Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
File:                     DD4586D0009011EEB4A39C0EC4F9AE02.roa (raw, json)
Hash identifier:          FAT2ULrFOStIXcO+L/1THnXKkI4iU0s169RzGsnn0s0=
Subject key identifier:   8B:2E:AE:78:47:E5:61:7C:A5:53:35:23:54:D0:AC:1D:46:4F:A6:69
Certificate issuer:       /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial:       05AD
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
Signing time:             Thu 01 Jun 2023 15:27:48 +0000
ROA not before:           Thu 01 Jun 2023 15:27:48 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     150774
IP address blocks:        103.159.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1453 (0x5ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
        Validity
            Not Before: Jun  1 15:27:48 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=6478b8f4-95fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d2:91:aa:14:9b:8f:bf:d0:13:59:a1:79:47:
                    6c:d5:5c:ad:41:0c:6b:da:90:8f:e6:9e:a1:61:ff:
                    48:91:93:d3:ae:88:ee:55:1d:3b:9a:9a:ce:31:5f:
                    c9:da:bc:c7:cc:21:51:fc:a7:9f:da:2a:e6:9a:3a:
                    78:f4:02:33:63:24:d5:ae:d7:b1:d9:f1:0d:0e:9d:
                    d8:42:bd:c3:15:8f:13:93:be:df:01:08:9a:13:0c:
                    1a:fe:f8:86:b7:a6:ed:db:22:71:42:fc:71:f7:e1:
                    9c:ce:8c:f0:a0:5d:33:27:2c:1a:81:7a:38:ec:6c:
                    99:e8:78:66:c7:b0:b5:b3:e9:02:90:4e:34:36:b5:
                    5a:17:e7:a5:27:52:76:6a:f0:d1:44:73:48:89:76:
                    61:39:cf:3b:b2:fb:d0:a9:04:0b:05:23:c9:a8:b8:
                    55:28:fb:94:37:37:6e:0b:d1:29:de:f2:e4:83:72:
                    37:31:cf:93:1a:9e:15:50:85:1c:83:bd:3d:7a:14:
                    47:0f:84:95:41:ad:54:d2:3e:d1:53:00:9c:25:cd:
                    f9:10:8d:d4:28:b2:20:b2:fb:27:11:5b:c4:1a:bf:
                    6d:bc:9a:49:5b:3e:9f:5f:69:45:fe:ed:7d:27:46:
                    f3:91:7b:f9:e5:d5:90:cc:1c:bd:86:8b:58:16:8b:
                    23:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:2E:AE:78:47:E5:61:7C:A5:53:35:23:54:D0:AC:1D:46:4F:A6:69
            X509v3 Authority Key Identifier:
                keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:72:f0:21:ac:46:21:7c:87:e7:cc:37:1f:37:28:c6:c2:21:
         2f:e0:c0:cf:8a:5a:d8:0f:62:4f:56:ae:d1:f3:fb:b1:69:28:
         c7:c4:f0:ba:03:49:99:4c:25:1d:eb:e3:26:4e:a0:23:19:1e:
         34:ad:89:c8:bd:f1:b8:bb:ea:bb:09:30:0b:80:c3:a5:1b:3a:
         3b:10:40:b2:57:fd:90:70:77:56:29:7f:8b:9a:ab:a1:d6:dc:
         97:f6:b4:5d:b1:69:b6:c0:92:f9:66:ee:13:1e:b2:8f:fc:45:
         4f:64:17:1f:26:be:e9:92:0f:42:f0:06:86:c0:20:56:55:32:
         8c:b0:50:6d:1a:e6:92:68:72:db:66:54:06:63:68:39:86:8a:
         03:4d:9e:59:75:60:54:b9:b8:6c:f7:40:f7:6b:b4:5c:25:14:
         e1:38:33:a5:4f:98:c2:ec:e4:80:aa:79:52:16:02:99:a2:6c:
         7f:ae:fd:f4:ed:4c:55:78:a3:18:92:81:4e:35:ad:c0:b5:f5:
         4b:f5:ad:68:bd:ed:00:3d:6e:82:76:6b:27:91:25:13:ff:7b:
         ca:c2:21:d6:11:b5:00:02:9c:14:78:77:7a:94:9d:25:3a:e7:
         c8:e6:3d:d0:91:29:cb:93:01:cc:a5:5c:35:2b:93:f9:42:cd:
         3e:fe:4c:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4NUUxMTAvBgNVBAUTKEQ0NTgwNTFGNkRBOTUyMjk3NDc1QjQ4NEJEREQwRkJC
RTM0OTBFNzAwHhcNMjMwNjAxMTUyNzQ4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4YjhmNC05NWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNKRqhSbj7/QE1mheUds1VytQQxr2pCP5p6hYf9IkZPTrojuVR07mprOMV/J
2rzHzCFR/Kef2irmmjp49AIzYyTVrtex2fENDp3YQr3DFY8Tk77fAQiaEwwa/viG
t6bt2yJxQvxx9+GczozwoF0zJywagXo47GyZ6Hhmx7C1s+kCkE40NrVaF+elJ1J2
avDRRHNIiXZhOc87svvQqQQLBSPJqLhVKPuUNzduC9Ep3vLkg3I3Mc+TGp4VUIUc
g709ehRHD4SVQa1U0j7RUwCcJc35EI3UKLIgsvsnEVvEGr9tvJpJWz6fX2lF/u19
J0bzkXv55dWQzBy9hotYFosjEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIsurnhH
5WF8pVM1I1TQrB1GT6ZpMB8GA1UdIwQYMBaAFNRYBR9tqVIpdHW0hL3dD7vjSQ5w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDg1RS83M0VGOTA5QzNC
QjUxMUVCQjREMTM3N0RDNEY5QUUwMi8xRmdGSDIycFVpbDBkYlNFdmQwUHUtTkpE
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4NUUvNzNFRjkwOUMzQkI1MTFFQkI0RDEzNzdEQzRGOUFFMDIvREQ0NTg2RDAw
MDkwMTFFRUI0QTM5QzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn6swDQYJKoZIhvcNAQELBQADggEBAG5y8CGsRiF8h+fM
Nx83KMbCIS/gwM+KWtgPYk9WrtHz+7FpKMfE8LoDSZlMJR3r4yZOoCMZHjStici9
8bi76rsJMAuAw6UbOjsQQLJX/ZBwd1Ypf4uaq6HW3Jf2tF2xabbAkvlm7hMeso/8
RU9kFx8mvumSD0LwBobAIFZVMoywUG0a5pJocttmVAZjaDmGigNNnll1YFS5uGz3
QPdrtFwlFOE4M6VPmMLs5ICqeVIWApmibH+u/fTtTFV4oxiSgU41rcC19Uv1rWi9
7QA9boJ2ayeRJRP/e8rCIdYRtQACnBR4d3qUnSU658jmPdCRKcuTAcylXDUrk/lC
zT7+TAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org