Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915568B/1F7B1D08C38D11EDA7E1CA64C4F9AE02/0A95D810C3A611ED8EFA6F13C4F9AE02.roa
File:                     0A95D810C3A611ED8EFA6F13C4F9AE02.roa (raw, json)
Hash identifier:          XQ5lfqIfs3vo1ymWlwiuJ8Zui3Soeg1tYKEvSOlrL7U=
Subject key identifier:   7A:5C:28:C9:B0:E3:F0:28:8D:D0:60:30:5D:F5:DC:5A:FB:D1:EA:C4
Certificate issuer:       /CN=A915568B/serialNumber=B5E9DDC6BF09F89458556087442D948C44034530
Certificate serial:       04
Authority key identifier: B5:E9:DD:C6:BF:09:F8:94:58:55:60:87:44:2D:94:8C:44:03:45:30
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tendxr8J-JRYVWCHRC2UjEQDRTA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915568B/1F7B1D08C38D11EDA7E1CA64C4F9AE02/0A95D810C3A611ED8EFA6F13C4F9AE02.roa
Signing time:             Thu 16 Mar 2023 02:55:43 +0000
ROA not before:           Thu 16 Mar 2023 02:55:43 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     9790
IP address blocks:        103.41.168.0/24 maxlen: 24
                          103.74.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915568B/serialNumber=B5E9DDC6BF09F89458556087442D948C44034530
        Validity
            Not Before: Mar 16 02:55:43 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6412852f-fdd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:22:82:a1:5f:8d:02:05:27:6e:fc:c7:9e:f0:
                    97:7e:b8:33:85:b6:a3:28:66:e9:a1:7b:6f:78:1e:
                    98:2e:39:b6:7f:67:d0:0a:eb:19:13:2e:84:20:d8:
                    eb:de:55:14:5b:e5:55:6b:00:ed:f6:33:c3:0b:ef:
                    11:77:16:f3:a5:5f:ff:23:9c:ef:50:27:22:04:db:
                    88:dc:e5:be:2c:ba:7c:e3:ec:14:74:01:2e:ab:6a:
                    47:34:cb:65:66:aa:7c:2f:c9:9c:71:c8:5c:a8:da:
                    63:b9:a4:69:5e:91:3b:c2:af:ce:9a:2d:61:63:2b:
                    a7:4c:70:f2:9d:1d:f0:ce:dd:13:5f:67:f4:8c:59:
                    d8:6a:5f:bd:65:c1:36:42:0f:51:8e:fd:81:96:5d:
                    2b:52:87:11:b2:c7:f7:35:5b:c1:e1:43:8d:a2:bd:
                    58:68:4a:d9:5b:fa:57:13:b0:2b:ad:9d:ae:44:2d:
                    ad:f8:b6:18:3e:3f:96:2a:57:48:50:aa:d9:28:b2:
                    37:a0:4f:b2:f8:71:94:e7:e9:ae:94:aa:18:72:e4:
                    39:0d:54:11:0d:ec:7a:8f:5e:f6:b2:4a:49:eb:fd:
                    6e:cb:51:b3:6c:97:38:fe:35:63:62:88:68:05:39:
                    ec:97:5a:58:72:bf:22:9e:9c:5d:52:c8:85:4e:4b:
                    df:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:5C:28:C9:B0:E3:F0:28:8D:D0:60:30:5D:F5:DC:5A:FB:D1:EA:C4
            X509v3 Authority Key Identifier:
                keyid:B5:E9:DD:C6:BF:09:F8:94:58:55:60:87:44:2D:94:8C:44:03:45:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915568B/1F7B1D08C38D11EDA7E1CA64C4F9AE02/tendxr8J-JRYVWCHRC2UjEQDRTA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tendxr8J-JRYVWCHRC2UjEQDRTA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915568B/1F7B1D08C38D11EDA7E1CA64C4F9AE02/0A95D810C3A611ED8EFA6F13C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.41.168.0/24
                  103.74.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:7f:41:aa:fe:82:81:c3:ad:28:72:5c:d6:14:46:39:cb:b7:
         3a:6d:b1:36:69:6d:8a:29:de:6d:99:47:b5:62:7f:41:39:82:
         60:88:c7:db:12:56:fa:f8:55:fe:7f:db:f2:3b:bf:4e:f4:6d:
         ae:fc:cb:49:40:06:12:03:dd:15:7d:02:07:16:fe:f5:82:5d:
         dc:ac:90:96:a5:f8:09:33:49:ed:ab:1c:53:01:66:34:74:75:
         9d:71:fb:52:f7:1f:ca:ea:86:fd:21:94:d1:b7:94:0f:42:22:
         3b:9b:d2:25:99:21:3c:a7:46:11:ae:d9:b9:bd:0f:96:59:fe:
         6a:05:0b:a0:bf:72:2c:68:02:bb:23:c1:03:78:2a:85:1c:b7:
         9e:39:ca:e1:34:0d:ad:d6:22:02:d8:a9:c7:bf:e0:3a:17:a8:
         ee:f5:55:aa:b0:cf:4e:21:52:ea:c2:45:d1:38:91:9e:81:43:
         cc:b6:2c:a3:25:1a:4d:b4:de:68:16:4a:f1:cd:9e:e8:81:31:
         87:8a:e6:72:47:c0:ec:e5:7d:b5:a6:ef:75:a3:cd:21:3d:67:
         ff:2b:36:e5:54:c3:48:12:52:d4:cf:01:e6:6e:d9:67:5c:5f:
         db:75:38:5f:c5:72:27:b5:b7:49:ae:28:b2:97:aa:72:cd:b1:
         18:b9:51:d0
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTY4QjExMC8GA1UEBRMoQjVFOUREQzZCRjA5Rjg5NDU4NTU2MDg3NDQyRDk0OEM0
NDAzNDUzMDAeFw0yMzAzMTYwMjU1NDNaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTI4NTJmLWZkZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLIoKhX40CBSdu/Mee8Jd+uDOFtqMoZumhe294HpguObZ/Z9AK6xkTLoQg2Ove
VRRb5VVrAO32M8ML7xF3FvOlX/8jnO9QJyIE24jc5b4sunzj7BR0AS6rakc0y2Vm
qnwvyZxxyFyo2mO5pGlekTvCr86aLWFjK6dMcPKdHfDO3RNfZ/SMWdhqX71lwTZC
D1GO/YGWXStShxGyx/c1W8HhQ42ivVhoStlb+lcTsCutna5ELa34thg+P5YqV0hQ
qtkosjegT7L4cZTn6a6Uqhhy5DkNVBEN7HqPXvaySknr/W7LUbNslzj+NWNiiGgF
OeyXWlhyvyKenF1SyIVOS9+jAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUelwoybDj
8CiN0GAwXfXcWvvR6sQwHwYDVR0jBBgwFoAUtendxr8J+JRYVWCHRC2UjEQDRTAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NjhCLzFGN0IxRDA4QzM4
RDExRURBN0UxQ0E2NEM0RjlBRTAyL3RlbmR4cjhKLUpSWVZXQ0hSQzJVakVRRFJU
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdGVuZHhyOEotSlJZVldDSFJDMlVqRVFEUlRBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTY4Qi8xRjdCMUQwOEMzOEQxMUVEQTdFMUNBNjRDNEY5QUUwMi8wQTk1RDgxMEMz
QTYxMUVEOEVGQTZGMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGcpqAMEAGdK4TANBgkqhkiG9w0BAQsFAAOCAQEAcn9Bqv6C
gcOtKHJc1hRGOcu3Om2xNmltiinebZlHtWJ/QTmCYIjH2xJW+vhV/n/b8ju/TvRt
rvzLSUAGEgPdFX0CBxb+9YJd3KyQlqX4CTNJ7ascUwFmNHR1nXH7UvcfyuqG/SGU
0beUD0IiO5vSJZkhPKdGEa7Zub0Plln+agULoL9yLGgCuyPBA3gqhRy3njnK4TQN
rdYiAtipx7/gOheo7vVVqrDPTiFS6sJF0TiRnoFDzLYsoyUaTbTeaBZK8c2e6IEx
h4rmckfA7OV9tabvdaPNIT1n/ys25VTDSBJS1M8B5m7ZZ1xf23U4X8VyJ7W3Sa4o
speqcs2xGLlR0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org