Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916593B/103C7D1CBB7A11EC829EE80DC4F9AE02/70E6B524BB7F11EC9E187F19C4F9AE02.roa
File:                     70E6B524BB7F11EC9E187F19C4F9AE02.roa (raw, json)
Hash identifier:          YCIFRSO1rF3BGTgHROvJulbNNPD1eeWkmto9eQbLAbk=
Subject key identifier:   F4:AE:74:E7:3D:C4:A2:56:9D:77:EF:67:00:68:2F:34:D3:C6:C9:38
Certificate issuer:       /CN=A916593B/serialNumber=49AB5DD11DC922DCC8F23DD5A92C6994DD703504
Certificate serial:       0175
Authority key identifier: 49:AB:5D:D1:1D:C9:22:DC:C8:F2:3D:D5:A9:2C:69:94:DD:70:35:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Satd0R3JItzI8j3VqSxplN1wNQQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916593B/103C7D1CBB7A11EC829EE80DC4F9AE02/70E6B524BB7F11EC9E187F19C4F9AE02.roa
Signing time:             Wed 23 Nov 2022 04:53:16 +0000
ROA not before:           Wed 23 Nov 2022 04:53:16 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     38037
IP address blocks:        103.70.24.0/22 maxlen: 22
                          103.70.24.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 373 (0x175)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916593B/serialNumber=49AB5DD11DC922DCC8F23DD5A92C6994DD703504
        Validity
            Not Before: Nov 23 04:53:16 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=637da73c-d203
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e4:b7:c4:c8:d3:58:19:29:7c:30:23:66:f4:
                    27:87:ed:f4:f1:23:ca:ce:af:93:72:0d:bd:6d:da:
                    b9:c6:e2:a8:4f:57:c0:be:f0:af:6c:e7:0c:25:08:
                    cf:a7:d5:65:69:0a:c6:8a:e3:84:2d:59:aa:ba:1f:
                    e9:55:fa:af:14:82:d6:be:05:a4:93:ae:07:a6:84:
                    68:18:66:0e:9f:02:61:e0:7e:e9:b3:a7:3a:a2:49:
                    70:44:44:11:e8:cb:cd:4c:d5:1e:cf:10:e9:71:68:
                    d4:0e:97:f0:21:88:e0:f7:e5:e8:7c:55:8b:a4:df:
                    e9:5e:1b:d5:c6:24:6d:6b:aa:3d:15:15:a5:ae:49:
                    f5:64:1d:02:9b:98:d5:07:b6:87:00:9e:fe:1a:c1:
                    31:7d:c8:7d:dc:3e:ed:a1:e9:22:23:d0:32:f6:b7:
                    51:76:f4:fa:31:97:6e:36:90:8e:2d:1a:34:44:ac:
                    25:a9:1f:11:bb:14:fe:68:c6:9b:78:26:0a:dd:6e:
                    42:b9:10:7c:01:65:d1:ad:c7:d0:d2:36:05:e3:dc:
                    7a:2b:30:bc:d7:54:03:f9:9f:b2:d9:dd:f9:23:90:
                    2a:09:e2:5b:14:b7:fd:a1:55:d5:3e:22:50:b1:69:
                    2e:83:92:ab:6a:f4:e9:0a:84:7e:15:59:4e:a7:b2:
                    64:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:AE:74:E7:3D:C4:A2:56:9D:77:EF:67:00:68:2F:34:D3:C6:C9:38
            X509v3 Authority Key Identifier:
                keyid:49:AB:5D:D1:1D:C9:22:DC:C8:F2:3D:D5:A9:2C:69:94:DD:70:35:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916593B/103C7D1CBB7A11EC829EE80DC4F9AE02/Satd0R3JItzI8j3VqSxplN1wNQQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Satd0R3JItzI8j3VqSxplN1wNQQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916593B/103C7D1CBB7A11EC829EE80DC4F9AE02/70E6B524BB7F11EC9E187F19C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.70.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:78:42:53:12:08:57:bb:29:a9:c6:28:8e:f4:5f:0c:2b:67:
         b2:20:11:fe:19:3e:03:f0:96:1a:45:a2:08:81:60:47:6c:ba:
         1a:1a:ea:ab:77:54:58:0b:0b:d6:e2:34:14:c2:b1:59:40:10:
         e7:5b:1e:d5:28:99:e9:c4:9f:9c:1f:33:8b:21:0b:23:f8:a0:
         67:ef:5c:83:1d:cd:b3:38:8b:7f:c3:61:e7:dd:77:af:7d:8a:
         fa:78:94:e6:30:10:14:ce:6d:92:40:5a:a7:68:5d:86:4a:ff:
         b2:77:a4:86:b7:d0:74:a7:5e:11:79:c6:72:be:03:ab:81:ee:
         f2:49:06:02:cb:53:42:48:05:9d:df:79:ab:d8:b3:05:8d:33:
         6f:0e:e0:99:62:d3:1c:4e:4b:8b:c0:39:fc:83:fc:ef:75:fb:
         2d:b9:c5:62:f2:bd:bc:6c:a4:35:5e:8e:8d:3c:76:56:cf:f4:
         b1:c2:2f:e2:bd:31:b2:a8:dc:13:36:81:63:8e:a6:d2:bc:b7:
         b5:94:8b:ef:cc:4f:9e:4f:7a:1b:c0:d0:1d:d6:41:55:a4:52:
         36:e1:70:0f:ad:8b:3c:56:fc:62:66:54:79:24:96:63:eb:66:
         21:b3:18:c5:29:f6:2a:4a:31:80:c8:cc:8d:f8:86:33:73:c9:
         d0:c6:21:be
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU5M0IxMTAvBgNVBAUTKDQ5QUI1REQxMURDOTIyRENDOEYyM0RENUE5MkM2OTk0
REQ3MDM1MDQwHhcNMjIxMTIzMDQ1MzE2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdkYTczYy1kMjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4uS3xMjTWBkpfDAjZvQnh+308SPKzq+Tcg29bdq5xuKoT1fAvvCvbOcMJQjP
p9VlaQrGiuOELVmquh/pVfqvFILWvgWkk64HpoRoGGYOnwJh4H7ps6c6oklwREQR
6MvNTNUezxDpcWjUDpfwIYjg9+XofFWLpN/pXhvVxiRta6o9FRWlrkn1ZB0Cm5jV
B7aHAJ7+GsExfch93D7toekiI9Ay9rdRdvT6MZduNpCOLRo0RKwlqR8RuxT+aMab
eCYK3W5CuRB8AWXRrcfQ0jYF49x6KzC811QD+Z+y2d35I5AqCeJbFLf9oVXVPiJQ
sWkug5KravTpCoR+FVlOp7JkcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPSudOc9
xKJWnXfvZwBoLzTTxsk4MB8GA1UdIwQYMBaAFEmrXdEdySLcyPI91aksaZTdcDUE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTkzQi8xMDNDN0QxQ0JC
N0ExMUVDODI5RUU4MERDNEY5QUUwMi9TYXRkMFIzSkl0ekk4ajNWcVN4cGxOMXdO
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NhdGQwUjNKSXR6SThqM1ZxU3hwbE4xd05RUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU5M0IvMTAzQzdEMUNCQjdBMTFFQzgyOUVFODBEQzRGOUFFMDIvNzBFNkI1MjRC
QjdGMTFFQzlFMTg3RjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnRhgwDQYJKoZIhvcNAQELBQADggEBAK14QlMSCFe7KanG
KI70XwwrZ7IgEf4ZPgPwlhpFogiBYEdsuhoa6qt3VFgLC9biNBTCsVlAEOdbHtUo
menEn5wfM4shCyP4oGfvXIMdzbM4i3/DYefdd699ivp4lOYwEBTObZJAWqdoXYZK
/7J3pIa30HSnXhF5xnK+A6uB7vJJBgLLU0JIBZ3feavYswWNM28O4Jli0xxOS4vA
OfyD/O91+y25xWLyvbxspDVejo08dlbP9LHCL+K9MbKo3BM2gWOOptK8t7WUi+/M
T55PehvA0B3WQVWkUjbhcA+tizxW/GJmVHkklmPrZiGzGMUp9ipKMYDIzI34hjNz
ydDGIb4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-ams.rpki-client.org