Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/873156F6ED5011ECB1C96925C4F9AE02.roa
File:                     873156F6ED5011ECB1C96925C4F9AE02.roa (raw, json)
Hash identifier:          nVOetoi7TrZ8Xc0aSvN35pLuaQRvMgykyUpUeq4PLnY=
Subject key identifier:   36:59:98:19:E6:94:22:7F:22:61:35:EB:20:91:AD:F3:11:8D:60:FB
Certificate issuer:       /CN=A91554E6/serialNumber=BCD8274A5F182CE400802C083E8D15422F9BB611
Certificate serial:       0177
Authority key identifier: BC:D8:27:4A:5F:18:2C:E4:00:80:2C:08:3E:8D:15:42:2F:9B:B6:11
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNgnSl8YLOQAgCwIPo0VQi-bthE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/873156F6ED5011ECB1C96925C4F9AE02.roa
Signing time:             Tue 01 Aug 2023 03:43:41 +0000
ROA not before:           Tue 01 Aug 2023 03:43:41 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     149866
IP address blocks:        103.189.160.0/23 maxlen: 24
                          2400:8760::/32 maxlen: 32
                          2400:8760:5::/48 maxlen: 48
                          2400:8760:6::/48 maxlen: 48
                          2400:8760:11::/48 maxlen: 48
                          2400:8760:12::/48 maxlen: 48
                          2400:8760:13::/48 maxlen: 48
                          2400:8760:fce::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 375 (0x177)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91554E6/serialNumber=BCD8274A5F182CE400802C083E8D15422F9BB611
        Validity
            Not Before: Aug  1 03:43:41 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64c87f6d-d8c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bd:61:39:9e:9c:54:a1:24:eb:7c:92:62:28:
                    ee:33:68:9b:65:75:9d:ce:42:03:d7:ff:83:6e:ae:
                    3c:99:f9:a7:4b:d0:d1:41:60:62:ac:ad:7a:ed:d9:
                    51:19:23:08:65:74:0c:99:25:5a:a7:b5:b3:9b:57:
                    a4:38:5b:4b:8d:d9:ad:8a:cf:48:5b:11:b3:b3:7a:
                    54:bc:97:0e:a6:a3:c2:65:c8:64:79:34:2c:5a:2d:
                    00:18:92:3b:71:02:65:0e:bf:fe:3a:d0:7d:ea:17:
                    f7:a9:1f:38:36:cb:2d:9a:1e:23:10:ac:fd:30:6e:
                    29:df:73:52:28:1c:29:42:5f:00:ba:09:1d:90:ba:
                    f2:01:5c:bd:3a:f3:17:1f:63:84:4a:13:46:64:9a:
                    7a:56:47:ae:39:80:90:ae:7b:d2:40:c6:a5:80:b1:
                    b1:00:54:3e:9a:8e:10:e5:f7:fc:8c:be:91:bd:31:
                    db:71:8b:49:fa:4e:3f:91:d4:18:b3:5a:08:55:54:
                    c5:1e:b1:ae:8c:f9:cf:88:53:cb:28:60:c0:8d:2f:
                    7c:5f:84:8a:cd:0f:49:94:5b:8a:a3:0c:d4:8a:f1:
                    13:69:92:87:3c:77:54:99:12:9a:cf:56:92:f6:da:
                    99:d0:f7:7f:47:64:5f:65:83:ce:4f:84:37:58:88:
                    42:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:59:98:19:E6:94:22:7F:22:61:35:EB:20:91:AD:F3:11:8D:60:FB
            X509v3 Authority Key Identifier:
                keyid:BC:D8:27:4A:5F:18:2C:E4:00:80:2C:08:3E:8D:15:42:2F:9B:B6:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/vNgnSl8YLOQAgCwIPo0VQi-bthE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNgnSl8YLOQAgCwIPo0VQi-bthE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/873156F6ED5011ECB1C96925C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.160.0/23
                IPv6:
                  2400:8760::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:96:e2:6d:0c:d6:ec:b8:56:65:03:6a:4c:68:cd:d5:90:6e:
         f2:fd:10:47:42:d9:c5:06:b2:a9:38:67:91:00:3e:bb:05:bf:
         69:e5:b1:b5:a2:cc:ef:12:81:ad:e4:3d:b6:f8:f5:3e:f6:16:
         46:0a:f7:83:3d:e2:31:5a:cc:d8:58:62:01:02:b8:82:78:11:
         5e:2b:0b:54:2d:f2:81:45:df:8c:4a:d9:a1:6c:a4:ec:ff:2a:
         fa:a3:d6:80:e7:e5:0c:97:ab:9d:f5:12:89:45:86:18:11:1e:
         10:90:76:73:e4:46:99:7d:c0:85:f1:45:88:b2:a4:c8:49:fa:
         f2:d2:34:ee:50:22:60:a2:0d:e0:22:e3:e3:ce:7f:72:89:14:
         d4:86:48:e7:c0:6c:91:6d:5a:d4:a8:3b:09:79:ea:ee:a5:43:
         bc:b2:71:c9:62:47:d6:22:84:06:60:08:01:d6:74:8b:a0:5f:
         4b:fb:34:0f:ee:27:c0:3d:d1:24:51:1f:2c:52:f8:c6:bb:13:
         4a:57:09:e7:39:48:b0:ff:56:09:fa:bd:93:c9:c1:9b:33:37:
         60:ac:93:ca:36:7d:5d:2d:9d:13:eb:ad:4b:03:56:22:c1:db:
         b1:e8:0c:84:42:0e:88:b6:61:08:84:41:e6:6e:13:4f:da:87:
         9b:a9:f1:ba
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTU0RTYxMTAvBgNVBAUTKEJDRDgyNzRBNUYxODJDRTQwMDgwMkMwODNFOEQxNTQy
MkY5QkI2MTEwHhcNMjMwODAxMDM0MzQxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4N2Y2ZC1kOGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyL1hOZ6cVKEk63ySYijuM2ibZXWdzkID1/+Dbq48mfmnS9DRQWBirK167dlR
GSMIZXQMmSVap7Wzm1ekOFtLjdmtis9IWxGzs3pUvJcOpqPCZchkeTQsWi0AGJI7
cQJlDr/+OtB96hf3qR84Nsstmh4jEKz9MG4p33NSKBwpQl8AugkdkLryAVy9OvMX
H2OEShNGZJp6VkeuOYCQrnvSQMalgLGxAFQ+mo4Q5ff8jL6RvTHbcYtJ+k4/kdQY
s1oIVVTFHrGujPnPiFPLKGDAjS98X4SKzQ9JlFuKowzUivETaZKHPHdUmRKaz1aS
9tqZ0Pd/R2RfZYPOT4Q3WIhCxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDZZmBnm
lCJ/ImE16yCRrfMRjWD7MB8GA1UdIwQYMBaAFLzYJ0pfGCzkAIAsCD6NFUIvm7YR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTRFNi85RjA2Nzc0OEVE
NEIxMUVDQUI4RkFBNzdDNEY5QUUwMi92TmduU2w4WUxPUUFnQ3dJUG8wVlFpLWJ0
aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZOZ25TbDhZTE9RQWdDd0lQbzBWUWktYnRoRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTU0RTYvOUYwNjc3NDhFRDRCMTFFQ0FCOEZBQTc3QzRGOUFFMDIvODczMTU2RjZF
RDUwMTFFQ0IxQzk2OTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnvaAwDQQCAAIwBwMFACQAh2AwDQYJKoZIhvcNAQELBQAD
ggEBAC+W4m0M1uy4VmUDakxozdWQbvL9EEdC2cUGsqk4Z5EAPrsFv2nlsbWizO8S
ga3kPbb49T72FkYK94M94jFazNhYYgECuIJ4EV4rC1Qt8oFF34xK2aFspOz/Kvqj
1oDn5QyXq531EolFhhgRHhCQdnPkRpl9wIXxRYiypMhJ+vLSNO5QImCiDeAi4+PO
f3KJFNSGSOfAbJFtWtSoOwl56u6lQ7yyccliR9YihAZgCAHWdIugX0v7NA/uJ8A9
0SRRHyxS+Ma7E0pXCec5SLD/Vgn6vZPJwZszN2Csk8o2fV0tnRPrrUsDViLB27Ho
DIRCDoi2YQiEQeZuE0/ah5up8bo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org