Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91493FC/A96F4B789AF311ED901AE45AC4F9AE02/394512949AF611ED8D41985BC4F9AE02.roa
File:                     394512949AF611ED8D41985BC4F9AE02.roa (raw, json)
Hash identifier:          22prOoYrboX+c8pm2X2O23xS9XwuZNT4Cx3+aUfp0m4=
Subject key identifier:   C9:6A:AE:42:9E:6C:50:EA:A9:96:B3:78:CC:23:90:BA:13:0F:85:58
Certificate issuer:       /CN=A91493FC/serialNumber=E1C1C72B6793A903BA3DE031027519B43021756A
Certificate serial:       03
Authority key identifier: E1:C1:C7:2B:67:93:A9:03:BA:3D:E0:31:02:75:19:B4:30:21:75:6A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4cHHK2eTqQO6PeAxAnUZtDAhdWo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91493FC/A96F4B789AF311ED901AE45AC4F9AE02/394512949AF611ED8D41985BC4F9AE02.roa
Signing time:             Mon 23 Jan 2023 08:16:24 +0000
ROA not before:           Mon 23 Jan 2023 08:16:24 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     137391
IP address blocks:        103.72.212.0/23 maxlen: 23
                          103.72.213.0/24 maxlen: 24
                          2001:df1:da40::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91493FC/serialNumber=E1C1C72B6793A903BA3DE031027519B43021756A
        Validity
            Not Before: Jan 23 08:16:24 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=63ce4257-7596
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3b:6a:3e:5a:47:b2:eb:6f:77:3b:1f:66:37:
                    1f:0a:48:98:27:df:66:f6:65:0a:f1:e4:fc:ed:ef:
                    ce:b4:9d:69:67:8d:c7:c6:1e:df:34:f7:71:92:81:
                    8e:a6:67:3f:7c:61:eb:5d:85:06:bb:0d:f0:23:44:
                    76:f3:7e:1b:89:13:1a:bf:40:b1:d2:ae:89:59:a3:
                    61:54:95:86:75:93:78:c6:3f:6b:18:4e:93:d6:9e:
                    15:e1:7f:5b:ee:4c:92:6b:ed:a6:70:86:4b:9d:ee:
                    72:cb:5a:7e:d9:37:f7:66:4b:a2:b9:a2:f2:b0:70:
                    7c:91:ad:9c:2b:b6:6d:c5:ff:b9:1f:3a:61:43:7f:
                    94:c0:d2:ab:7e:42:75:d0:cb:29:f2:15:2c:03:a7:
                    fe:88:83:cd:d6:df:06:49:d7:ba:05:8e:bc:ef:30:
                    3b:fa:e8:82:38:03:c8:ef:4c:25:13:e1:39:b4:2c:
                    e3:57:7b:11:21:09:c8:db:dc:e9:3e:79:05:87:37:
                    01:32:08:97:e7:b2:93:25:7b:8e:64:c1:b3:ce:1e:
                    d6:c2:b3:0d:d5:92:18:1d:89:34:ae:c8:b7:2a:77:
                    a4:3f:f9:4f:72:d3:1c:f2:0d:43:4c:61:c5:14:cd:
                    61:9f:71:9e:38:4c:95:1a:9d:43:ff:75:07:f2:4a:
                    24:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:6A:AE:42:9E:6C:50:EA:A9:96:B3:78:CC:23:90:BA:13:0F:85:58
            X509v3 Authority Key Identifier:
                keyid:E1:C1:C7:2B:67:93:A9:03:BA:3D:E0:31:02:75:19:B4:30:21:75:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91493FC/A96F4B789AF311ED901AE45AC4F9AE02/4cHHK2eTqQO6PeAxAnUZtDAhdWo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4cHHK2eTqQO6PeAxAnUZtDAhdWo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91493FC/A96F4B789AF311ED901AE45AC4F9AE02/394512949AF611ED8D41985BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.72.212.0/23
                IPv6:
                  2001:df1:da40::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:f0:0d:dc:7b:14:8a:4d:5a:5b:b8:bc:62:25:e6:b0:73:15:
         1b:38:36:be:21:e2:9f:57:96:fb:52:8d:d7:0d:24:aa:4b:29:
         f7:52:0d:36:bc:9a:9d:b8:69:f6:99:83:8b:84:8a:15:ab:08:
         19:33:c5:92:31:3a:4f:39:02:64:3d:6e:96:c1:99:bc:3c:8d:
         59:32:de:69:be:92:00:88:1b:f9:29:73:94:59:8d:2d:3b:97:
         78:33:3a:e8:cf:dd:c3:b4:7d:47:35:26:0c:a8:9f:f2:fd:11:
         96:c1:bb:bc:fd:63:2f:ac:06:b3:b2:cb:72:6e:86:c1:58:be:
         c4:04:89:a5:eb:ef:0c:2a:55:f2:6a:39:a8:92:15:ab:b8:af:
         65:c3:7d:09:38:23:24:4a:5e:d3:4d:86:90:05:81:ee:e0:0c:
         53:49:0c:17:75:f1:39:b3:f8:18:10:d2:6e:c1:b9:e1:d5:59:
         58:8e:84:ba:ee:ae:2a:17:ca:ef:ee:1d:af:45:bd:77:c0:61:
         92:18:54:97:61:87:5b:c5:7d:f5:6a:2d:2d:1b:b9:ef:24:a7:
         01:74:55:c6:24:f6:8f:27:d3:5d:f7:8b:27:bd:9c:e1:bf:e8:
         2c:04:f7:7f:b8:aa:27:86:b0:7a:30:54:c7:50:d7:8f:92:f5:
         e7:e3:26:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
OTNGQzExMC8GA1UEBRMoRTFDMUM3MkI2NzkzQTkwM0JBM0RFMDMxMDI3NTE5QjQz
MDIxNzU2QTAeFw0yMzAxMjMwODE2MjRaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzY2U0MjU3LTc1OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpO2o+Wkey6293Ox9mNx8KSJgn32b2ZQrx5Pzt7860nWlnjcfGHt8093GSgY6m
Zz98YetdhQa7DfAjRHbzfhuJExq/QLHSrolZo2FUlYZ1k3jGP2sYTpPWnhXhf1vu
TJJr7aZwhkud7nLLWn7ZN/dmS6K5ovKwcHyRrZwrtm3F/7kfOmFDf5TA0qt+QnXQ
yynyFSwDp/6Ig83W3wZJ17oFjrzvMDv66II4A8jvTCUT4Tm0LONXexEhCcjb3Ok+
eQWHNwEyCJfnspMle45kwbPOHtbCsw3VkhgdiTSuyLcqd6Q/+U9y0xzyDUNMYcUU
zWGfcZ44TJUanUP/dQfySiRvAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUyWquQp5s
UOqplrN4zCOQuhMPhVgwHwYDVR0jBBgwFoAU4cHHK2eTqQO6PeAxAnUZtDAhdWow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5M0ZDL0E5NkY0Qjc4OUFG
MzExRUQ5MDFBRTQ1QUM0RjlBRTAyLzRjSEhLMmVUcVFPNlBlQXhBblVadERBaGRX
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNGNISEsyZVRxUU82UGVBeEFuVVp0REFoZFdvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OTNGQy9BOTZGNEI3ODlBRjMxMUVEOTAxQUU0NUFDNEY5QUUwMi8zOTQ1MTI5NDlB
RjYxMUVEOEQ0MTk4NUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdI1DAPBAIAAjAJAwcAIAEN8dpAMA0GCSqGSIb3DQEBCwUA
A4IBAQBp8A3cexSKTVpbuLxiJeawcxUbODa+IeKfV5b7Uo3XDSSqSyn3Ug02vJqd
uGn2mYOLhIoVqwgZM8WSMTpPOQJkPW6WwZm8PI1ZMt5pvpIAiBv5KXOUWY0tO5d4
Mzroz93DtH1HNSYMqJ/y/RGWwbu8/WMvrAazsstybobBWL7EBIml6+8MKlXyajmo
khWruK9lw30JOCMkSl7TTYaQBYHu4AxTSQwXdfE5s/gYENJuwbnh1VlYjoS67q4q
F8rv7h2vRb13wGGSGFSXYYdbxX31ai0tG7nvJKcBdFXGJPaPJ9Nd94snvZzhv+gs
BPd/uKonhrB6MFTHUNePkvXn4yaU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org