Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/35EEEE82D85D11ECA651B731C4F9AE02.roa
File:                     35EEEE82D85D11ECA651B731C4F9AE02.roa (raw, json)
Hash identifier:          fdFeX38jvTCRmFu+lJYg9EYp5jXuL84AFaUVbaVkMZ8=
Subject key identifier:   88:EE:0D:51:13:25:11:81:E9:62:AA:5E:E8:F8:9B:A8:2C:5F:4E:77
Certificate issuer:       /CN=A915B5B1/serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6
Certificate serial:       06
Authority key identifier: DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/35EEEE82D85D11ECA651B731C4F9AE02.roa
Signing time:             Fri 20 May 2022 16:52:19 +0000
ROA not before:           Fri 20 May 2022 16:52:19 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     149836
IP address blocks:        103.187.244.0/24 maxlen: 24
                          103.187.245.0/24 maxlen: 24
                          2001:df0:c240::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B5B1/serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6
        Validity
            Not Before: May 20 16:52:19 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6287c743-45dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:a5:e8:57:2b:9b:ae:27:d6:1d:ed:bf:ce:11:
                    10:52:d0:f1:6e:f0:48:4e:f6:dd:43:65:f3:8b:7e:
                    20:25:49:55:e1:1a:87:3b:db:cd:69:57:09:f9:e6:
                    f8:30:d7:15:d6:a2:f6:7b:9c:22:4a:86:6a:18:c8:
                    4b:da:cd:05:fe:22:f8:44:2e:9e:18:bb:98:b7:fa:
                    45:a6:8b:6e:3e:b7:64:38:ae:73:c0:fd:63:4b:e0:
                    8c:6a:64:00:28:18:9a:10:3f:c3:17:5a:22:42:53:
                    4d:00:d2:b1:9a:68:b6:2a:18:39:5a:42:9b:bc:53:
                    7d:d0:14:93:bc:ee:1f:dd:9a:24:d6:89:ca:6e:b4:
                    42:99:e4:97:0e:50:26:dc:be:47:51:56:dc:58:8b:
                    58:bc:d2:b7:cc:65:b8:74:dc:d0:c7:60:f3:bb:c4:
                    c7:4a:fd:04:1e:53:0a:51:f8:de:8c:db:f9:e6:29:
                    d1:3a:e0:97:5e:13:e4:bf:f0:54:29:cc:7f:73:39:
                    2e:9a:26:fb:fa:ec:6a:02:b5:fb:dd:7b:72:65:2f:
                    68:ac:86:b2:2a:f9:fe:dc:2f:a1:13:cb:55:71:e0:
                    46:99:19:73:92:db:6d:7a:41:24:ed:89:26:a0:7d:
                    f5:fd:eb:47:e7:50:3a:e6:b9:f3:02:d9:f9:60:53:
                    8b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:EE:0D:51:13:25:11:81:E9:62:AA:5E:E8:F8:9B:A8:2C:5F:4E:77
            X509v3 Authority Key Identifier:
                keyid:DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/39w62zPKqFke-vJ3bDsMVWwIorY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/35EEEE82D85D11ECA651B731C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.187.244.0/23
                IPv6:
                  2001:df0:c240::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:e2:f2:df:00:13:29:08:ba:23:ca:9d:73:2d:45:47:96:fe:
         42:09:91:5c:d7:58:53:73:f4:71:c4:2c:73:44:ae:de:28:64:
         06:f1:6d:4b:c3:43:15:3a:fb:08:f7:7c:47:7f:42:ad:7d:98:
         b9:31:26:a4:73:b4:a4:5c:65:e5:e4:e2:f8:f7:a3:13:1e:dc:
         bb:46:95:a8:85:70:a3:25:14:4e:c4:35:8c:bd:0a:06:98:c1:
         a1:4d:2a:5f:7c:63:f5:42:62:82:71:bc:75:40:cf:16:08:57:
         0d:4c:27:82:ae:09:ad:01:38:2e:16:15:50:9a:0c:79:0d:e0:
         44:30:21:d0:50:72:66:a7:df:29:86:df:26:fa:f2:3a:9a:7c:
         a9:9f:65:8c:e8:a2:e7:24:b6:c5:1e:c4:aa:88:c0:ad:b0:f4:
         25:8f:14:67:26:02:6b:a6:61:e1:fa:7e:74:ea:05:6e:34:d6:
         84:4c:8a:a8:a7:a9:71:59:93:ae:60:6b:9f:17:35:03:2c:0a:
         6e:be:cb:3e:2b:13:bd:c0:c7:c4:8d:12:32:d3:45:1e:38:99:
         1c:42:ff:0e:7e:d7:f4:0f:c8:b1:5e:24:12:b2:70:64:6b:14:
         75:72:2b:ac:d4:59:b9:27:55:98:8e:f3:7e:7a:0b:14:b9:f9:
         b2:49:a8:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QjVCMTExMC8GA1UEBRMoREZEQzNBREIzM0NBQTg1OTFFRkFGMjc3NkMzQjBDNTU2
QzA4QTJCNjAeFw0yMjA1MjAxNjUyMTlaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyODdjNzQzLTQ1ZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTpehXK5uuJ9Yd7b/OERBS0PFu8EhO9t1DZfOLfiAlSVXhGoc7281pVwn55vgw
1xXWovZ7nCJKhmoYyEvazQX+IvhELp4Yu5i3+kWmi24+t2Q4rnPA/WNL4IxqZAAo
GJoQP8MXWiJCU00A0rGaaLYqGDlaQpu8U33QFJO87h/dmiTWicputEKZ5JcOUCbc
vkdRVtxYi1i80rfMZbh03NDHYPO7xMdK/QQeUwpR+N6M2/nmKdE64JdeE+S/8FQp
zH9zOS6aJvv67GoCtfvde3JlL2ishrIq+f7cL6ETy1Vx4EaZGXOS2216QSTtiSag
ffX960fnUDrmufMC2flgU4uzAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUiO4NURMl
EYHpYqpe6PibqCxfTncwHwYDVR0jBBgwFoAU39w62zPKqFke+vJ3bDsMVWwIorYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCNUIxL0VENjI5RjBDRDdF
ODExRUM5MkE5NEY0Q0M0RjlBRTAyLzM5dzYyelBLcUZrZS12SjNiRHNNVld3SW9y
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMzl3NjJ6UEtxRmtlLXZKM2JEc01WV3dJb3JZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjVCMS9FRDYyOUYwQ0Q3RTgxMUVDOTJBOTRGNENDNEY5QUUwMi8zNUVFRUU4MkQ4
NUQxMUVDQTY1MUI3MzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe79DAPBAIAAjAJAwcAIAEN8MJAMA0GCSqGSIb3DQEBCwUA
A4IBAQBG4vLfABMpCLojyp1zLUVHlv5CCZFc11hTc/RxxCxzRK7eKGQG8W1Lw0MV
OvsI93xHf0KtfZi5MSakc7SkXGXl5OL496MTHty7RpWohXCjJRROxDWMvQoGmMGh
TSpffGP1QmKCcbx1QM8WCFcNTCeCrgmtATguFhVQmgx5DeBEMCHQUHJmp98pht8m
+vI6mnypn2WM6KLnJLbFHsSqiMCtsPQljxRnJgJrpmHh+n506gVuNNaETIqop6lx
WZOuYGufFzUDLApuvss+KxO9wMfEjRIy00UeOJkcQv8Oftf0D8ixXiQSsnBkaxR1
cius1Fm5J1WYjvN+egsUufmySahk
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org