Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DBD3D778C32F11ED82655C36C4F9AE02.roa
File:                     DBD3D778C32F11ED82655C36C4F9AE02.roa (raw, json)
Hash identifier:          fhQU0wP6cEwLVmakFy+sRsHL3PHSe89bJ7g7IFQ7o9I=
Subject key identifier:   49:7D:14:17:3C:91:FC:BF:CB:39:33:67:6A:27:D1:D6:79:25:3A:40
Certificate issuer:       /CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Certificate serial:       08B2
Authority key identifier: ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DBD3D778C32F11ED82655C36C4F9AE02.roa
Signing time:             Wed 15 Mar 2023 12:49:44 +0000
ROA not before:           Wed 15 Mar 2023 12:49:44 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     142127
IP address blocks:        123.108.92.0/24 maxlen: 24
                          123.108.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2226 (0x8b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
        Validity
            Not Before: Mar 15 12:49:44 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=6411bee8-7fa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:18:dc:14:03:b8:41:b7:be:06:8f:17:e1:72:
                    f6:88:16:7a:78:05:54:f7:d7:13:22:7e:12:da:50:
                    49:47:87:d9:46:bf:7c:39:10:66:99:69:ab:3b:3e:
                    0c:ba:4f:2b:54:55:ac:7f:17:ed:68:d9:d0:cd:aa:
                    d0:fb:34:b8:74:ec:3b:01:55:b1:81:d9:3f:a4:18:
                    d3:20:b7:39:67:a5:98:32:48:2b:63:9c:51:0b:6a:
                    38:e9:1e:ad:6b:a4:e2:63:ec:39:d9:97:10:72:e1:
                    3d:2a:00:50:78:89:2d:9a:aa:d5:48:88:fb:ba:f1:
                    3c:e8:ed:4b:28:07:d5:fc:d8:5f:18:b0:89:60:88:
                    c3:94:84:dd:a5:e8:d9:16:41:62:da:39:db:c0:46:
                    99:8b:27:a3:b7:b4:ff:54:c2:45:40:c9:05:8a:69:
                    09:1b:01:88:b3:0c:92:2e:98:0b:e9:f3:04:a7:73:
                    76:28:23:a0:ca:b7:50:42:49:90:5f:77:58:19:8f:
                    ba:ce:64:3a:79:4d:88:89:64:a9:e5:63:86:bc:65:
                    26:8b:d1:81:e5:38:05:bd:59:f0:fd:ad:ad:fa:38:
                    98:ec:eb:3a:05:74:e0:c3:0a:c2:76:e0:f4:15:52:
                    50:aa:ce:6a:01:2e:bf:3f:26:fd:17:30:ce:bc:e1:
                    fc:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7D:14:17:3C:91:FC:BF:CB:39:33:67:6A:27:D1:D6:79:25:3A:40
            X509v3 Authority Key Identifier:
                keyid:ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/7dKmloaGUlbJsP3da3FJZtU3jzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/DBD3D778C32F11ED82655C36C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.108.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:be:62:ff:0d:2c:c2:da:b6:e1:de:de:8d:fb:f2:7a:ca:26:
         0a:38:37:a9:c0:3e:0d:4f:bd:0b:a0:2e:e4:4f:e7:d2:83:90:
         a4:92:4c:e5:4b:e7:a9:2e:d2:81:6a:b4:f2:eb:49:15:2b:2e:
         b6:f7:c9:c3:1c:14:c7:bf:c5:6d:9f:09:0a:b5:73:17:00:05:
         dc:9c:81:71:4e:87:a4:df:19:95:ed:9d:90:5b:18:cd:56:88:
         b1:7b:22:4b:f4:2b:4a:bf:7d:69:4b:3d:50:44:f9:b8:53:49:
         e9:a1:db:02:36:ca:59:00:98:30:a3:2b:24:38:7d:14:dc:2b:
         64:8c:e1:be:bb:00:a5:07:01:8e:a2:4f:43:31:93:33:5f:df:
         c5:7d:72:9a:c0:d3:66:8d:67:bb:0a:92:63:3d:dd:6e:e4:6c:
         20:cb:ca:61:e9:ea:04:a0:81:00:6d:fa:7f:29:86:67:2f:66:
         90:0c:9b:6e:92:7a:45:c7:e7:be:33:28:d0:5d:84:ec:8c:a6:
         a0:76:23:2d:e5:06:72:d2:26:d5:1a:97:09:6e:af:f8:e0:75:
         ce:db:1b:98:80:d3:69:b1:76:f4:e0:9b:9c:11:13:29:39:5a:
         d6:d9:48:ed:3f:2a:33:2b:88:fc:49:bb:33:94:ce:67:0b:95:
         d4:9f:32:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQzQ0IxMTAvBgNVBAUTKEVERDJBNjk2ODY4NjUyNTZDOUIwRkRERDZCNzE0OTY2
RDUzNzhGMzMwHhcNMjMwMzE1MTI0OTQ0WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDExYmVlOC03ZmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxjcFAO4Qbe+Bo8X4XL2iBZ6eAVU99cTIn4S2lBJR4fZRr98ORBmmWmrOz4M
uk8rVFWsfxftaNnQzarQ+zS4dOw7AVWxgdk/pBjTILc5Z6WYMkgrY5xRC2o46R6t
a6TiY+w52ZcQcuE9KgBQeIktmqrVSIj7uvE86O1LKAfV/NhfGLCJYIjDlITdpejZ
FkFi2jnbwEaZiyejt7T/VMJFQMkFimkJGwGIswySLpgL6fMEp3N2KCOgyrdQQkmQ
X3dYGY+6zmQ6eU2IiWSp5WOGvGUmi9GB5TgFvVnw/a2t+jiY7Os6BXTgwwrCduD0
FVJQqs5qAS6/Pyb9FzDOvOH8TwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEl9FBc8
kfy/yzkzZ2on0dZ5JTpAMB8GA1UdIwQYMBaAFO3SppaGhlJWybD93WtxSWbVN48z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDNDQi9BOUE0MzlGQzY5
QjIxMUVBOTc3OURENDhDNEY5QUUwMi83ZEttbG9hR1VsYkpzUDNkYTNGSlp0VTNq
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdkS21sb2FHVWxiSnNQM2RhM0ZKWnRVM2p6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQzQ0IvQTlBNDM5RkM2OUIyMTFFQTk3NzlERDQ4QzRGOUFFMDIvREJEM0Q3NzhD
MzJGMTFFRDgyNjU1QzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF7bFwwDQYJKoZIhvcNAQELBQADggEBAKG+Yv8NLMLatuHe
3o378nrKJgo4N6nAPg1PvQugLuRP59KDkKSSTOVL56ku0oFqtPLrSRUrLrb3ycMc
FMe/xW2fCQq1cxcABdycgXFOh6TfGZXtnZBbGM1WiLF7Ikv0K0q/fWlLPVBE+bhT
Semh2wI2ylkAmDCjKyQ4fRTcK2SM4b67AKUHAY6iT0MxkzNf38V9cprA02aNZ7sK
kmM93W7kbCDLymHp6gSggQBt+n8phmcvZpAMm26SekXH574zKNBdhOyMpqB2Iy3l
BnLSJtUalwlur/jgdc7bG5iA02mxdvTgm5wREyk5WtbZSO0/KjMriPxJuzOUzmcL
ldSfMrw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org