Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913FF2C/ED3556DA5F3111EC81CCA878C4F9AE02/B0FD916A454E11EDB2945A46C4F9AE02.roa
File:                     B0FD916A454E11EDB2945A46C4F9AE02.roa (raw, json)
Hash identifier:          U+ETF7FTLtf0SoH1bdZV6kbGcOMyqZYv800gDYQqaWM=
Subject key identifier:   D3:09:1B:07:51:C5:DA:93:CE:63:CC:32:5C:D8:D5:7D:24:23:DC:F9
Certificate issuer:       /CN=A913FF2C/serialNumber=FE3DA17B54A4D42F7C5C9A8A67D379067A76080E
Certificate serial:       028A
Authority key identifier: FE:3D:A1:7B:54:A4:D4:2F:7C:5C:9A:8A:67:D3:79:06:7A:76:08:0E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_j2he1Sk1C98XJqKZ9N5Bnp2CA4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913FF2C/ED3556DA5F3111EC81CCA878C4F9AE02/B0FD916A454E11EDB2945A46C4F9AE02.roa
Signing time:             Fri 13 Jan 2023 04:03:25 +0000
ROA not before:           Fri 13 Jan 2023 04:03:25 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     139648
IP address blocks:        103.178.34.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 650 (0x28a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913FF2C/serialNumber=FE3DA17B54A4D42F7C5C9A8A67D379067A76080E
        Validity
            Not Before: Jan 13 04:03:25 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63c0d80d-bc98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:74:7b:d4:64:0b:b3:7a:0a:8d:41:cc:bf:f3:
                    bb:61:cb:d5:49:02:4c:bf:73:d2:9f:2b:78:a8:e3:
                    44:d9:12:08:96:df:ff:e7:5d:f8:e5:95:54:79:8a:
                    02:19:87:67:fe:52:bc:a6:b6:a6:6c:9f:80:cb:40:
                    58:17:9d:b6:f4:eb:b4:a1:25:b6:70:63:e2:da:7b:
                    9a:75:bf:66:bf:68:db:a8:23:f9:0c:16:8f:d5:b9:
                    39:9c:4d:01:43:1b:f8:38:b4:f5:bb:7a:3a:65:c9:
                    fb:80:c0:f4:2b:64:38:91:06:af:2e:bf:f0:6b:ad:
                    ee:62:7b:6c:a3:b4:00:0b:51:77:ba:13:be:7c:43:
                    55:01:f1:05:51:fb:a3:6d:9c:5f:cb:08:f3:7f:1c:
                    69:79:e4:dc:29:31:60:0a:26:f9:2a:74:76:22:5a:
                    8c:9a:9d:7b:65:be:32:cd:12:00:be:75:9e:d5:a2:
                    30:a8:3e:03:32:d1:1f:a4:bb:7a:e3:e7:4f:e3:b7:
                    23:d0:0b:d8:f9:57:5c:5a:5f:c1:c4:88:4d:7b:46:
                    69:ab:3e:ef:f5:a8:b8:c9:64:3a:99:bd:89:94:07:
                    d6:04:1a:79:5f:b6:5c:d6:af:dc:97:46:2f:f8:e7:
                    c0:8a:9e:31:b5:bd:0b:ee:7f:1c:14:a7:46:eb:36:
                    c8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:09:1B:07:51:C5:DA:93:CE:63:CC:32:5C:D8:D5:7D:24:23:DC:F9
            X509v3 Authority Key Identifier:
                keyid:FE:3D:A1:7B:54:A4:D4:2F:7C:5C:9A:8A:67:D3:79:06:7A:76:08:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913FF2C/ED3556DA5F3111EC81CCA878C4F9AE02/_j2he1Sk1C98XJqKZ9N5Bnp2CA4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_j2he1Sk1C98XJqKZ9N5Bnp2CA4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FF2C/ED3556DA5F3111EC81CCA878C4F9AE02/B0FD916A454E11EDB2945A46C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:7b:1b:36:e2:a5:26:dd:bf:52:66:6e:7b:6e:fc:3b:a1:25:
         a3:10:b7:dd:4b:89:ce:8a:5f:1b:77:6b:11:fc:7d:ae:05:1a:
         ba:ce:4b:ce:32:6a:09:6c:71:1b:13:08:ac:1b:be:4b:d7:7b:
         ad:05:3c:94:24:01:46:27:ab:e8:af:0f:43:f5:45:0c:1a:ac:
         53:3d:3f:d1:ae:ec:9e:aa:ca:bd:6e:86:75:c6:68:9e:54:dd:
         09:f8:65:ec:22:20:74:7e:d9:df:1f:97:b9:df:4c:4e:fa:cc:
         8d:f3:13:be:b5:99:9d:87:94:f6:76:1c:bc:ee:e7:ce:98:73:
         32:fb:bb:ad:c0:44:da:3a:33:d1:ea:69:7a:06:56:d8:10:22:
         77:fb:2d:79:9f:53:83:36:ad:8e:e0:9b:5c:4b:e7:c6:a3:19:
         94:11:9e:42:e8:d0:10:7e:c5:8a:8c:16:12:98:ad:34:f2:80:
         98:0c:06:79:2b:38:b5:42:73:f9:c3:5f:d3:c2:1a:18:e4:d1:
         fc:a9:58:6c:07:d0:82:f3:2a:fc:e8:e0:f3:2b:2d:94:8f:b5:
         18:59:8c:cb:4c:a7:cc:59:26:9c:03:65:8f:4f:e9:63:dc:cc:
         c6:1c:e9:ad:c0:47:c3:5a:43:2d:8b:99:32:52:9c:9c:d8:dd:
         8f:f3:cf:99
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0ZGMkMxMTAvBgNVBAUTKEZFM0RBMTdCNTRBNEQ0MkY3QzVDOUE4QTY3RDM3OTA2
N0E3NjA4MEUwHhcNMjMwMTEzMDQwMzI1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MwZDgwZC1iYzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnR71GQLs3oKjUHMv/O7YcvVSQJMv3PSnyt4qONE2RIIlt//51345ZVUeYoC
GYdn/lK8prambJ+Ay0BYF5229Ou0oSW2cGPi2nuadb9mv2jbqCP5DBaP1bk5nE0B
Qxv4OLT1u3o6Zcn7gMD0K2Q4kQavLr/wa63uYntso7QAC1F3uhO+fENVAfEFUfuj
bZxfywjzfxxpeeTcKTFgCib5KnR2IlqMmp17Zb4yzRIAvnWe1aIwqD4DMtEfpLt6
4+dP47cj0AvY+VdcWl/BxIhNe0Zpqz7v9ai4yWQ6mb2JlAfWBBp5X7Zc1q/cl0Yv
+OfAip4xtb0L7n8cFKdG6zbIQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNMJGwdR
xdqTzmPMMlzY1X0kI9z5MB8GA1UdIwQYMBaAFP49oXtUpNQvfFyaimfTeQZ6dggO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRkYyQy9FRDM1NTZEQTVG
MzExMUVDODFDQ0E4NzhDNEY5QUUwMi9fajJoZTFTazFDOThYSnFLWjlONUJucDJD
QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qMmhlMVNrMUM5OFhKcUtaOU41Qm5wMkNBNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0ZGMkMvRUQzNTU2REE1RjMxMTFFQzgxQ0NBODc4QzRGOUFFMDIvQjBGRDkxNkE0
NTRFMTFFREIyOTQ1QTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsiIwDQYJKoZIhvcNAQELBQADggEBAF97GzbipSbdv1Jm
bntu/DuhJaMQt91Lic6KXxt3axH8fa4FGrrOS84yaglscRsTCKwbvkvXe60FPJQk
AUYnq+ivD0P1RQwarFM9P9Gu7J6qyr1uhnXGaJ5U3Qn4ZewiIHR+2d8fl7nfTE76
zI3zE761mZ2HlPZ2HLzu586YczL7u63ARNo6M9HqaXoGVtgQInf7LXmfU4M2rY7g
m1xL58ajGZQRnkLo0BB+xYqMFhKYrTTygJgMBnkrOLVCc/nDX9PCGhjk0fypWGwH
0ILzKvzo4PMrLZSPtRhZjMtMp8xZJpwDZY9P6WPczMYc6a3AR8NaQy2LmTJSnJzY
3Y/zz5k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org