Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
File:                     0948C44A6C7811EBB9AEA942C4F9AE02.roa (raw, json)
Hash identifier:          mBntCrnuYFJ6O5IhuSfWRG7oJxNq35t75tYRJZBtos4=
Subject key identifier:   01:84:DF:BF:62:30:31:8C:5F:08:92:4D:BC:EC:EB:59:39:7C:84:02
Certificate issuer:       /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial:       01BA
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
Signing time:             Tue 24 Aug 2021 18:51:32 +0000
ROA not before:           Tue 24 Aug 2021 18:51:32 +0000
ROA not after:            Fri 30 Sep 2022 00:00:00 +0000
asID:                     136607
IP address blocks:        103.152.100.0/24 maxlen: 24
                          103.152.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 442 (0x1ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
        Validity
            Not Before: Aug 24 18:51:32 2021 GMT
            Not After : Sep 30 00:00:00 2022 GMT
        Subject: CN=61253fb4-65ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:15:ad:5a:4a:95:7a:b7:66:cd:0a:43:4b:ac:
                    a3:b7:de:7a:70:6d:df:42:b2:40:d8:40:af:78:7d:
                    69:0a:1d:07:c3:dd:aa:6a:dc:e2:99:ea:97:87:e3:
                    59:dc:5e:dd:33:74:14:0d:cf:5a:fd:31:59:03:8b:
                    af:62:c7:02:08:5d:59:c5:85:d3:52:ba:e7:6b:92:
                    e5:8f:93:1d:1d:a0:af:52:da:50:27:22:a5:6e:68:
                    cb:e6:57:d9:a7:41:76:1d:96:1b:4f:0d:ca:7e:a8:
                    80:97:b2:81:77:c2:09:c5:ba:f8:05:8d:53:1c:a5:
                    b0:14:0a:a7:38:6a:8d:00:32:be:45:0b:6a:e8:a1:
                    83:00:dc:9d:b5:e6:bd:10:97:95:8e:2c:ad:22:37:
                    32:c8:e2:17:eb:a7:d8:b3:b1:bb:78:fd:63:a2:46:
                    84:bc:b0:70:73:f9:d8:47:44:25:87:ed:18:5e:c2:
                    66:d3:4f:86:ae:32:91:64:d8:5e:41:c3:fd:7f:4e:
                    90:9c:00:f9:14:71:50:bb:7f:76:72:a6:aa:86:0c:
                    5c:fb:c5:e5:37:a1:67:2e:ae:76:d3:9c:04:0b:67:
                    85:7f:ff:ec:14:9e:c5:6f:a9:bf:2e:02:80:56:7f:
                    42:c8:3d:ab:6a:c3:24:94:dc:31:8b:0c:92:2e:3f:
                    f1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:84:DF:BF:62:30:31:8C:5F:08:92:4D:BC:EC:EB:59:39:7C:84:02
            X509v3 Authority Key Identifier:
                keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:e6:1b:9d:09:d9:88:9f:c2:af:9d:05:13:40:03:41:28:49:
         fd:a5:b3:7a:f2:29:f9:01:9a:86:77:af:4a:a6:1f:66:95:50:
         10:26:61:b3:32:ff:f3:86:32:38:36:60:ad:c5:f8:09:c6:21:
         99:d0:63:7b:56:5b:46:4e:ec:59:6d:a1:7c:db:54:e7:01:a3:
         c6:74:5d:7c:5c:80:f4:8e:22:b4:37:7f:d1:c6:bd:d9:38:da:
         bc:a7:89:37:25:f8:7a:2b:f4:4a:83:4c:94:53:0a:db:f2:7f:
         bc:e2:73:ee:fb:96:30:72:6c:ca:9a:40:d5:d2:0a:26:9a:e4:
         8b:e0:2f:c5:1b:b7:e2:be:c5:f4:b1:39:29:16:b8:fe:dd:87:
         57:36:b8:93:50:c6:8d:98:1d:8e:2b:ad:4d:5b:cf:52:f9:69:
         a3:aa:e9:92:17:2d:37:dc:05:df:33:b5:1a:b6:a2:39:14:94:
         26:c7:0f:69:50:19:d8:d3:99:f4:c8:af:78:95:f7:f7:4e:34:
         aa:72:6f:4d:92:eb:0f:7b:be:5d:7a:83:38:eb:57:52:d8:50:
         79:b2:b1:73:ae:58:e0:08:9a:78:09:3a:5e:eb:85:06:74:9d:
         57:ee:06:8e:b8:20:ee:f0:2d:16:3e:4a:89:22:3d:00:89:a7:
         d6:7c:90:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjEwODI0MTg1MTMyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTI1M2ZiNC02NWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RWtWkqVerdmzQpDS6yjt956cG3fQrJA2ECveH1pCh0Hw92qatzimeqXh+NZ
3F7dM3QUDc9a/TFZA4uvYscCCF1ZxYXTUrrna5Llj5MdHaCvUtpQJyKlbmjL5lfZ
p0F2HZYbTw3KfqiAl7KBd8IJxbr4BY1THKWwFAqnOGqNADK+RQtq6KGDANydtea9
EJeVjiytIjcyyOIX66fYs7G7eP1jokaEvLBwc/nYR0Qlh+0YXsJm00+GrjKRZNhe
QcP9f06QnAD5FHFQu392cqaqhgxc+8XlN6FnLq5205wEC2eFf//sFJ7Fb6m/LgKA
Vn9CyD2rasMklNwxiwySLj/xbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAGE379i
MDGMXwiSTbzs61k5fIQCMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvMDk0OEM0NEE2
Qzc4MTFFQkI5QUVBOTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGQwDQYJKoZIhvcNAQELBQADggEBADbmG50J2Yifwq+d
BRNAA0EoSf2ls3ryKfkBmoZ3r0qmH2aVUBAmYbMy//OGMjg2YK3F+AnGIZnQY3tW
W0ZO7FltoXzbVOcBo8Z0XXxcgPSOIrQ3f9HGvdk42ryniTcl+Hor9EqDTJRTCtvy
f7zic+77ljBybMqaQNXSCiaa5IvgL8Ubt+K+xfSxOSkWuP7dh1c2uJNQxo2YHY4r
rU1bz1L5aaOq6ZIXLTfcBd8ztRq2ojkUlCbHD2lQGdjTmfTIr3iV9/dONKpyb02S
6w97vl16gzjrV1LYUHmysXOuWOAImngJOl7rhQZ0nVfuBo64IO7wLRY+SokiPQCJ
p9Z8kFo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:52 2024 by rpki-client on console-ams.rpki-client.org