Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91316B0/2337F2325E3E11ECA1FFEB4CC4F9AE02/7CAB43B6C0AA11EE8B3CB747C4F9AE02.roa
File:                     7CAB43B6C0AA11EE8B3CB747C4F9AE02.roa (raw, json)
Hash identifier:          dGAHe/Qdq5m/2bsl7gKCUmWyaf3GaQgRsDKKu+LV41g=
Subject key identifier:   E3:00:9D:0E:B0:77:1C:D5:80:1E:A3:CD:68:F4:B2:BB:A1:5C:65:9B
Certificate issuer:       /CN=A91316B0/serialNumber=FC74B25C0DAD893E19E522DAD9D9C012EB82F589
Certificate serial:       035C
Authority key identifier: FC:74:B2:5C:0D:AD:89:3E:19:E5:22:DA:D9:D9:C0:12:EB:82:F5:89
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_HSyXA2tiT4Z5SLa2dnAEuuC9Yk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91316B0/2337F2325E3E11ECA1FFEB4CC4F9AE02/7CAB43B6C0AA11EE8B3CB747C4F9AE02.roa
Signing time:             Sat 03 Feb 2024 02:34:50 +0000
ROA not before:           Sat 03 Feb 2024 02:34:50 +0000
ROA not after:            Sat 01 Jun 2024 00:00:00 +0000
asID:                     137967
IP address blocks:        103.178.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 860 (0x35c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91316B0/serialNumber=FC74B25C0DAD893E19E522DAD9D9C012EB82F589
        Validity
            Not Before: Feb  3 02:34:50 2024 GMT
            Not After : Jun  1 00:00:00 2024 GMT
        Subject: CN=65bda649-cb41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:66:c2:d7:64:e6:5d:66:0f:83:e4:1a:f9:78:
                    e1:77:8a:c4:55:f8:1e:ba:3e:5d:21:cf:aa:5e:66:
                    f4:aa:1b:67:d1:3c:13:13:b3:38:0b:70:bf:26:b6:
                    9d:0d:1b:da:0a:db:0b:fc:34:61:18:d2:94:20:75:
                    32:0b:c2:3a:4b:2c:56:8b:49:90:0c:c5:5f:66:5e:
                    70:aa:25:b9:a0:4e:26:d4:9a:57:a8:58:74:2a:de:
                    f8:a5:ed:ab:0a:d7:10:d8:7b:60:9a:74:82:a7:d0:
                    fd:3c:04:80:e4:6c:d9:4b:71:a2:1d:61:eb:76:6d:
                    6f:36:d1:53:87:c5:aa:ca:50:2b:aa:32:02:75:c3:
                    dc:2a:14:8a:b1:dc:db:f1:a0:1a:cc:1b:45:e2:58:
                    07:21:ef:22:f0:d5:14:00:c0:83:ac:be:1e:2b:a7:
                    51:3d:8d:ff:b9:44:bd:ff:f0:95:61:73:1d:a4:28:
                    af:63:fd:f2:c0:5e:f9:50:f7:14:a3:fb:52:ea:2a:
                    61:b8:d8:e2:36:1a:5a:77:a3:40:ef:78:08:0b:98:
                    82:7b:19:20:62:55:26:3a:9f:67:e4:40:96:2d:a8:
                    d2:b3:fc:fb:fa:a3:ce:5b:16:7d:20:03:35:92:74:
                    15:1b:f8:4a:4f:30:a1:16:db:6a:d9:f6:3e:6d:74:
                    db:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:00:9D:0E:B0:77:1C:D5:80:1E:A3:CD:68:F4:B2:BB:A1:5C:65:9B
            X509v3 Authority Key Identifier:
                keyid:FC:74:B2:5C:0D:AD:89:3E:19:E5:22:DA:D9:D9:C0:12:EB:82:F5:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91316B0/2337F2325E3E11ECA1FFEB4CC4F9AE02/_HSyXA2tiT4Z5SLa2dnAEuuC9Yk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_HSyXA2tiT4Z5SLa2dnAEuuC9Yk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91316B0/2337F2325E3E11ECA1FFEB4CC4F9AE02/7CAB43B6C0AA11EE8B3CB747C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:71:a0:58:2c:cb:c9:f5:a2:98:1b:5f:5c:e8:e7:32:72:98:
         18:00:f3:86:bf:e9:23:da:c0:4f:04:95:1f:95:af:bb:0f:6a:
         cc:24:27:49:68:70:93:59:43:f1:a5:eb:6b:de:5e:9c:47:4a:
         31:ef:3e:91:85:6b:1c:42:e4:1f:c2:39:28:ad:2a:e1:39:6a:
         2d:ae:29:fd:15:19:5a:eb:6f:26:45:50:42:7f:c5:36:c0:e9:
         bb:fe:ab:ab:85:b4:44:f3:51:c4:dd:10:d8:1c:a7:35:bb:97:
         05:0b:9b:90:b8:d7:7c:a0:e5:76:f7:6f:ca:2e:9b:64:b3:6e:
         92:f3:86:f9:ae:fc:2f:8d:7e:f1:3e:56:77:95:aa:ec:09:e1:
         14:b7:b8:ff:70:bc:09:48:55:52:94:4a:79:de:f6:97:17:79:
         6b:b2:44:a7:10:42:82:6a:83:77:58:ec:0f:9c:d1:c3:13:d0:
         14:d0:71:b7:f4:fd:7c:a3:86:ba:0e:27:6b:55:d7:3c:03:91:
         9d:5c:d0:33:cc:10:c9:37:87:52:65:60:d7:6c:26:ef:32:4c:
         60:75:2f:1d:21:59:2a:81:96:6b:40:1c:91:f8:92:10:25:1e:
         b9:27:35:eb:62:29:33:85:dd:4b:58:ff:6f:b4:ba:11:3c:72:
         3d:3e:ae:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE2QjAxMTAvBgNVBAUTKEZDNzRCMjVDMERBRDg5M0UxOUU1MjJEQUQ5RDlDMDEy
RUI4MkY1ODkwHhcNMjQwMjAzMDIzNDUwWhcNMjQwNjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJkYTY0OS1jYjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2bC12TmXWYPg+Qa+Xjhd4rEVfgeuj5dIc+qXmb0qhtn0TwTE7M4C3C/Jrad
DRvaCtsL/DRhGNKUIHUyC8I6SyxWi0mQDMVfZl5wqiW5oE4m1JpXqFh0Kt74pe2r
CtcQ2HtgmnSCp9D9PASA5GzZS3GiHWHrdm1vNtFTh8WqylArqjICdcPcKhSKsdzb
8aAazBtF4lgHIe8i8NUUAMCDrL4eK6dRPY3/uUS9//CVYXMdpCivY/3ywF75UPcU
o/tS6iphuNjiNhpad6NA73gIC5iCexkgYlUmOp9n5ECWLajSs/z7+qPOWxZ9IAM1
knQVG/hKTzChFttq2fY+bXTbJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOMAnQ6w
dxzVgB6jzWj0sruhXGWbMB8GA1UdIwQYMBaAFPx0slwNrYk+GeUi2tnZwBLrgvWJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTZCMC8yMzM3RjIzMjVF
M0UxMUVDQTFGRkVCNENDNEY5QUUwMi9fSFN5WEEydGlUNFo1U0xhMmRuQUV1dUM5
WWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19IU3lYQTJ0aVQ0WjVTTGEyZG5BRXV1QzlZay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE2QjAvMjMzN0YyMzI1RTNFMTFFQ0ExRkZFQjRDQzRGOUFFMDIvN0NBQjQzQjZD
MEFBMTFFRThCM0NCNzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsh8wDQYJKoZIhvcNAQELBQADggEBAGlxoFgsy8n1opgb
X1zo5zJymBgA84a/6SPawE8ElR+Vr7sPaswkJ0locJNZQ/Gl62veXpxHSjHvPpGF
axxC5B/COSitKuE5ai2uKf0VGVrrbyZFUEJ/xTbA6bv+q6uFtETzUcTdENgcpzW7
lwULm5C413yg5Xb3b8oum2SzbpLzhvmu/C+NfvE+VneVquwJ4RS3uP9wvAlIVVKU
Snne9pcXeWuyRKcQQoJqg3dY7A+c0cMT0BTQcbf0/XyjhroOJ2tV1zwDkZ1c0DPM
EMk3h1JlYNdsJu8yTGB1Lx0hWSqBlmtAHJH4khAlHrknNetiKTOF3UtY/2+0uhE8
cj0+rnk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org