Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/E4673524C52511EBBE8CA16EC4F9AE02.roa
File:                     E4673524C52511EBBE8CA16EC4F9AE02.roa (raw, json)
Hash identifier:          BHAE0Pb/6J0q9zJbUDH1itGvSrdkCH74HLLN0Azqliw=
Subject key identifier:   D6:C1:55:48:2E:3C:80:6A:33:B2:6A:46:CE:50:84:2A:0A:B3:88:0F
Certificate issuer:       /CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
Certificate serial:       05C3
Authority key identifier: 68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/E4673524C52511EBBE8CA16EC4F9AE02.roa
Signing time:             Sat 12 Nov 2022 23:49:40 +0000
ROA not before:           Sat 12 Nov 2022 23:49:40 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     141215
IP address blocks:        103.156.152.0/23 maxlen: 23
                          103.156.152.0/24 maxlen: 24
                          103.156.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1475 (0x5c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9165FAD/serialNumber=687BEB277A059DEFEA2BEDD67AFB1B82388E5EB1
        Validity
            Not Before: Nov 12 23:49:40 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63703114-a802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c3:7c:dd:0c:ed:13:a6:31:16:a5:df:f1:2e:
                    de:05:b8:18:58:90:8c:47:65:68:f3:c8:2b:bb:1b:
                    8a:2a:ad:af:10:d5:11:af:e5:f4:3e:b7:dc:71:8e:
                    7e:2f:6b:8a:14:6c:3b:37:e3:8d:99:40:87:c4:e1:
                    16:23:15:b2:8a:68:64:dc:ce:02:01:c9:37:31:ea:
                    f5:b0:fc:05:08:72:fc:f8:af:42:d5:61:70:74:6a:
                    a7:8e:c5:ca:86:8e:2b:00:c4:31:c9:f4:cc:bb:78:
                    31:f0:f0:7c:05:eb:4a:79:0f:0c:c7:4a:59:db:e7:
                    15:26:7a:1d:1d:b9:9b:72:89:42:37:80:f6:ed:a4:
                    df:9e:e0:e0:8c:4f:7c:6e:a1:ac:09:54:7e:ac:9c:
                    21:f5:55:31:1a:ff:14:eb:35:5c:02:75:46:ea:6c:
                    08:76:eb:96:68:93:d3:56:a4:fe:5e:c7:aa:51:e7:
                    52:51:ea:8e:84:2e:f6:fa:ef:82:f6:0a:b0:a1:a2:
                    11:a0:2a:5e:79:93:10:18:60:df:ee:7e:4d:98:8d:
                    c9:13:2d:03:62:e2:91:f1:fb:5b:53:45:8b:e7:92:
                    b1:85:c6:d5:f0:a3:d2:9f:2e:e5:e0:26:22:26:5b:
                    bf:82:11:14:c1:8e:cc:9d:9a:73:3e:7d:58:0f:ac:
                    42:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:C1:55:48:2E:3C:80:6A:33:B2:6A:46:CE:50:84:2A:0A:B3:88:0F
            X509v3 Authority Key Identifier:
                keyid:68:7B:EB:27:7A:05:9D:EF:EA:2B:ED:D6:7A:FB:1B:82:38:8E:5E:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/aHvrJ3oFne_qK-3WevsbgjiOXrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHvrJ3oFne_qK-3WevsbgjiOXrE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165FAD/A4D7899E086611EB8A2D1535C4F9AE02/E4673524C52511EBBE8CA16EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c4:93:43:78:3f:43:d1:3f:3a:cd:4c:2a:b2:aa:a1:3d:4e:36:
         df:ed:91:d3:81:d1:42:9d:80:33:95:10:ef:06:91:ae:a3:ea:
         c8:e7:07:dd:90:71:be:7f:8f:1b:a2:b1:02:be:b1:50:58:ab:
         49:4e:f3:af:e1:6c:91:02:99:94:b9:ee:a0:49:cc:ab:c7:fc:
         4c:d7:76:f8:20:0a:c8:41:0f:34:dc:84:a6:3d:b9:6b:23:9e:
         b2:7b:39:3c:43:3a:9a:69:22:b9:16:d8:ed:b1:d4:47:86:dd:
         ae:11:16:86:ea:76:b4:ca:be:7e:d0:c3:38:a4:1b:62:01:8b:
         b7:36:08:0f:d3:47:14:28:b9:8b:bd:73:a0:3c:f7:3e:e0:82:
         18:f3:f2:fa:23:74:f4:70:90:73:9d:58:3a:6e:94:01:64:df:
         8a:8b:39:e1:d3:91:44:04:45:97:61:de:2d:09:15:f5:5e:81:
         a0:40:49:25:33:50:c6:bf:8f:43:cd:27:2f:e0:8b:2e:99:00:
         c0:0b:58:a3:b3:e2:3a:22:2a:8a:4d:23:a2:15:7d:c1:7c:ba:
         a3:df:0d:ac:fe:93:ab:ff:90:66:bc:a7:a6:8c:5f:35:7a:2e:
         d2:01:1a:03:b7:db:45:1a:00:9b:8b:35:58:79:9b:85:39:2c:
         46:e0:28:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVGQUQxMTAvBgNVBAUTKDY4N0JFQjI3N0EwNTlERUZFQTJCRURENjdBRkIxQjgy
Mzg4RTVFQjEwHhcNMjIxMTEyMjM0OTQwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcwMzExNC1hODAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1cN83QztE6YxFqXf8S7eBbgYWJCMR2Vo88gruxuKKq2vENURr+X0PrfccY5+
L2uKFGw7N+ONmUCHxOEWIxWyimhk3M4CAck3Mer1sPwFCHL8+K9C1WFwdGqnjsXK
ho4rAMQxyfTMu3gx8PB8BetKeQ8Mx0pZ2+cVJnodHbmbcolCN4D27aTfnuDgjE98
bqGsCVR+rJwh9VUxGv8U6zVcAnVG6mwIduuWaJPTVqT+XseqUedSUeqOhC72+u+C
9gqwoaIRoCpeeZMQGGDf7n5NmI3JEy0DYuKR8ftbU0WL55KxhcbV8KPSny7l4CYi
Jlu/ghEUwY7MnZpzPn1YD6xCcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNbBVUgu
PIBqM7JqRs5QhCoKs4gPMB8GA1UdIwQYMBaAFGh76yd6BZ3v6ivt1nr7G4I4jl6x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUZBRC9BNEQ3ODk5RTA4
NjYxMUVCOEEyRDE1MzVDNEY5QUUwMi9hSHZySjNvRm5lX3FLLTNXZXZzYmdqaU9Y
ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FIdnJKM29GbmVfcUstM1dldnNiZ2ppT1hyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVGQUQvQTRENzg5OUUwODY2MTFFQjhBMkQxNTM1QzRGOUFFMDIvRTQ2NzM1MjRD
NTI1MTFFQkJFOENBMTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnJgwDQYJKoZIhvcNAQELBQADggEBAMSTQ3g/Q9E/Os1M
KrKqoT1ONt/tkdOB0UKdgDOVEO8Gka6j6sjnB92Qcb5/jxuisQK+sVBYq0lO86/h
bJECmZS57qBJzKvH/EzXdvggCshBDzTchKY9uWsjnrJ7OTxDOpppIrkW2O2x1EeG
3a4RFobqdrTKvn7QwzikG2IBi7c2CA/TRxQouYu9c6A89z7gghjz8vojdPRwkHOd
WDpulAFk34qLOeHTkUQERZdh3i0JFfVegaBASSUzUMa/j0PNJy/giy6ZAMALWKOz
4joiKopNI6IVfcF8uqPfDaz+k6v/kGa8p6aMXzV6LtIBGgO320UaAJuLNVh5m4U5
LEbgKJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-ams.rpki-client.org