Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/EAA44EA2AC4D11ED802FA145C4F9AE02.roa
File:                     EAA44EA2AC4D11ED802FA145C4F9AE02.roa (raw, json)
Hash identifier:          IEkb3dIdpX9Jc6KLPwDcAcM6tlk5LqItmmYe6sbhW94=
Subject key identifier:   9E:67:15:9B:15:3C:83:02:4F:7C:A3:BC:D3:78:69:8D:30:9D:C1:D1
Certificate issuer:       /CN=A913BA97/serialNumber=AFD943E4B142763659E08F8DBF6CE7E6D80CC517
Certificate serial:       02
Authority key identifier: AF:D9:43:E4:B1:42:76:36:59:E0:8F:8D:BF:6C:E7:E6:D8:0C:C5:17
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/EAA44EA2AC4D11ED802FA145C4F9AE02.roa
Signing time:             Tue 14 Feb 2023 09:56:57 +0000
ROA not before:           Tue 14 Feb 2023 09:56:57 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     134952
IP address blocks:        103.85.182.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913BA97/serialNumber=AFD943E4B142763659E08F8DBF6CE7E6D80CC517
        Validity
            Not Before: Feb 14 09:56:57 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=63eb5ae9-9ee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:42:b9:4f:6d:3c:5d:b5:fa:6e:b4:31:eb:6e:
                    3a:d3:f4:b3:c7:4d:77:aa:e8:f8:e2:26:c8:cc:04:
                    b8:bb:7a:3d:42:21:57:61:09:01:a8:5e:87:71:6c:
                    e0:7f:5a:1a:9a:a3:2e:e0:56:45:ce:02:2b:93:7e:
                    db:9e:45:50:47:f8:e8:4e:1e:f2:22:65:81:c6:05:
                    27:fd:97:1b:b4:9d:3c:9f:ef:f1:7c:a9:db:4e:5b:
                    c9:90:ea:3a:8a:53:32:47:c8:56:39:d0:38:a7:96:
                    5e:8c:42:45:1e:79:d2:8c:46:f5:11:78:91:11:e2:
                    c9:0c:5b:17:3c:87:e0:bd:08:28:54:43:ba:ef:db:
                    62:52:a3:e4:5e:8f:19:92:07:1c:a0:9e:32:5d:90:
                    25:9e:f3:c4:fe:17:23:70:04:40:13:a1:87:2c:1b:
                    10:49:cb:89:cb:94:48:b4:2c:2c:5b:9d:71:f6:bc:
                    dd:0f:94:81:af:e8:4a:a9:69:1f:09:16:10:14:39:
                    49:a6:63:67:6d:7c:63:22:63:37:db:3e:ee:62:25:
                    64:60:88:1c:b4:66:b6:88:ab:1f:63:53:e3:34:d6:
                    76:85:78:44:c9:19:25:56:4e:f1:5d:01:4e:27:b5:
                    59:6e:ed:95:d1:88:d4:cb:8c:96:aa:76:7f:21:e3:
                    f3:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:67:15:9B:15:3C:83:02:4F:7C:A3:BC:D3:78:69:8D:30:9D:C1:D1
            X509v3 Authority Key Identifier:
                keyid:AF:D9:43:E4:B1:42:76:36:59:E0:8F:8D:BF:6C:E7:E6:D8:0C:C5:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9lD5LFCdjZZ4I-Nv2zn5tgMxRc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913BA97/F1FEB1FEAC4A11EDA7F1B044C4F9AE02/EAA44EA2AC4D11ED802FA145C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b9:41:d4:ac:ab:3d:d3:9e:1f:ea:16:15:0d:77:48:a0:89:a8:
         01:4e:f5:1a:e2:bb:4b:f0:8e:61:49:e6:43:09:63:9e:93:66:
         bf:b9:03:32:58:74:9c:ce:ef:a5:63:a6:36:d6:55:4f:50:e2:
         72:68:6e:13:30:2d:a1:78:d2:74:32:66:62:ee:9c:05:98:1d:
         b9:67:c5:78:4f:a4:0f:10:a9:5b:2e:10:77:6a:23:a7:a1:f3:
         e3:de:ca:e8:67:f3:ed:07:8b:68:4c:3b:fd:99:50:12:d6:7d:
         dd:a5:f9:83:27:81:38:d3:7e:8c:28:3e:b4:6b:8f:46:95:e4:
         7e:21:6e:4b:94:b3:c1:9c:80:b8:28:1b:fe:ee:67:ba:43:1c:
         e5:bc:d7:70:9b:f2:e2:8c:02:58:d6:e0:a3:9f:15:7a:d3:e4:
         b6:2a:03:50:a1:91:ae:61:a7:81:01:cb:22:cd:6f:b2:29:24:
         5a:3a:9c:61:a1:02:c2:94:69:33:9a:98:76:0c:f4:e1:f0:8d:
         78:6d:3b:9c:41:87:91:53:d8:f0:7e:fd:32:38:1b:eb:de:bf:
         27:77:0e:a2:9b:82:05:f3:23:0a:73:bd:3e:44:65:cf:bb:6d:
         38:b0:23:fa:c2:15:dd:7e:3e:62:66:52:64:b8:58:69:40:11:
         da:70:27:1a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
QkE5NzExMC8GA1UEBRMoQUZEOTQzRTRCMTQyNzYzNjU5RTA4RjhEQkY2Q0U3RTZE
ODBDQzUxNzAeFw0yMzAyMTQwOTU2NTdaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZWI1YWU5LTllZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGQrlPbTxdtfputDHrbjrT9LPHTXeq6PjiJsjMBLi7ej1CIVdhCQGoXodxbOB/
Whqaoy7gVkXOAiuTftueRVBH+OhOHvIiZYHGBSf9lxu0nTyf7/F8qdtOW8mQ6jqK
UzJHyFY50Dinll6MQkUeedKMRvUReJER4skMWxc8h+C9CChUQ7rv22JSo+RejxmS
BxygnjJdkCWe88T+FyNwBEAToYcsGxBJy4nLlEi0LCxbnXH2vN0PlIGv6EqpaR8J
FhAUOUmmY2dtfGMiYzfbPu5iJWRgiBy0ZraIqx9jU+M01naFeETJGSVWTvFdAU4n
tVlu7ZXRiNTLjJaqdn8h4/PlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUnmcVmxU8
gwJPfKO803hpjTCdwdEwHwYDVR0jBBgwFoAUr9lD5LFCdjZZ4I+Nv2zn5tgMxRcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNCQTk3L0YxRkVCMUZFQUM0
QTExRURBN0YxQjA0NEM0RjlBRTAyL3I5bEQ1TEZDZGpaWjRJLU52MnpuNXRnTXhS
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcjlsRDVMRkNkalpaNEktTnYyem41dGdNeFJjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
QkE5Ny9GMUZFQjFGRUFDNEExMUVEQTdGMUIwNDRDNEY5QUUwMi9FQUE0NEVBMkFD
NEQxMUVEODAyRkExNDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdVtjANBgkqhkiG9w0BAQsFAAOCAQEAuUHUrKs9054f6hYV
DXdIoImoAU71GuK7S/COYUnmQwljnpNmv7kDMlh0nM7vpWOmNtZVT1DicmhuEzAt
oXjSdDJmYu6cBZgduWfFeE+kDxCpWy4Qd2ojp6Hz497K6Gfz7QeLaEw7/ZlQEtZ9
3aX5gyeBONN+jCg+tGuPRpXkfiFuS5SzwZyAuCgb/u5nukMc5bzXcJvy4owCWNbg
o58VetPktioDUKGRrmGngQHLIs1vsikkWjqcYaECwpRpM5qYdgz04fCNeG07nEGH
kVPY8H79Mjgb696/J3cOopuCBfMjCnO9PkRlz7ttOLAj+sIV3X4+YmZSZLhYaUAR
2nAnGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org