022 19:24:58 +0000
ROA not before:           Wed 28 Dec 2022 19:24:58 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     141731
IP address blocks:        103.14.168.0/24 maxlen: 24
                          103.14.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60 (0x3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
        Validity
            Not Before: Dec 28 19:24:58 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63ac980a-277c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:3f:f7:2f:c5:1d:39:7c:f2:f8:e9:04:2c:31:
                    97:60:e2:0e:2d:55:44:c5:75:95:f5:f4:e3:f7:48:
                    49:e5:b0:5a:c2:47:4f:33:7f:0c:d4:60:c1:00:3f:
                    b4:6e:a2:df:09:50:b1:a7:59:4f:68:1d:76:56:28:
                    41:e0:44:30:b3:71:7d:e3:46:29:5e:77:7e:cf:9a:
                    0c:3d:72:d2:31:7a:1e:3a:b7:1d:92:5e:f2:41:c3:
                    74:a8:12:8d:3e:e8:51:f3:4b:c3:cb:6f:d6:ac:6d:
                    62:dc:d3:f9:a5:75:6a:03:3f:e9:14:8a:ff:21:0f:
                    c2:e4:72:f1:4f:78:3a:03:8c:8e:6e:e5:dd:ad:24:
                    88:d7:57:dc:8c:53:d2:36:49:47:a0:28:37:ed:54:
                    0e:f4:60:a9:ca:3c:76:97:94:5a:90:db:5d:c0:15:
                    89:c9:3b:55:2d:81:fc:c5:02:6e:8a:f7:6c:b4:56:
                    b0:80:fc:30:7b:e4:21:ed:4f:e0:c2:49:93:01:45:
                    b3:84:16:7b:2e:1b:78:be:02:16:d7:38:26:5b:73:
                    6e:85:cb:ae:3c:00:33:87:e1:47:b2:b2:cb:2f:e2:
                    cb:f9:3e:5c:f1:da:7e:89:2d:0b:86:88:74:bb:ae:
                    20:fd:cf:3f:4e:01:16:db:af:9c:b3:1a:30:b9:2f:
                    6e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:18:DD:C2:D0:9B:DA:0B:01:08:6A:A9:C7:C5:D1:80:39:B2:93:E4
            X509v3 Authority Key Identifier:
                keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/B097BEBA682D11ED92E1CB22C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.14.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:02:4e:53:cf:fe:81:ee:e8:f0:5b:d4:c8:8d:ec:b8:01:29:
         ee:4a:4e:c6:c5:51:37:5e:6d:32:cd:89:4b:3a:57:54:cf:74:
         e3:c9:5d:a2:e3:31:00:b0:b4:21:c6:60:ed:8d:8c:0e:84:23:
         fc:44:28:83:fd:3a:2b:3c:de:00:8d:cc:24:8d:67:16:66:a3:
         98:23:17:04:94:72:2e:04:b7:aa:f5:7d:05:38:9f:6e:80:94:
         d1:ad:49:90:13:d2:2b:f7:85:69:7c:74:21:e4:5d:fc:d8:e2:
         37:80:6f:66:fa:f0:04:79:d9:48:fd:54:02:d8:54:bc:f9:0a:
         1e:b8:8e:e1:c4:d9:44:0b:dc:00:2b:03:3d:f4:c7:3a:5e:a5:
         b8:fd:fa:33:32:cf:a1:da:56:1a:36:c8:5e:fc:0f:96:1e:49:
         e4:33:75:e2:d1:84:b1:93:13:71:85:f2:0e:06:90:a8:72:e9:
         e7:5a:c2:6b:90:0a:de:9e:50:b1:f6:0b:8a:9b:9c:e8:44:84:
         ff:a5:3b:cc:f1:4f:a8:09:62:d6:8a:50:d0:0b:26:ae:47:5e:
         69:4f:38:7a:50:20:cc:99:8e:c8:5a:06:67:ae:db:46:b5:a5:
         b1:11:9c:76:e8:d3:67:28:a9:91:60:1a:00:dc:fd:0b:8f:bd:
         32:f2:f7:ea
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OEM3RjExMC8GA1UEBRMoODk3NkI1RkI0OEYyRTQxMTFENzhENUEzQ0Q1QTJGQ0Ex
OTYxMzk3QTAeFw0yMjEyMjgxOTI0NThaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWM5ODBhLTI3N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDyP/cvxR05fPL46QQsMZdg4g4tVUTFdZX19OP3SEnlsFrCR08zfwzUYMEAP7Ru
ot8JULGnWU9oHXZWKEHgRDCzcX3jRiled37Pmgw9ctIxeh46tx2SXvJBw3SoEo0+
6FHzS8PLb9asbWLc0/mldWoDP+kUiv8hD8LkcvFPeDoDjI5u5d2tJIjXV9yMU9I2
SUegKDftVA70YKnKPHaXlFqQ213AFYnJO1UtgfzFAm6K92y0VrCA/DB75CHtT+DC
SZMBRbOEFnsuG3i+AhbXOCZbc26Fy648ADOH4Ueysssv4sv5Plzx2n6JLQuGiHS7
riD9zz9OARbbr5yzGjC5L25DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULRjdwtCb
2gsBCGqpx8XRgDmyk+QwHwYDVR0jBBgwFoAUiXa1+0jy5BEdeNWjzVovyhlhOXow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4QzdGLzNCN0JEQUJFM0ZD
NzExRURBQzlCMjIxREM0RjlBRTAyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Y
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVhhMS0wank1QkVkZU5XanpWb3Z5aGxoT1hvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9CMDk3QkVCQTY4
MkQxMUVEOTJFMUNCMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcOqDANBgkqhkiG9w0BAQsFAAOCAQEASQJOU8/+ge7o8FvU
yI3suAEp7kpOxsVRN15tMs2JSzpXVM9048ldouMxALC0IcZg7Y2MDoQj/EQog/06
KzzeAI3MJI1nFmajmCMXBJRyLgS3qvV9BTifboCU0a1JkBPSK/eFaXx0IeRd/Nji
N4BvZvrwBHnZSP1UAthUvPkKHriO4cTZRAvcACsDPfTHOl6luP36MzLPodpWGjbI
XvwPlh5J5DN14tGEsZMTcYXyDgaQqHLp51rCa5AK3p5QsfYLipuc6ESE/6U7zPFP
qAli1opQ0AsmrkdeaU84elAgzJmOyFoGZ67bRrWlsRGcdujTZyipkWAaANz9C4+9
MvL36g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org