Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143848/1618DB742BB611EEBB7D526AC4F9AE02/B8AD7FF62C4311EEBAD56D72C4F9AE02.roa
File:                     B8AD7FF62C4311EEBAD56D72C4F9AE02.roa (raw, json)
Hash identifier:          bhBAlE32BazdxI4AYTxJVc5NRlmvUR6h/HjLR5OC2n0=
Subject key identifier:   5B:C0:1C:01:9A:3C:86:37:65:AC:ED:50:CD:75:50:77:72:65:B8:1A
Certificate issuer:       /CN=A9143848/serialNumber=482D3E700EE5F1A4ADA7516F2E567834E710D135
Certificate serial:       12
Authority key identifier: 48:2D:3E:70:0E:E5:F1:A4:AD:A7:51:6F:2E:56:78:34:E7:10:D1:35
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC0-cA7l8aStp1FvLlZ4NOcQ0TU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143848/1618DB742BB611EEBB7D526AC4F9AE02/B8AD7FF62C4311EEBAD56D72C4F9AE02.roa
Signing time:             Thu 27 Jul 2023 06:06:27 +0000
ROA not before:           Thu 27 Jul 2023 06:06:27 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     139716
IP address blocks:        103.175.57.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143848/serialNumber=482D3E700EE5F1A4ADA7516F2E567834E710D135
        Validity
            Not Before: Jul 27 06:06:27 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=64c20963-ea14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:71:c7:fc:31:74:4a:14:fa:33:75:43:ff:b0:
                    27:5b:35:53:1b:25:22:32:05:4a:3b:11:58:be:73:
                    34:e9:71:30:df:3a:ed:3f:9c:4f:a0:62:22:27:8c:
                    4a:20:80:38:3e:99:d7:92:88:f7:77:6c:f2:ce:b5:
                    13:36:34:3a:53:b8:38:77:c9:f9:d6:c4:03:15:d5:
                    c4:1b:80:84:ba:76:65:6b:8b:0a:26:c3:21:0d:01:
                    c5:e7:18:df:44:d2:52:b6:9a:3b:c6:f8:67:9a:41:
                    56:b5:0f:e8:87:1f:85:24:ad:43:e9:c7:5d:ac:6b:
                    f7:4d:ea:54:6d:35:f7:da:86:83:7b:5a:fe:15:d5:
                    ae:91:19:a3:92:bb:90:ca:ee:bb:3d:d3:d8:92:ec:
                    ec:2d:94:28:0d:e5:84:9d:82:0a:34:ad:8d:44:66:
                    78:1f:a0:aa:bd:64:7b:15:f0:2a:e9:62:5e:a7:f9:
                    1d:65:95:bd:fd:3a:d1:ab:34:64:1d:98:7f:5e:21:
                    f4:40:ff:60:9c:60:fa:9e:10:aa:2f:2d:93:15:38:
                    d4:da:3b:2a:55:18:05:ec:8e:99:64:be:15:60:d9:
                    e1:a7:81:f8:43:b4:61:8f:b8:79:f7:2d:db:b7:5a:
                    b3:a7:d5:b7:74:28:de:2e:b2:21:53:88:bf:b6:79:
                    9f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:C0:1C:01:9A:3C:86:37:65:AC:ED:50:CD:75:50:77:72:65:B8:1A
            X509v3 Authority Key Identifier:
                keyid:48:2D:3E:70:0E:E5:F1:A4:AD:A7:51:6F:2E:56:78:34:E7:10:D1:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143848/1618DB742BB611EEBB7D526AC4F9AE02/SC0-cA7l8aStp1FvLlZ4NOcQ0TU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC0-cA7l8aStp1FvLlZ4NOcQ0TU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143848/1618DB742BB611EEBB7D526AC4F9AE02/B8AD7FF62C4311EEBAD56D72C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.175.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:4e:8e:27:7c:71:ac:37:d7:9a:a8:5a:1d:be:38:5c:ce:5b:
         3f:17:11:de:82:e2:b1:b2:fa:69:43:73:d9:57:b7:7f:a9:36:
         18:7a:b3:be:59:38:0c:df:0c:ff:10:f7:2b:eb:fb:8f:bc:ef:
         7c:44:ca:b5:c3:39:0e:6b:dc:26:c4:94:af:7a:94:c0:03:0c:
         dd:68:51:92:25:01:1d:0b:90:88:bd:f0:28:42:31:04:55:d0:
         11:88:8b:41:d4:70:3b:87:cf:e5:59:fa:ff:9d:ad:28:43:d2:
         a2:09:f8:5f:b0:e6:f0:fd:8d:8d:fa:f3:56:55:d6:27:19:98:
         b5:83:8d:1a:8d:b3:41:5c:ff:60:ab:e2:65:f0:18:52:7b:55:
         87:d0:96:77:d7:f8:a7:72:15:cb:bb:ed:66:26:8f:e2:bc:95:
         12:4b:2e:7a:55:c3:3e:13:8a:84:24:8c:ab:9d:01:bf:2c:45:
         99:7b:5e:00:2f:10:da:bc:38:e4:5b:af:2d:c0:13:0c:a9:9e:
         1b:f9:7b:2d:7e:d7:14:86:fe:52:34:4e:05:03:a0:e9:09:7e:
         6f:8d:46:65:e4:8b:10:bb:9b:28:a7:c2:ad:a8:ef:85:44:0e:
         a5:4c:c1:c8:2e:38:c6:88:3e:43:31:08:eb:af:23:9d:55:f6:
         4c:3d:50:a3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
Mzg0ODExMC8GA1UEBRMoNDgyRDNFNzAwRUU1RjFBNEFEQTc1MTZGMkU1Njc4MzRF
NzEwRDEzNTAeFw0yMzA3MjcwNjA2MjdaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YzIwOTYzLWVhMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1ccf8MXRKFPozdUP/sCdbNVMbJSIyBUo7EVi+czTpcTDfOu0/nE+gYiInjEog
gDg+mdeSiPd3bPLOtRM2NDpTuDh3yfnWxAMV1cQbgIS6dmVriwomwyENAcXnGN9E
0lK2mjvG+GeaQVa1D+iHH4UkrUPpx12sa/dN6lRtNffahoN7Wv4V1a6RGaOSu5DK
7rs909iS7OwtlCgN5YSdggo0rY1EZngfoKq9ZHsV8CrpYl6n+R1llb39OtGrNGQd
mH9eIfRA/2CcYPqeEKovLZMVONTaOypVGAXsjplkvhVg2eGngfhDtGGPuHn3Ldu3
WrOn1bd0KN4usiFTiL+2eZ/tAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUW8AcAZo8
hjdlrO1QzXVQd3JluBowHwYDVR0jBBgwFoAUSC0+cA7l8aStp1FvLlZ4NOcQ0TUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQzODQ4LzE2MThEQjc0MkJC
NjExRUVCQjdENTI2QUM0RjlBRTAyL1NDMC1jQTdsOGFTdHAxRnZMbFo0Tk9jUTBU
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU0MwLWNBN2w4YVN0cDFGdkxsWjROT2NRMFRVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
Mzg0OC8xNjE4REI3NDJCQjYxMUVFQkI3RDUyNkFDNEY5QUUwMi9COEFEN0ZGNjJD
NDMxMUVFQkFENTZENzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGevOTANBgkqhkiG9w0BAQsFAAOCAQEAG06OJ3xxrDfXmqha
Hb44XM5bPxcR3oLisbL6aUNz2Ve3f6k2GHqzvlk4DN8M/xD3K+v7j7zvfETKtcM5
DmvcJsSUr3qUwAMM3WhRkiUBHQuQiL3wKEIxBFXQEYiLQdRwO4fP5Vn6/52tKEPS
ogn4X7Dm8P2NjfrzVlXWJxmYtYONGo2zQVz/YKviZfAYUntVh9CWd9f4p3IVy7vt
ZiaP4ryVEksuelXDPhOKhCSMq50BvyxFmXteAC8Q2rw45FuvLcATDKmeG/l7LX7X
FIb+UjROBQOg6Ql+b41GZeSLELubKKfCrajvhUQOpUzByC44xog+QzEI668jnVX2
TD1Qow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org