Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915547C/576CCD2A0C5311ED8327470AC4F9AE02/40B1F08A0C5611EDBBC3A10FC4F9AE02.roa
File:                     40B1F08A0C5611EDBBC3A10FC4F9AE02.roa (raw, json)
Hash identifier:          79QnO+B0AqCdGykVqCZnVckRJIooNwg9vpp0BFVpL3w=
Subject key identifier:   C2:00:34:1E:8A:84:B0:10:36:A7:D3:69:ED:F4:8A:20:7C:37:7E:D1
Certificate issuer:       /CN=A915547C/serialNumber=C9360EC91EEC14B07ED792FD3B0FBAB7FF9F642E
Certificate serial:       04
Authority key identifier: C9:36:0E:C9:1E:EC:14:B0:7E:D7:92:FD:3B:0F:BA:B7:FF:9F:64:2E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yTYOyR7sFLB-15L9Ow-6t_-fZC4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915547C/576CCD2A0C5311ED8327470AC4F9AE02/40B1F08A0C5611EDBBC3A10FC4F9AE02.roa
Signing time:             Mon 25 Jul 2022 20:33:09 +0000
ROA not before:           Mon 25 Jul 2022 20:33:09 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     59253
IP address blocks:        103.191.50.0/24 maxlen: 24
                          103.191.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915547C/serialNumber=C9360EC91EEC14B07ED792FD3B0FBAB7FF9F642E
        Validity
            Not Before: Jul 25 20:33:09 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=62defe05-ef75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:79:ef:4d:d6:16:fb:44:61:04:cc:1a:fc:2d:
                    bb:72:45:1f:27:64:55:55:cc:96:57:53:da:bc:5b:
                    80:41:25:10:ec:97:32:a5:c1:cc:26:3a:ee:77:f9:
                    5a:0e:67:4c:25:58:1a:2d:cb:fa:8a:73:8e:95:cb:
                    18:f3:60:1b:19:69:aa:5b:54:9a:1a:20:c9:18:84:
                    c1:06:a4:08:d4:6b:fa:61:ca:88:c5:2b:e0:26:4b:
                    2d:73:33:57:e5:01:e4:b2:c9:6c:11:18:2c:b7:d2:
                    55:59:93:c0:d5:eb:a3:ef:db:45:3e:9d:70:e1:f5:
                    10:6e:94:01:39:76:9d:f9:a9:e1:85:55:5c:2a:5a:
                    48:fd:53:8a:60:ec:9f:63:89:7a:4a:da:dd:8b:49:
                    d7:88:09:90:db:04:71:29:c6:89:12:cd:0d:9e:fd:
                    f2:a0:34:68:94:de:8e:69:0a:8e:17:5c:6e:9c:f6:
                    47:a7:fe:33:3e:c4:c6:02:7b:da:bf:5e:66:e3:8a:
                    cc:ec:0d:4e:24:1e:dc:ab:e9:c9:49:de:6d:0b:e2:
                    44:8d:ea:f7:fb:71:fe:bc:d5:aa:ae:f3:0c:9b:81:
                    e2:85:9e:5a:15:e7:64:42:6a:8b:8a:f0:a8:11:67:
                    3d:c0:13:49:22:9f:2a:e1:15:f8:c2:5f:0b:f9:7a:
                    13:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:00:34:1E:8A:84:B0:10:36:A7:D3:69:ED:F4:8A:20:7C:37:7E:D1
            X509v3 Authority Key Identifier:
                keyid:C9:36:0E:C9:1E:EC:14:B0:7E:D7:92:FD:3B:0F:BA:B7:FF:9F:64:2E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915547C/576CCD2A0C5311ED8327470AC4F9AE02/yTYOyR7sFLB-15L9Ow-6t_-fZC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yTYOyR7sFLB-15L9Ow-6t_-fZC4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915547C/576CCD2A0C5311ED8327470AC4F9AE02/40B1F08A0C5611EDBBC3A10FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.191.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:68:eb:5a:6f:e6:94:e2:6b:f4:48:9b:53:0c:f9:b7:76:60:
         14:9e:ef:d8:c0:02:a2:ab:7f:80:21:98:9b:36:e0:65:6f:f6:
         a6:35:22:ef:86:e8:4e:63:c0:ce:06:eb:3b:1f:d8:57:5a:31:
         99:b1:8f:91:d3:30:0a:1e:44:17:7e:2e:28:8a:5e:60:bd:64:
         16:3e:68:f4:f4:3f:f9:d2:8f:55:f5:64:ff:a1:fb:af:96:2d:
         85:a6:eb:66:d4:86:d0:00:cd:67:85:e4:67:29:53:78:e6:f2:
         0b:64:f1:43:2b:4a:33:c6:e4:3c:87:fb:c1:63:54:52:35:7d:
         6e:8f:44:64:68:0f:0e:1f:ac:64:68:93:4c:d8:1f:ca:95:47:
         92:99:67:c4:88:55:91:5d:ef:71:8a:93:14:9f:62:96:ab:a9:
         58:69:3e:6b:5f:7c:1f:7e:d6:3c:4c:11:7e:f7:e2:1b:ad:01:
         fe:f4:fe:38:d8:fd:13:c0:57:9a:1f:92:6d:62:aa:33:18:a8:
         47:43:a2:20:fe:67:80:12:4e:8b:6e:c4:72:bb:63:1f:23:4f:
         75:5c:f1:9a:1d:1b:12:ba:9a:4e:2f:b7:62:45:34:0e:f0:58:
         88:81:9b:62:e3:f7:78:f0:b3:bb:38:a0:69:e3:e6:e9:f6:dd:
         04:ca:78:59
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTQ3QzExMC8GA1UEBRMoQzkzNjBFQzkxRUVDMTRCMDdFRDc5MkZEM0IwRkJBQjdG
RjlGNjQyRTAeFw0yMjA3MjUyMDMzMDlaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZGVmZTA1LWVmNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHee9N1hb7RGEEzBr8LbtyRR8nZFVVzJZXU9q8W4BBJRDslzKlwcwmOu53+VoO
Z0wlWBoty/qKc46VyxjzYBsZaapbVJoaIMkYhMEGpAjUa/phyojFK+AmSy1zM1fl
AeSyyWwRGCy30lVZk8DV66Pv20U+nXDh9RBulAE5dp35qeGFVVwqWkj9U4pg7J9j
iXpK2t2LSdeICZDbBHEpxokSzQ2e/fKgNGiU3o5pCo4XXG6c9ken/jM+xMYCe9q/
XmbjiszsDU4kHtyr6clJ3m0L4kSN6vf7cf681aqu8wybgeKFnloV52RCaouK8KgR
Zz3AE0kinyrhFfjCXwv5ehPpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwgA0HoqE
sBA2p9Np7fSKIHw3ftEwHwYDVR0jBBgwFoAUyTYOyR7sFLB+15L9Ow+6t/+fZC4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NDdDLzU3NkNDRDJBMEM1
MzExRUQ4MzI3NDcwQUM0RjlBRTAyL3lUWU95UjdzRkxCLTE1TDlPdy02dF8tZlpD
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveVRZT3lSN3NGTEItMTVMOU93LTZ0Xy1mWkM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTQ3Qy81NzZDQ0QyQTBDNTMxMUVEODMyNzQ3MEFDNEY5QUUwMi80MEIxRjA4QTBD
NTYxMUVEQkJDM0ExMEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe/MjANBgkqhkiG9w0BAQsFAAOCAQEAEWjrWm/mlOJr9Eib
Uwz5t3ZgFJ7v2MACoqt/gCGYmzbgZW/2pjUi74boTmPAzgbrOx/YV1oxmbGPkdMw
Ch5EF34uKIpeYL1kFj5o9PQ/+dKPVfVk/6H7r5YthabrZtSG0ADNZ4XkZylTeOby
C2TxQytKM8bkPIf7wWNUUjV9bo9EZGgPDh+sZGiTTNgfypVHkplnxIhVkV3vcYqT
FJ9ilqupWGk+a198H37WPEwRfvfiG60B/vT+ONj9E8BXmh+SbWKqMxioR0OiIP5n
gBJOi27EcrtjHyNPdVzxmh0bErqaTi+3YkU0DvBYiIGbYuP3ePCzuzigaePm6fbd
BMp4WQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org