Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9135F3C/4786836A6AC911EB86CB6B20C4F9AE02/C677948C7FED11EBBF3F441DC4F9AE02.roa
File:                     C677948C7FED11EBBF3F441DC4F9AE02.roa (raw, json)
Hash identifier:          rhhJNuqtzxMuT+PxkGngJc4BdmDWfW+yYQ+njcZIHHM=
Subject key identifier:   50:D3:AC:6D:E2:6D:FD:9B:85:2E:73:63:6E:40:BB:5F:D2:FC:02:FB
Certificate issuer:       /CN=A9135F3C/serialNumber=23B33B9016E311EEA6B721C8B93939FB1A870BEC
Certificate serial:       04E3
Authority key identifier: 23:B3:3B:90:16:E3:11:EE:A6:B7:21:C8:B9:39:39:FB:1A:87:0B:EC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7M7kBbjEe6mtyHIuTk5-xqHC-w.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9135F3C/4786836A6AC911EB86CB6B20C4F9AE02/C677948C7FED11EBBF3F441DC4F9AE02.roa
Signing time:             Tue 03 Jan 2023 01:01:08 +0000
ROA not before:           Tue 03 Jan 2023 01:01:07 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     140057
IP address blocks:        103.161.34.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1251 (0x4e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9135F3C/serialNumber=23B33B9016E311EEA6B721C8B93939FB1A870BEC
        Validity
            Not Before: Jan  3 01:01:07 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63b37e53-4436
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3c:db:33:a2:a5:e6:b6:b0:c6:8c:f5:f8:22:
                    0d:e7:d2:ce:3f:8d:32:71:74:fa:14:fd:cd:db:c9:
                    02:9e:ca:1b:b2:88:aa:f7:63:c6:9a:5c:3b:23:04:
                    e7:62:ab:d3:75:27:ad:e7:7a:53:53:85:87:59:dc:
                    79:7e:5e:6c:16:a1:20:1b:81:94:b8:a7:a5:42:20:
                    96:ff:76:54:b9:73:a9:d0:5a:e0:4b:57:19:6b:08:
                    1f:6d:05:06:ba:e1:d4:22:4b:fd:23:c5:f9:ce:3e:
                    0d:d8:07:31:0e:4b:ed:fa:92:3b:06:8d:9f:c1:e9:
                    b0:9d:7f:b3:e9:db:55:0a:e7:23:2e:2e:5a:f6:8b:
                    e7:01:c6:81:19:3f:6d:07:c2:5e:e8:98:33:cd:b3:
                    bf:27:04:1a:d4:94:6f:39:99:d1:af:a8:cb:c2:91:
                    00:d1:79:3d:c4:c1:3e:c5:c8:b0:6f:50:aa:5b:39:
                    4f:b9:31:88:cc:4e:12:49:18:e0:1b:42:2d:5c:ca:
                    0a:e2:8f:99:b5:c0:56:87:39:a3:24:21:b0:28:19:
                    5d:c0:a9:51:e6:23:71:55:37:52:59:36:8b:e0:26:
                    aa:d4:cb:e4:8f:dc:4f:fe:45:c4:24:ab:32:ce:33:
                    fe:ec:f0:0c:b6:96:3f:c6:65:b0:e8:2a:ca:dd:bb:
                    c6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D3:AC:6D:E2:6D:FD:9B:85:2E:73:63:6E:40:BB:5F:D2:FC:02:FB
            X509v3 Authority Key Identifier:
                keyid:23:B3:3B:90:16:E3:11:EE:A6:B7:21:C8:B9:39:39:FB:1A:87:0B:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9135F3C/4786836A6AC911EB86CB6B20C4F9AE02/I7M7kBbjEe6mtyHIuTk5-xqHC-w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7M7kBbjEe6mtyHIuTk5-xqHC-w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135F3C/4786836A6AC911EB86CB6B20C4F9AE02/C677948C7FED11EBBF3F441DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:13:83:69:2a:3a:97:75:ba:c8:a0:ba:17:30:9f:e6:91:4e:
         46:46:11:b1:7b:f9:11:90:e5:fb:d1:16:cf:f1:69:70:c3:f4:
         49:d9:27:9d:84:07:b3:88:c2:83:c1:e6:b0:0f:63:fe:69:14:
         a8:ec:cb:4f:c1:f9:f8:61:5e:a0:c6:c9:d2:e9:29:7e:99:8e:
         34:a5:4e:d7:32:ce:f5:e4:6d:bb:b1:bb:c9:5d:57:75:e7:9a:
         d8:32:4e:52:d7:a6:92:f2:73:62:e5:32:76:b3:8d:c6:b0:eb:
         e0:4e:f4:f6:e1:37:a0:c6:c7:ee:25:59:3d:50:25:70:db:c4:
         ff:16:b2:79:4b:21:9b:b3:4b:6a:25:7d:5f:20:b1:9a:c5:f2:
         f3:e0:7a:6e:5b:67:4c:fc:82:22:f0:3b:34:b0:62:7a:dc:fe:
         0c:49:ef:ac:87:a4:69:cc:4e:f9:54:16:aa:64:07:0b:87:3d:
         7c:2c:a7:bf:ef:9f:7b:6e:92:06:db:0c:3b:e0:b0:23:c6:29:
         8b:fb:c5:e2:2d:74:67:e0:82:8d:ec:80:88:96:11:f9:d0:7f:
         8d:c3:ed:16:e8:aa:cd:ae:b2:8a:3e:7a:68:27:2b:14:fb:16:
         32:8e:e9:74:d0:78:79:f0:81:92:8f:c8:7e:7a:20:82:be:32:
         f3:35:6c:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzVGM0MxMTAvBgNVBAUTKDIzQjMzQjkwMTZFMzExRUVBNkI3MjFDOEI5MzkzOUZC
MUE4NzBCRUMwHhcNMjMwMTAzMDEwMTA3WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IzN2U1My00NDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArTzbM6Kl5rawxoz1+CIN59LOP40ycXT6FP3N28kCnsobsoiq92PGmlw7IwTn
YqvTdSet53pTU4WHWdx5fl5sFqEgG4GUuKelQiCW/3ZUuXOp0FrgS1cZawgfbQUG
uuHUIkv9I8X5zj4N2AcxDkvt+pI7Bo2fwemwnX+z6dtVCucjLi5a9ovnAcaBGT9t
B8Je6JgzzbO/JwQa1JRvOZnRr6jLwpEA0Xk9xME+xciwb1CqWzlPuTGIzE4SSRjg
G0ItXMoK4o+ZtcBWhzmjJCGwKBldwKlR5iNxVTdSWTaL4Caq1Mvkj9xP/kXEJKsy
zjP+7PAMtpY/xmWw6CrK3bvGMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFDTrG3i
bf2bhS5zY25Au1/S/AL7MB8GA1UdIwQYMBaAFCOzO5AW4xHuprchyLk5Ofsahwvs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNUYzQy80Nzg2ODM2QTZB
QzkxMUVCODZDQjZCMjBDNEY5QUUwMi9JN003a0JiakVlNm10eUhJdVRrNS14cUhD
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0k3TTdrQmJqRWU2bXR5SEl1VGs1LXhxSEMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzVGM0MvNDc4NjgzNkE2QUM5MTFFQjg2Q0I2QjIwQzRGOUFFMDIvQzY3Nzk0OEM3
RkVEMTFFQkJGM0Y0NDFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoSIwDQYJKoZIhvcNAQELBQADggEBAFMTg2kqOpd1usig
uhcwn+aRTkZGEbF7+RGQ5fvRFs/xaXDD9EnZJ52EB7OIwoPB5rAPY/5pFKjsy0/B
+fhhXqDGydLpKX6ZjjSlTtcyzvXkbbuxu8ldV3XnmtgyTlLXppLyc2LlMnazjcaw
6+BO9PbhN6DGx+4lWT1QJXDbxP8WsnlLIZuzS2olfV8gsZrF8vPgem5bZ0z8giLw
OzSwYnrc/gxJ76yHpGnMTvlUFqpkBwuHPXwsp7/vn3tukgbbDDvgsCPGKYv7xeIt
dGfggo3sgIiWEfnQf43D7Rboqs2usoo+emgnKxT7FjKO6XTQeHnwgZKPyH56IIK+
MvM1bMU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org