Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/33DB621447CF11EE839E975DC4F9AE02.roa
File:                     33DB621447CF11EE839E975DC4F9AE02.roa (raw, json)
Hash identifier:          z//xI/VUnpeUts2dGTWMzVN2TetIGkb1ju1/pyfKI10=
Subject key identifier:   95:A4:9A:B8:D7:B0:9B:77:18:2E:A3:4A:DD:7E:A2:1F:9C:E8:73:3C
Certificate issuer:       /CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Certificate serial:       E5
Authority key identifier: 74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/33DB621447CF11EE839E975DC4F9AE02.roa
Signing time:             Thu 31 Aug 2023 07:23:51 +0000
ROA not before:           Thu 31 Aug 2023 07:23:51 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     151786
IP address blocks:        103.7.4.0/24 maxlen: 24
                          2400:ac20:1000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 229 (0xe5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
        Validity
            Not Before: Aug 31 07:23:51 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=64f04007-0a51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d0:2d:67:91:80:e4:9e:8f:e3:3b:37:9a:a5:
                    04:40:54:e2:e7:a0:cc:26:54:74:59:03:73:91:19:
                    3a:78:ee:35:3b:51:1c:9d:b1:9d:63:32:22:a2:8e:
                    d0:bf:dd:e1:ff:2d:49:8c:fc:97:f4:ce:a3:b0:e7:
                    cf:17:2b:31:d9:ff:10:e4:79:fb:46:c1:bf:1d:83:
                    27:23:cc:6e:d6:e3:4d:7e:66:5a:d5:81:26:39:49:
                    a6:94:a9:96:42:50:5b:0c:da:4e:4c:d4:27:ea:00:
                    fe:c1:07:52:f4:9e:cc:74:fd:00:ab:7a:c7:62:74:
                    22:6a:de:0b:22:44:0d:b5:61:48:ee:ca:ae:c9:75:
                    6f:cc:74:a6:42:02:4b:0b:d6:0a:5f:04:26:d2:26:
                    0e:47:de:35:91:46:f5:0c:80:df:2e:06:05:27:85:
                    e5:8c:04:68:1b:13:e7:60:f2:8b:5f:ca:13:2f:ac:
                    c2:12:c1:d5:dd:bd:96:31:76:50:f9:da:2a:88:83:
                    33:9d:57:37:59:46:3d:e2:9e:be:fa:2d:df:09:02:
                    67:cd:9a:72:72:89:54:0e:c6:a9:7a:6f:21:0f:d8:
                    98:0d:42:aa:e7:d4:b8:f4:fd:3c:97:c9:e4:43:8d:
                    2b:f1:db:ac:81:af:fb:ed:72:fa:75:2f:75:38:8b:
                    9c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A4:9A:B8:D7:B0:9B:77:18:2E:A3:4A:DD:7E:A2:1F:9C:E8:73:3C
            X509v3 Authority Key Identifier:
                keyid:74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/dK62Py8dqVfWWCCWT_ed8PWTgAw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/33DB621447CF11EE839E975DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.7.4.0/24
                IPv6:
                  2400:ac20:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         00:41:f9:4c:63:c7:0f:fe:77:ff:05:30:3a:0a:27:82:64:4c:
         9e:d9:db:56:73:25:7c:b4:4d:ac:ca:46:f3:b7:01:f2:9a:77:
         55:62:66:14:fe:1a:ed:3c:31:36:8d:cb:2e:d8:4b:d1:4e:50:
         7e:eb:ff:1d:1b:e6:c1:79:3a:a8:b9:97:11:7f:47:c6:55:33:
         20:16:6c:35:64:59:aa:84:9a:db:cb:86:e2:56:92:a3:2d:9d:
         22:b3:51:69:b6:10:3b:64:a5:7f:6c:b8:09:72:6a:4c:d5:3d:
         73:26:16:70:30:5d:9a:e0:a1:12:1d:ef:47:5d:83:e9:ae:d9:
         7b:c1:ac:9f:c6:c6:20:af:ef:f8:69:0a:9e:a1:a4:30:b9:2f:
         cc:cd:95:6f:09:2e:7d:2f:b2:76:81:b8:6b:b3:19:72:2f:23:
         d3:c6:1a:80:e2:84:f7:b3:00:d1:48:da:52:6c:6b:5f:1a:75:
         d1:3d:df:01:fe:88:c9:bd:59:91:6f:44:b3:96:f3:24:65:8d:
         b6:b4:38:ae:49:11:ca:30:b5:7e:64:23:b0:dc:46:d6:3d:05:
         f6:e4:17:c7:8a:7d:e1:ee:81:04:b9:5e:31:0e:c8:dc:9f:4c:
         15:af:71:bb:cd:a0:4e:b9:e8:e0:6e:e3:41:df:ce:e5:2e:a4:
         7e:af:c9:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY2MUMxMTAvBgNVBAUTKDc0QUVCNjNGMkYxREE5NTdENjU4MjA5NjRGRjc5REYw
RjU5MzgwMEMwHhcNMjMwODMxMDcyMzUxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwNDAwNy0wYTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNAtZ5GA5J6P4zs3mqUEQFTi56DMJlR0WQNzkRk6eO41O1EcnbGdYzIioo7Q
v93h/y1JjPyX9M6jsOfPFysx2f8Q5Hn7RsG/HYMnI8xu1uNNfmZa1YEmOUmmlKmW
QlBbDNpOTNQn6gD+wQdS9J7MdP0Aq3rHYnQiat4LIkQNtWFI7squyXVvzHSmQgJL
C9YKXwQm0iYOR941kUb1DIDfLgYFJ4XljARoGxPnYPKLX8oTL6zCEsHV3b2WMXZQ
+doqiIMznVc3WUY94p6++i3fCQJnzZpycolUDsapem8hD9iYDUKq59S49P08l8nk
Q40r8dusga/77XL6dS91OIuc4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJWkmrjX
sJt3GC6jSt1+oh+c6HM8MB8GA1UdIwQYMBaAFHSutj8vHalX1lgglk/3nfD1k4AM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjYxQy83NzBDQkUyNDM2
QTYxMUVEOEZDMTcwMkNDNEY5QUUwMi9kSzYyUHk4ZHFWZldXQ0NXVF9lZDhQV1Rn
QXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RLNjJQeThkcVZmV1dDQ1dUX2VkOFBXVGdBdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY2MUMvNzcwQ0JFMjQzNkE2MTFFRDhGQzE3MDJDQzRGOUFFMDIvMzNEQjYyMTQ0
N0NGMTFFRTgzOUU5NzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnBwQwDgQCAAIwCAMGBCQArCAQMA0GCSqGSIb3DQEBCwUA
A4IBAQAAQflMY8cP/nf/BTA6CieCZEye2dtWcyV8tE2sykbztwHymndVYmYU/hrt
PDE2jcsu2EvRTlB+6/8dG+bBeTqouZcRf0fGVTMgFmw1ZFmqhJrby4biVpKjLZ0i
s1FpthA7ZKV/bLgJcmpM1T1zJhZwMF2a4KESHe9HXYPprtl7wayfxsYgr+/4aQqe
oaQwuS/MzZVvCS59L7J2gbhrsxlyLyPTxhqA4oT3swDRSNpSbGtfGnXRPd8B/ojJ
vVmRb0SzlvMkZY22tDiuSRHKMLV+ZCOw3EbWPQX25BfHin3h7oEEuV4xDsjcn0wV
r3G7zaBOuejgbuNB387lLqR+r8kc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org