Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/85F45D2254A311EEB934EE86C4F9AE02.roa
File:                     85F45D2254A311EEB934EE86C4F9AE02.roa (raw, json)
Hash identifier:          vICYYVDm2Fhd0wc5gLKwl4E3FM2MJJkRmCoqsd4NidU=
Subject key identifier:   69:BE:A3:30:D2:11:B6:F8:1B:18:5F:BF:3D:5D:2D:65:41:34:6D:91
Certificate issuer:       /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417
Certificate serial:       02
Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/85F45D2254A311EEB934EE86C4F9AE02.roa
Signing time:             Sat 16 Sep 2023 15:13:00 +0000
ROA not before:           Sat 16 Sep 2023 15:13:00 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     150790
IP address blocks:        103.99.134.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417
        Validity
            Not Before: Sep 16 15:13:00 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=6505c5fc-9328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:c5:47:51:4e:ab:f2:3a:c7:b2:23:7a:c7:d8:
                    d2:ef:89:b8:01:cc:f7:81:0b:f6:40:b0:bc:b4:b8:
                    e8:48:c9:ca:43:a6:60:79:f6:d6:7a:c4:31:7f:c7:
                    a6:0e:64:ac:18:be:c8:ab:53:31:25:6d:7a:01:18:
                    24:e7:45:38:2c:84:09:b7:d2:54:b2:3e:aa:91:e4:
                    86:63:fc:64:ed:99:1a:3d:77:55:14:62:6c:95:0d:
                    7e:f1:7a:52:b3:a7:ac:77:88:ce:dd:d9:45:54:d1:
                    2d:bb:84:76:03:b7:bf:2e:23:5f:5d:81:e2:f4:8e:
                    8f:79:42:ed:26:06:26:48:8d:60:d9:a1:f6:a6:03:
                    a2:a7:6e:f2:17:7c:9a:ce:a1:37:95:c0:76:05:59:
                    3e:3d:a4:67:16:2a:f4:d1:01:df:42:ac:9c:1f:6b:
                    f2:b2:c2:d9:88:82:8c:85:90:0f:8c:e8:9d:cb:e8:
                    f7:26:be:a1:a9:8c:05:23:32:bc:46:ac:f5:39:49:
                    7a:62:05:80:fb:3c:81:02:8f:ab:dd:cd:46:c8:b5:
                    8f:38:29:a8:c5:ee:2f:53:35:19:a5:bc:15:87:44:
                    97:b9:d8:65:b4:71:44:91:4c:2d:cb:c5:8b:1b:b3:
                    a8:13:86:d2:6e:44:ff:f7:2e:63:34:34:3e:e8:44:
                    41:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BE:A3:30:D2:11:B6:F8:1B:18:5F:BF:3D:5D:2D:65:41:34:6D:91
            X509v3 Authority Key Identifier:
                keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/85F45D2254A311EEB934EE86C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.99.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:d0:81:0f:4a:ef:0c:5f:5b:9e:55:66:09:b4:62:a1:c1:e5:
         4d:33:c5:92:e9:a5:0b:30:89:4c:69:87:01:e7:25:7a:c5:5d:
         f8:f7:00:42:ee:21:01:10:68:c4:cb:87:49:91:44:d1:99:a8:
         1e:ad:94:79:80:23:e3:3a:bb:87:40:72:f1:15:e5:8d:ad:2c:
         70:53:56:82:69:db:29:86:7f:7e:8a:37:d4:f3:f9:02:9a:ee:
         c4:0e:eb:c9:e3:31:d4:c5:91:85:17:64:d8:a6:61:bb:05:df:
         e6:aa:fd:dd:b4:70:7c:fa:fa:bc:a9:73:af:d8:cc:64:ff:4d:
         1c:0b:0c:06:7d:f1:a8:28:e4:5c:70:b9:5d:bb:81:cc:0a:fa:
         6d:29:87:18:04:be:11:fd:23:cc:37:97:36:92:72:0c:69:10:
         24:bc:33:dc:be:20:a8:61:b9:43:53:49:30:6b:6b:11:ff:c2:
         a8:de:3f:73:7e:49:43:96:46:ea:ff:57:31:d8:c9:33:ad:51:
         ed:3c:f4:6b:27:09:38:d9:5b:a8:c2:b2:e9:a5:bb:64:a9:41:
         52:8e:67:c8:87:97:74:09:36:7e:ce:fe:d6:af:7e:a0:e8:51:
         6b:08:3a:d1:22:32:b3:2f:c9:8c:4b:8c:80:1c:27:40:22:92:
         1c:fd:65:53
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QzhGQTExMC8GA1UEBRMoMDBFRkIzQUZGRjc0RkQ2MjFGNEI4RDkxMTY5QjdBMUM0
M0IzOTQxNzAeFw0yMzA5MTYxNTEzMDBaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDVjNWZjLTkzMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqxUdRTqvyOseyI3rH2NLvibgBzPeBC/ZAsLy0uOhIycpDpmB59tZ6xDF/x6YO
ZKwYvsirUzElbXoBGCTnRTgshAm30lSyPqqR5IZj/GTtmRo9d1UUYmyVDX7xelKz
p6x3iM7d2UVU0S27hHYDt78uI19dgeL0jo95Qu0mBiZIjWDZofamA6KnbvIXfJrO
oTeVwHYFWT49pGcWKvTRAd9CrJwfa/KywtmIgoyFkA+M6J3L6PcmvqGpjAUjMrxG
rPU5SXpiBYD7PIECj6vdzUbItY84KajF7i9TNRmlvBWHRJe52GW0cUSRTC3LxYsb
s6gThtJuRP/3LmM0ND7oREHJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUab6jMNIR
tvgbGF+/PV0tZUE0bZEwHwYDVR0jBBgwFoAUAO+zr/90/WIfS42RFpt6HEOzlBcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDOEZBLzQwMDNGOTMwNTRB
MzExRUVCNzVGNDY4NkM0RjlBRTAyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxC
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQU8tenJfOTBfV0lmUzQyUkZwdDZIRU96bEJjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi84NUY0NUQyMjU0
QTMxMUVFQjkzNEVFODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdjhjANBgkqhkiG9w0BAQsFAAOCAQEAFtCBD0rvDF9bnlVm
CbRiocHlTTPFkumlCzCJTGmHAeclesVd+PcAQu4hARBoxMuHSZFE0ZmoHq2UeYAj
4zq7h0By8RXlja0scFNWgmnbKYZ/foo31PP5ApruxA7ryeMx1MWRhRdk2KZhuwXf
5qr93bRwfPr6vKlzr9jMZP9NHAsMBn3xqCjkXHC5XbuBzAr6bSmHGAS+Ef0jzDeX
NpJyDGkQJLwz3L4gqGG5Q1NJMGtrEf/CqN4/c35JQ5ZG6v9XMdjJM61R7Tz0aycJ
ONlbqMKy6aW7ZKlBUo5nyIeXdAk2fs7+1q9+oOhRawg60SIysy/JjEuMgBwnQCKS
HP1lUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org