Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/86FE7EE299F511ECA74E010FC4F9AE02.roa
File:                     86FE7EE299F511ECA74E010FC4F9AE02.roa (raw, json)
Hash identifier:          4EsXn1hgr3iT224I+caenZIYIoocgFZ9B9BGYDaumBw=
Subject key identifier:   3F:9B:28:DF:CD:58:3F:7E:48:B5:3A:11:8C:3E:C1:CC:94:46:A3:3F
Certificate issuer:       /CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
Certificate serial:       02
Authority key identifier: 75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/86FE7EE299F511ECA74E010FC4F9AE02.roa
Signing time:             Wed 02 Mar 2022 06:53:55 +0000
ROA not before:           Wed 02 Mar 2022 06:53:55 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     12679
IP address blocks:        103.129.54.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
        Validity
            Not Before: Mar  2 06:53:55 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=621f1483-b31e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0a:37:a6:99:58:81:66:34:df:32:cf:f9:6b:
                    a8:d4:8d:c1:7a:2d:1b:bb:10:30:70:cd:76:f4:4f:
                    79:d5:10:71:a7:cf:d7:80:32:7c:ab:02:c8:fc:b3:
                    66:b7:75:48:15:89:30:88:aa:57:a1:3b:f0:f4:43:
                    56:4a:ef:dc:26:d8:cb:39:6b:3c:9f:18:07:1f:3d:
                    ac:37:5f:98:1d:1b:db:c1:5d:c4:3b:5a:4d:33:68:
                    76:c7:96:27:9d:b6:72:ee:e9:b6:77:14:8f:07:72:
                    88:ef:02:a8:e5:80:a3:68:d4:33:99:db:a6:68:15:
                    b6:c8:72:30:73:5c:31:af:b7:8b:64:b0:8a:cd:3a:
                    15:fa:d9:9c:0a:e0:2a:1d:ba:05:2a:78:c2:1a:5c:
                    9f:94:34:b2:8b:4f:77:66:58:49:c1:7e:b0:4b:75:
                    e6:cd:ed:37:68:06:12:ef:2e:a5:0a:aa:9a:6b:74:
                    d3:0c:97:9e:fd:69:09:e0:db:ba:1f:8a:52:f6:8f:
                    32:c1:75:bd:66:04:56:d6:eb:06:9d:e5:81:ea:eb:
                    9c:ec:28:ec:33:c0:be:dd:9e:3e:6b:2e:4a:cf:e3:
                    09:e6:8b:57:7e:5c:98:e3:b2:78:97:02:49:7e:c3:
                    7d:c3:ce:cd:06:7f:b9:8a:36:6a:82:9d:b3:1f:95:
                    85:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9B:28:DF:CD:58:3F:7E:48:B5:3A:11:8C:3E:C1:CC:94:46:A3:3F
            X509v3 Authority Key Identifier:
                keyid:75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/dUx6CJILdd5uGzejtUuNUyXY33M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/86FE7EE299F511ECA74E010FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bf:cf:62:9a:35:12:66:3f:18:6b:9c:b9:27:d1:44:f3:76:f5:
         56:d9:f6:ae:31:95:56:18:a2:66:59:09:db:5f:55:15:b9:e7:
         fc:db:70:aa:c0:b8:02:f7:ae:ad:26:83:dd:98:9d:53:4c:3f:
         0f:e2:8a:46:9c:7c:23:5c:50:7a:54:48:41:a7:39:f8:6d:9a:
         e2:04:35:49:81:49:0d:38:4f:7e:10:9d:9a:eb:cb:36:17:f3:
         db:8e:89:82:3d:24:3d:55:ad:59:3a:92:73:3c:ec:92:10:35:
         92:c7:5f:bb:ae:46:f0:0d:34:71:6c:99:13:07:c4:84:4a:62:
         7a:71:f2:5c:5e:e0:94:64:a1:44:de:22:cb:ee:6e:f4:cd:98:
         ae:15:28:6c:09:2c:e1:9c:d8:8e:c0:09:84:71:0e:ec:0b:05:
         d2:51:53:8a:b3:fb:91:0c:80:ca:04:07:ac:a0:85:c9:38:b3:
         6c:71:9f:9f:67:a4:43:63:bd:fa:7a:88:f9:f6:98:f8:50:bc:
         17:28:2a:fc:1c:a2:92:67:9a:1c:68:77:7c:23:24:a2:d9:1c:
         03:1a:d0:98:42:8e:9d:6e:91:f9:38:7a:16:f4:d4:26:5f:7b:
         62:47:fc:f3:0a:35:6f:a9:1d:9b:04:d4:66:06:19:e9:11:e3:
         c1:b9:42:31
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MEM4NjExMC8GA1UEBRMoNzU0QzdBMDg5MjBCNzVERTZFMUIzN0EzQjU0QjhENTMy
NUQ4REY3MzAeFw0yMjAzMDIwNjUzNTVaFw0yMjEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMWYxNDgzLWIzMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3CjemmViBZjTfMs/5a6jUjcF6LRu7EDBwzXb0T3nVEHGnz9eAMnyrAsj8s2a3
dUgViTCIqlehO/D0Q1ZK79wm2Ms5azyfGAcfPaw3X5gdG9vBXcQ7Wk0zaHbHlied
tnLu6bZ3FI8HcojvAqjlgKNo1DOZ26ZoFbbIcjBzXDGvt4tksIrNOhX62ZwK4Cod
ugUqeMIaXJ+UNLKLT3dmWEnBfrBLdebN7TdoBhLvLqUKqpprdNMMl579aQng27of
ilL2jzLBdb1mBFbW6wad5YHq65zsKOwzwL7dnj5rLkrP4wnmi1d+XJjjsniXAkl+
w33Dzs0Gf7mKNmqCnbMflYVxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUP5so381Y
P35ItToRjD7BzJRGoz8wHwYDVR0jBBgwFoAUdUx6CJILdd5uGzejtUuNUyXY33Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYwQzg2LzgzQ0M0OUUwOTlG
MzExRUNCNThFQzcwRUM0RjlBRTAyL2RVeDZDSklMZGQ1dUd6ZWp0VXVOVXlYWTMz
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZFV4NkNKSUxkZDV1R3planRVdU5VeVhZMzNNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MEM4Ni84M0NDNDlFMDk5RjMxMUVDQjU4RUM3MEVDNEY5QUUwMi84NkZFN0VFMjk5
RjUxMUVDQTc0RTAxMEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeBNjANBgkqhkiG9w0BAQsFAAOCAQEAv89imjUSZj8Ya5y5
J9FE83b1Vtn2rjGVVhiiZlkJ219VFbnn/NtwqsC4AveurSaD3ZidU0w/D+KKRpx8
I1xQelRIQac5+G2a4gQ1SYFJDThPfhCdmuvLNhfz246Jgj0kPVWtWTqSczzskhA1
ksdfu65G8A00cWyZEwfEhEpienHyXF7glGShRN4iy+5u9M2YrhUobAks4ZzYjsAJ
hHEO7AsF0lFTirP7kQyAygQHrKCFyTizbHGfn2ekQ2O9+nqI+faY+FC8Fygq/Byi
kmeaHGh3fCMkotkcAxrQmEKOnW6R+Th6FvTUJl97Ykf88wo1b6kdmwTUZgYZ6RHj
wblCMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org