Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
File:                     75C44B0CDCA311ECACAEC50BC4F9AE02.roa (raw, json)
Hash identifier:          Iv6D20KVNwBS49/1dCL/8mnz7YcLot3PGqqL22p8qvA=
Subject key identifier:   6F:22:90:86:88:61:A4:41:E6:5E:1C:CB:EB:5B:3C:D9:CA:BF:B1:BE
Certificate issuer:       /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial:       05E9
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
Signing time:             Wed 12 Oct 2022 23:49:52 +0000
ROA not before:           Wed 12 Oct 2022 23:49:52 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     140224
IP address blocks:        43.249.8.0/24 maxlen: 24
                          43.249.9.0/24 maxlen: 24
                          103.40.100.0/24 maxlen: 24
                          103.40.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1513 (0x5e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
        Validity
            Not Before: Oct 12 23:49:52 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=634752a0-cc24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:34:2a:87:d2:4d:1c:80:d4:67:2d:44:59:3e:
                    ea:a7:33:10:8a:2d:7e:40:c7:30:11:6c:3c:8d:f7:
                    84:20:e8:a2:2e:16:20:47:6a:e7:f5:d2:ff:0c:95:
                    e7:6d:26:ee:c9:42:ed:3d:d2:15:0c:f6:9e:aa:33:
                    03:c5:ef:44:fb:22:01:0a:3c:5a:ae:c2:de:74:3e:
                    c0:77:c9:e5:ea:4e:27:d6:0a:21:87:23:26:18:8d:
                    04:96:27:29:e5:4d:41:84:f2:af:6d:fd:8a:48:38:
                    fa:6c:a6:c2:55:d6:44:59:c1:88:0d:0e:b6:cb:59:
                    4c:a3:9f:a5:39:93:02:bc:e7:43:77:7b:01:3c:6e:
                    90:5e:70:0b:b8:ab:46:3b:bf:51:3d:0d:98:d6:ea:
                    d0:eb:66:bb:20:6c:95:57:ab:d0:f3:64:1a:25:ce:
                    a4:12:be:1e:3a:d0:da:04:21:51:c6:44:39:9f:f3:
                    2b:f2:da:d7:32:89:1a:96:45:d3:1b:58:f8:f2:5f:
                    93:65:30:ff:59:5a:66:79:3b:eb:d9:c5:3a:91:82:
                    be:92:d5:ab:cc:74:0b:b9:e7:8c:c0:ee:f4:8a:6d:
                    62:56:19:ac:44:68:a3:e7:cd:78:b3:32:d4:27:76:
                    bb:7d:05:19:96:55:01:73:1d:f0:f5:aa:f5:62:33:
                    da:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:22:90:86:88:61:A4:41:E6:5E:1C:CB:EB:5B:3C:D9:CA:BF:B1:BE
            X509v3 Authority Key Identifier:
                keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.249.8.0/23
                  103.40.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         32:0b:78:7c:1b:8e:ea:e2:31:40:1d:02:2f:24:01:0f:13:6d:
         cc:4c:be:48:7d:fa:aa:56:98:e8:bf:a0:45:65:6d:e2:56:69:
         55:f2:06:81:42:f7:bb:ca:e8:bf:3a:43:a0:f4:8d:13:6c:2e:
         75:a2:e5:52:ca:f9:c5:16:71:a3:a4:83:15:f9:32:17:32:95:
         44:b4:c0:5a:a9:89:38:06:9c:e9:58:4c:31:40:c3:c1:1e:63:
         b8:76:73:10:34:7c:b6:25:68:98:e9:68:e6:9a:3a:17:df:5a:
         32:61:64:66:0b:72:52:fb:a8:76:2d:5a:c0:3c:ce:fa:0d:a3:
         96:e8:11:5e:89:b4:0c:d6:8a:cc:36:3d:94:83:11:96:bd:cd:
         dd:47:5b:34:e3:96:f1:12:b2:cc:56:7c:ef:d7:f1:7c:85:e5:
         6e:35:e5:57:10:d3:64:8d:54:3b:fc:2c:56:4c:c7:55:69:2e:
         cf:a9:fc:b4:b1:f4:5d:95:6a:07:d7:8d:b8:06:6a:3f:b8:d7:
         81:5e:b2:80:7a:6a:2d:57:34:0b:9f:1c:c1:51:69:6b:49:a9:
         94:61:a2:24:0f:6c:33:9d:1f:63:e4:22:b2:c0:d1:12:e8:89:
         b2:b0:82:d4:dd:07:8f:2a:a2:11:5a:35:e4:93:72:d4:7b:87:
         5a:60:9f:be
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjIxMDEyMjM0OTUyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ3NTJhMC1jYzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzQqh9JNHIDUZy1EWT7qpzMQii1+QMcwEWw8jfeEIOiiLhYgR2rn9dL/DJXn
bSbuyULtPdIVDPaeqjMDxe9E+yIBCjxarsLedD7Ad8nl6k4n1gohhyMmGI0Elicp
5U1BhPKvbf2KSDj6bKbCVdZEWcGIDQ62y1lMo5+lOZMCvOdDd3sBPG6QXnALuKtG
O79RPQ2Y1urQ62a7IGyVV6vQ82QaJc6kEr4eOtDaBCFRxkQ5n/Mr8trXMokalkXT
G1j48l+TZTD/WVpmeTvr2cU6kYK+ktWrzHQLueeMwO70im1iVhmsRGij5814szLU
J3a7fQUZllUBcx3w9ar1YjPaCwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG8ikIaI
YaRB5l4cy+tbPNnKv7G+MB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvNzVDNDRCMENE
Q0EzMTFFQ0FDQUVDNTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr+QgDBAFnKGQwDQYJKoZIhvcNAQELBQADggEBADILeHwb
juriMUAdAi8kAQ8TbcxMvkh9+qpWmOi/oEVlbeJWaVXyBoFC97vK6L86Q6D0jRNs
LnWi5VLK+cUWcaOkgxX5MhcylUS0wFqpiTgGnOlYTDFAw8EeY7h2cxA0fLYlaJjp
aOaaOhffWjJhZGYLclL7qHYtWsA8zvoNo5boEV6JtAzWisw2PZSDEZa9zd1HWzTj
lvESssxWfO/X8XyF5W415VcQ02SNVDv8LFZMx1VpLs+p/LSx9F2VagfXjbgGaj+4
14FesoB6ai1XNAufHMFRaWtJqZRhoiQPbDOdH2PkIrLA0RLoibKwgtTdB48qohFa
NeSTctR7h1pgn74=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org