Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/3FEFF054396811ED8AF52966C4F9AE02.roa
File:                     3FEFF054396811ED8AF52966C4F9AE02.roa (raw, json)
Hash identifier:          x0QtpuQALCcoIHO6jgIh+4CKQb4Nq1JLJdVH6pRFPKM=
Subject key identifier:   51:78:AC:4F:B2:89:23:95:3A:10:67:4A:51:98:A8:37:50:1A:97:1D
Certificate issuer:       /CN=A915087F/serialNumber=3A6DD4B70C4560EAC37E81E622CC43809F523B4B
Certificate serial:       EB
Authority key identifier: 3A:6D:D4:B7:0C:45:60:EA:C3:7E:81:E6:22:CC:43:80:9F:52:3B:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/3FEFF054396811ED8AF52966C4F9AE02.roa
Signing time:             Thu 28 Sep 2023 16:25:15 +0000
ROA not before:           Thu 28 Sep 2023 16:25:15 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     4803
IP address blocks:        103.1.158.0/24 maxlen: 24
                          2001:df1:4640::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 235 (0xeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915087F/serialNumber=3A6DD4B70C4560EAC37E81E622CC43809F523B4B
        Validity
            Not Before: Sep 28 16:25:15 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6515a8eb-1218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b5:49:b1:e8:6e:77:53:94:58:f7:b6:27:d5:
                    44:cd:52:88:98:ba:e7:da:61:58:ca:a8:13:34:01:
                    d8:31:cf:bd:36:ed:0b:da:99:f0:0b:db:3b:8f:7b:
                    a9:34:6e:8c:01:45:07:19:3f:3a:39:93:f1:8c:be:
                    c3:90:f4:05:1f:df:10:d6:50:6e:86:1a:d1:40:d6:
                    85:fc:a9:5c:c9:e1:84:da:d0:01:c9:75:37:22:e5:
                    21:e3:94:04:7c:53:a2:11:af:58:fc:11:57:f7:79:
                    ed:59:78:67:f1:25:e1:28:28:7c:c4:83:f4:94:b5:
                    af:53:9c:51:e7:e0:e1:42:f8:34:ee:07:54:f5:ce:
                    59:61:24:c1:73:e4:96:e9:2f:5d:f2:66:f8:12:b9:
                    6c:2c:3e:38:ab:56:8c:af:c6:1a:cf:8b:03:c7:82:
                    8a:82:aa:3b:27:d5:d2:9f:0e:2b:8d:78:70:52:22:
                    c0:32:7a:9d:6c:f9:8b:44:cf:0a:5e:f5:eb:21:84:
                    e7:d4:58:d3:23:17:15:20:42:28:47:fc:92:47:8a:
                    55:47:53:9a:0d:a7:bf:f4:ad:04:3d:be:ee:18:e2:
                    fb:df:6f:a0:b4:02:6d:b4:4f:3a:6a:83:70:76:14:
                    7c:c2:bb:9e:0e:7c:a7:ba:b1:85:0d:6b:1e:37:9b:
                    60:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:78:AC:4F:B2:89:23:95:3A:10:67:4A:51:98:A8:37:50:1A:97:1D
            X509v3 Authority Key Identifier:
                keyid:3A:6D:D4:B7:0C:45:60:EA:C3:7E:81:E6:22:CC:43:80:9F:52:3B:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/3FEFF054396811ED8AF52966C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.1.158.0/24
                IPv6:
                  2001:df1:4640::/48

    Signature Algorithm: sha256WithRSAEncryption
         66:e1:b4:87:14:9f:a4:97:a6:f6:98:f6:9a:6d:31:81:35:cd:
         51:1d:a0:90:b8:68:5e:e0:ba:22:62:41:4c:aa:78:05:f9:29:
         15:98:f2:aa:b1:37:5d:17:d3:11:97:7c:63:4f:88:8b:a4:d2:
         3f:32:7a:37:d2:58:91:ce:e8:9c:1a:07:ae:89:a7:b9:69:5f:
         2c:75:41:0d:38:ec:50:96:55:92:8b:87:30:6a:3b:0f:cb:19:
         e4:e0:53:e3:b5:59:d8:f3:61:d1:d2:73:ec:42:ec:0c:03:48:
         6a:6e:54:2d:10:ea:db:4e:ed:a6:e5:9e:9d:48:99:a6:79:01:
         b3:fa:ee:3b:24:88:d4:04:3c:93:bc:ed:2e:28:78:e7:d3:8d:
         aa:61:f6:65:35:5a:a0:11:2a:11:c5:f1:06:44:52:7b:9b:59:
         0b:77:16:13:db:ac:43:b0:ce:73:66:b5:ed:9d:14:d1:5f:d5:
         2d:d7:ee:7f:87:a9:3a:f7:ed:06:11:2c:91:39:06:cf:8c:41:
         a8:3f:51:15:88:02:de:cc:6e:4d:99:61:aa:f9:f2:74:8d:d7:
         a7:46:15:c7:a4:2d:bf:84:7c:df:63:bd:2b:72:02:c0:e1:b6:
         c6:95:05:c9:89:8b:ea:c1:0b:b6:2a:ec:79:46:c6:0b:08:49:
         05:fc:2a:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTA4N0YxMTAvBgNVBAUTKDNBNkRENEI3MEM0NTYwRUFDMzdFODFFNjIyQ0M0Mzgw
OUY1MjNCNEIwHhcNMjMwOTI4MTYyNTE1WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YThlYi0xMjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAurVJsehud1OUWPe2J9VEzVKImLrn2mFYyqgTNAHYMc+9Nu0L2pnwC9s7j3up
NG6MAUUHGT86OZPxjL7DkPQFH98Q1lBuhhrRQNaF/KlcyeGE2tAByXU3IuUh45QE
fFOiEa9Y/BFX93ntWXhn8SXhKCh8xIP0lLWvU5xR5+DhQvg07gdU9c5ZYSTBc+SW
6S9d8mb4ErlsLD44q1aMr8Yaz4sDx4KKgqo7J9XSnw4rjXhwUiLAMnqdbPmLRM8K
XvXrIYTn1FjTIxcVIEIoR/ySR4pVR1OaDae/9K0EPb7uGOL732+gtAJttE86aoNw
dhR8wrueDnynurGFDWseN5tgEwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFF4rE+y
iSOVOhBnSlGYqDdQGpcdMB8GA1UdIwQYMBaAFDpt1LcMRWDqw36B5iLMQ4CfUjtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDg3Ri9GNzMxOTZBQTMz
RTExMUVEQjNBMEVBNThDNEY5QUUwMi9PbTNVdHd4RllPckRmb0htSXN4RGdKOVNP
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09tM1V0d3hGWU9yRGZvSG1Jc3hEZ0o5U08wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTA4N0YvRjczMTk2QUEzM0UxMTFFREIzQTBFQTU4QzRGOUFFMDIvM0ZFRkYwNTQz
OTY4MTFFRDhBRjUyOTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnAZ4wDwQCAAIwCQMHACABDfFGQDANBgkqhkiG9w0BAQsF
AAOCAQEAZuG0hxSfpJem9pj2mm0xgTXNUR2gkLhoXuC6ImJBTKp4BfkpFZjyqrE3
XRfTEZd8Y0+Ii6TSPzJ6N9JYkc7onBoHromnuWlfLHVBDTjsUJZVkouHMGo7D8sZ
5OBT47VZ2PNh0dJz7ELsDANIam5ULRDq207tpuWenUiZpnkBs/ruOySI1AQ8k7zt
Lih459ONqmH2ZTVaoBEqEcXxBkRSe5tZC3cWE9usQ7DOc2a17Z0U0V/VLdfuf4ep
OvftBhEskTkGz4xBqD9RFYgC3sxuTZlhqvnydI3Xp0YVx6Qtv4R832O9K3ICwOG2
xpUFyYmL6sELtirseUbGCwhJBfwqsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-ams.rpki-client.org