Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/3CD200DE3BB711EB8D5FBB7EC4F9AE02.roa
File:                     3CD200DE3BB711EB8D5FBB7EC4F9AE02.roa (raw, json)
Hash identifier:          z6NJLOVTMWQ/AFaN1XS8+rtIr/H3QlQrwacCOiMNI2s=
Subject key identifier:   76:BD:EF:37:E0:F9:D5:DD:2D:C8:9C:13:B4:B6:E8:97:2D:37:08:59
Certificate issuer:       /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial:       02
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/3CD200DE3BB711EB8D5FBB7EC4F9AE02.roa
Signing time:             Fri 11 Dec 2020 13:46:15 +0000
ROA not before:           Fri 11 Dec 2020 13:46:15 +0000
ROA not after:            Wed 02 Mar 2022 00:00:00 +0000
asID:                     136014
IP address blocks:        103.159.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
        Validity
            Not Before: Dec 11 13:46:15 2020 GMT
            Not After : Mar  2 00:00:00 2022 GMT
        Subject: CN=5fd37827-1a5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d0:0a:98:28:c6:0c:38:23:d6:d0:8b:b8:8b:
                    33:e1:fd:fa:4f:2d:cc:da:4b:d0:00:af:dc:0f:ec:
                    5e:e6:ef:e5:98:b7:39:0f:fa:23:c2:b4:d6:fc:f4:
                    85:2c:10:43:27:16:a8:68:d0:96:98:08:78:5c:5d:
                    95:9b:03:40:cf:87:58:d4:81:80:0e:a2:67:3d:2d:
                    24:39:95:4d:8b:5e:ef:d5:7a:d8:09:4d:ed:d6:a7:
                    e7:7f:0c:5c:88:65:7c:94:0e:a6:61:c0:6a:97:e4:
                    f3:1a:b0:af:92:93:f0:46:5a:49:81:63:14:af:bd:
                    26:7b:e8:2c:e5:87:3d:2b:cc:aa:f8:68:6e:12:ae:
                    21:da:38:53:ef:55:fb:55:5b:4d:99:d3:ff:31:9c:
                    b4:e4:a0:0e:6e:bb:5c:55:d4:53:e4:9d:93:cf:b6:
                    05:29:cc:78:b5:9d:07:5e:97:fe:57:2e:65:9e:25:
                    06:60:6a:cc:ee:e2:7e:25:7a:19:d0:e8:a7:7f:6b:
                    b2:29:32:dd:7f:59:e1:8a:f0:b3:5d:09:96:0e:e3:
                    7e:45:57:2c:de:0a:1d:db:3d:f3:25:9d:87:4b:db:
                    5d:61:0e:6f:d0:0d:8d:af:e5:cc:02:20:ed:a0:af:
                    75:04:d0:a2:70:67:97:9c:b4:73:98:ed:d2:1f:62:
                    aa:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:BD:EF:37:E0:F9:D5:DD:2D:C8:9C:13:B4:B6:E8:97:2D:37:08:59
            X509v3 Authority Key Identifier:
                keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/3CD200DE3BB711EB8D5FBB7EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:52:d5:e5:b0:78:98:d2:62:7b:0f:3a:80:19:c6:c9:e2:33:
         70:c0:d4:a4:b6:a3:f0:22:14:d9:85:8e:8c:94:ab:bf:45:11:
         da:98:cb:03:56:10:6d:69:94:9e:d1:8d:a4:18:91:7c:14:63:
         6d:d3:91:93:31:24:81:48:7b:15:6f:63:e7:bd:8d:ef:1d:98:
         c0:a8:a0:aa:f2:87:41:be:07:16:de:ea:af:29:59:51:cc:ba:
         f1:d7:b1:f5:e0:d4:e0:09:f1:64:65:4d:64:b4:fb:78:d3:f5:
         4f:10:43:d4:ce:9b:55:f5:18:b7:80:af:e7:a5:06:13:fa:a5:
         be:71:a2:cc:23:6b:0f:07:1d:14:29:30:cc:76:70:9e:3d:00:
         ca:c5:f7:5d:7e:c0:f3:66:86:24:c9:5e:d0:2b:7b:e8:88:6c:
         00:e9:7c:4c:b7:08:a4:e0:f6:e9:04:7b:61:dc:96:8f:f3:fe:
         36:30:69:dd:3f:b4:55:ea:63:7c:56:59:81:78:6d:c9:51:da:
         2e:fa:23:ff:aa:a1:1e:d9:5b:18:6d:aa:c0:9b:52:38:ad:b3:
         84:84:bc:22:c7:56:10:08:10:5d:1d:93:f2:86:55:7d:64:72:
         27:3b:fd:5e:b5:d2:19:59:9d:85:87:d5:46:f0:b7:a6:d4:ad:
         ef:9e:80:22
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RDg1RTExMC8GA1UEBRMoRDQ1ODA1MUY2REE5NTIyOTc0NzVCNDg0QkRERDBGQkJF
MzQ5MEU3MDAeFw0yMDEyMTExMzQ2MTVaFw0yMjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTVmZDM3ODI3LTFhNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCa0AqYKMYMOCPW0Iu4izPh/fpPLczaS9AAr9wP7F7m7+WYtzkP+iPCtNb89IUs
EEMnFqho0JaYCHhcXZWbA0DPh1jUgYAOomc9LSQ5lU2LXu/VetgJTe3Wp+d/DFyI
ZXyUDqZhwGqX5PMasK+Sk/BGWkmBYxSvvSZ76Czlhz0rzKr4aG4SriHaOFPvVftV
W02Z0/8xnLTkoA5uu1xV1FPknZPPtgUpzHi1nQdel/5XLmWeJQZgaszu4n4lehnQ
6Kd/a7IpMt1/WeGK8LNdCZYO435FVyzeCh3bPfMlnYdL211hDm/QDY2v5cwCIO2g
r3UE0KJwZ5ectHOY7dIfYqptAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdr3vN+D5
1d0tyJwTtLboly03CFkwHwYDVR0jBBgwFoAU1FgFH22pUil0dbSEvd0Pu+NJDnAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVEODVFLzczRUY5MDlDM0JC
NTExRUJCNEQxMzc3REM0RjlBRTAyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRu
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMUZnRkgyMnBVaWwwZGJTRXZkMFB1LU5KRG5BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RDg1RS83M0VGOTA5QzNCQjUxMUVCQjREMTM3N0RDNEY5QUUwMi8zQ0QyMDBERTNC
QjcxMUVCOEQ1RkJCN0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGefqzANBgkqhkiG9w0BAQsFAAOCAQEACVLV5bB4mNJiew86
gBnGyeIzcMDUpLaj8CIU2YWOjJSrv0UR2pjLA1YQbWmUntGNpBiRfBRjbdORkzEk
gUh7FW9j572N7x2YwKigqvKHQb4HFt7qrylZUcy68dex9eDU4AnxZGVNZLT7eNP1
TxBD1M6bVfUYt4Cv56UGE/qlvnGizCNrDwcdFCkwzHZwnj0AysX3XX7A82aGJMle
0Ct76IhsAOl8TLcIpOD26QR7YdyWj/P+NjBp3T+0VepjfFZZgXhtyVHaLvoj/6qh
HtlbGG2qwJtSOK2zhIS8IsdWEAgQXR2T8oZVfWRyJzv9XrXSGVmdhYfVRvC3ptSt
756AIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org