Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/C2F114F24FDC11EE97011A39C4F9AE02.roa
File:                     C2F114F24FDC11EE97011A39C4F9AE02.roa (raw, json)
Hash identifier:          s9WBl8bZ7IW5IWk/Wpju6S6xU9J7k54CwC4Lkk0fAPo=
Subject key identifier:   59:D8:83:B8:1D:77:AC:B5:29:63:BE:A6:70:E6:53:2E:81:C8:34:AC
Certificate issuer:       /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial:       05E7
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/C2F114F24FDC11EE97011A39C4F9AE02.roa
Signing time:             Sun 10 Sep 2023 13:20:08 +0000
ROA not before:           Sun 10 Sep 2023 13:20:08 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     141731
IP address blocks:        103.159.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1511 (0x5e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
        Validity
            Not Before: Sep 10 13:20:08 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=64fdc287-ae1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:32:1c:6c:7c:bf:e5:a3:5a:23:b1:eb:78:10:
                    96:5a:5f:89:36:61:bd:24:3a:13:af:6c:06:bc:0d:
                    cc:91:8e:82:2e:26:a0:73:f5:34:da:93:e5:80:ea:
                    9a:3e:28:38:f5:4d:c5:65:ba:36:69:cf:0d:e6:a7:
                    70:48:51:8b:3e:41:d5:0e:6e:d3:55:29:93:8b:45:
                    5b:32:86:2a:8d:65:ee:57:b6:18:aa:03:59:98:c3:
                    44:ee:6e:9c:df:a2:4d:b0:4a:9f:3c:b8:de:a9:0b:
                    73:2a:ed:0b:c0:15:ea:e3:fe:3b:1a:f8:f3:d6:b0:
                    22:26:a9:06:b6:e4:29:7b:0c:64:80:49:5d:21:66:
                    a4:d4:70:84:c4:71:0a:52:ca:ef:67:c3:2c:7b:2b:
                    97:2a:ed:ad:0e:53:e8:49:2b:3c:fb:6c:0b:82:8f:
                    33:77:75:55:d2:21:d2:ef:7d:5e:54:a7:91:1a:e4:
                    21:fe:f6:cb:c8:6e:f2:41:1c:c6:4c:dc:dd:76:af:
                    e3:bd:ca:8a:a2:40:ca:95:2b:ec:49:7c:16:08:17:
                    a5:66:f7:e2:b9:51:6b:a0:53:fd:e0:58:91:e5:18:
                    8a:da:65:e2:21:5e:12:73:bb:d8:c4:e7:dc:5e:c3:
                    52:e3:62:d5:bc:ee:fc:7c:d7:d0:a0:b6:2a:b8:af:
                    96:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:D8:83:B8:1D:77:AC:B5:29:63:BE:A6:70:E6:53:2E:81:C8:34:AC
            X509v3 Authority Key Identifier:
                keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/C2F114F24FDC11EE97011A39C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:81:f6:94:e9:2a:31:62:8e:52:17:56:62:54:6e:4a:2f:3c:
         0a:3b:56:8e:9f:09:af:6a:76:b4:cc:17:09:6b:0f:49:99:c2:
         72:f3:61:df:2f:ba:18:04:0c:1f:d6:10:66:4b:f4:d0:00:ad:
         33:80:ba:d2:9f:a5:f3:fc:83:ad:95:0e:50:c2:82:fc:d3:93:
         32:8e:26:a6:22:11:6b:00:b5:d0:7a:77:f6:56:73:c3:fe:95:
         ea:22:00:6a:65:d1:56:83:e4:c3:64:72:04:ce:28:dd:90:51:
         73:69:e1:b2:16:c7:4b:c3:eb:30:58:f6:a4:f5:b3:79:0b:11:
         22:ce:d9:e1:53:5b:0d:e9:c6:42:66:53:73:1e:ef:95:3e:5e:
         11:6f:d1:90:f7:17:5f:50:0c:9e:7a:bc:81:c8:8a:f1:c7:3d:
         f0:28:fa:32:71:c2:91:2c:8e:f9:f8:75:6b:83:e9:21:67:0e:
         b3:ce:64:c2:5a:db:54:5e:03:24:f6:04:70:c9:be:92:18:6e:
         e3:7c:1e:66:ea:2b:8d:ef:87:5e:0a:5b:a4:16:4d:90:11:85:
         63:b2:61:89:53:3a:1d:f4:9b:6a:c1:32:b1:ab:4a:13:16:0b:
         4c:35:25:de:df:37:5d:20:d9:14:db:21:36:ba:fb:03:8b:14:
         88:f6:96:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4NUUxMTAvBgNVBAUTKEQ0NTgwNTFGNkRBOTUyMjk3NDc1QjQ4NEJEREQwRkJC
RTM0OTBFNzAwHhcNMjMwOTEwMTMyMDA4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZkYzI4Ny1hZTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzIcbHy/5aNaI7HreBCWWl+JNmG9JDoTr2wGvA3MkY6CLiagc/U02pPlgOqa
Pig49U3FZbo2ac8N5qdwSFGLPkHVDm7TVSmTi0VbMoYqjWXuV7YYqgNZmMNE7m6c
36JNsEqfPLjeqQtzKu0LwBXq4/47Gvjz1rAiJqkGtuQpewxkgEldIWak1HCExHEK
UsrvZ8MseyuXKu2tDlPoSSs8+2wLgo8zd3VV0iHS731eVKeRGuQh/vbLyG7yQRzG
TNzddq/jvcqKokDKlSvsSXwWCBelZvfiuVFroFP94FiR5RiK2mXiIV4Sc7vYxOfc
XsNS42LVvO78fNfQoLYquK+WUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFnYg7gd
d6y1KWO+pnDmUy6ByDSsMB8GA1UdIwQYMBaAFNRYBR9tqVIpdHW0hL3dD7vjSQ5w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDg1RS83M0VGOTA5QzNC
QjUxMUVCQjREMTM3N0RDNEY5QUUwMi8xRmdGSDIycFVpbDBkYlNFdmQwUHUtTkpE
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4NUUvNzNFRjkwOUMzQkI1MTFFQkI0RDEzNzdEQzRGOUFFMDIvQzJGMTE0RjI0
RkRDMTFFRTk3MDExQTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn6swDQYJKoZIhvcNAQELBQADggEBAGyB9pTpKjFijlIX
VmJUbkovPAo7Vo6fCa9qdrTMFwlrD0mZwnLzYd8vuhgEDB/WEGZL9NAArTOAutKf
pfP8g62VDlDCgvzTkzKOJqYiEWsAtdB6d/ZWc8P+leoiAGpl0VaD5MNkcgTOKN2Q
UXNp4bIWx0vD6zBY9qT1s3kLESLO2eFTWw3pxkJmU3Me75U+XhFv0ZD3F19QDJ56
vIHIivHHPfAo+jJxwpEsjvn4dWuD6SFnDrPOZMJa21ReAyT2BHDJvpIYbuN8Hmbq
K43vh14KW6QWTZARhWOyYYlTOh30m2rBMrGrShMWC0w1Jd7fN10g2RTbITa6+wOL
FIj2lsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org