Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/6E5718204DCF11ED85EFA24FC4F9AE02.roa
File:                     6E5718204DCF11ED85EFA24FC4F9AE02.roa (raw, json)
Hash identifier:          srUfOUX+j3WOuT7FhidhKIBq1kTL64sF+nluGkHJvNg=
Subject key identifier:   A4:75:C5:32:1C:C9:C2:27:73:E7:9C:AB:73:59:DD:62:C5:34:57:91
Certificate issuer:       /CN=A9176909/serialNumber=3B48AB861652FAEED7E1D12583F16BB7FBB28913
Certificate serial:       02
Authority key identifier: 3B:48:AB:86:16:52:FA:EE:D7:E1:D1:25:83:F1:6B:B7:FB:B2:89:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0irhhZS-u7X4dElg_Frt_uyiRM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/6E5718204DCF11ED85EFA24FC4F9AE02.roa
Signing time:             Mon 17 Oct 2022 03:54:42 +0000
ROA not before:           Mon 17 Oct 2022 03:54:42 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     135075
IP address blocks:        103.20.242.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9176909/serialNumber=3B48AB861652FAEED7E1D12583F16BB7FBB28913
        Validity
            Not Before: Oct 17 03:54:42 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=634cd202-76cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:0a:7c:03:d7:fb:88:8b:c0:bf:00:47:23:93:
                    97:cb:93:0a:6a:f1:fa:af:71:06:42:68:5a:84:01:
                    e1:e8:b2:c1:f9:34:f7:b7:6d:69:04:2e:aa:70:91:
                    80:85:15:32:1d:6e:5b:f7:e9:16:b5:5d:7d:5c:28:
                    4f:de:f9:5b:ce:fb:c8:45:6c:56:e2:82:9a:a8:59:
                    89:c6:b6:a3:85:d9:57:47:c7:6c:75:9a:60:92:3b:
                    91:e9:21:03:f4:a7:02:a9:e6:67:d2:f5:68:69:f8:
                    1b:ec:52:30:0e:5f:89:59:4e:da:2f:ea:62:f1:df:
                    ea:07:89:55:11:47:5a:2a:fc:3e:fa:26:7a:d6:89:
                    d2:54:ed:a5:30:ab:42:17:05:7a:c5:b8:24:6d:ed:
                    14:b4:99:55:c0:32:cd:d5:74:5d:da:84:d7:da:4d:
                    ab:9a:f9:76:37:5d:33:3d:27:a4:57:ff:92:ca:3f:
                    f6:bd:a3:21:07:6a:0a:18:94:d5:3f:62:a8:31:9b:
                    f5:6d:8d:56:83:07:cf:7f:e8:08:91:79:f5:8c:22:
                    03:dd:16:af:0b:8f:e1:76:26:0d:03:7b:b4:19:27:
                    92:ac:36:48:a1:f9:7e:5e:62:76:60:ee:48:94:29:
                    fe:8e:32:76:36:ad:fe:3a:2a:cd:57:f1:0e:51:4d:
                    76:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:75:C5:32:1C:C9:C2:27:73:E7:9C:AB:73:59:DD:62:C5:34:57:91
            X509v3 Authority Key Identifier:
                keyid:3B:48:AB:86:16:52:FA:EE:D7:E1:D1:25:83:F1:6B:B7:FB:B2:89:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/O0irhhZS-u7X4dElg_Frt_uyiRM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0irhhZS-u7X4dElg_Frt_uyiRM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/6E5718204DCF11ED85EFA24FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.20.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:f1:ba:6f:40:47:79:1d:46:19:e6:20:80:2b:13:11:9d:a9:
         cd:fc:09:6c:93:a1:d8:c3:fc:aa:05:09:72:d5:8b:42:44:5c:
         0d:8c:ab:1f:60:36:17:3c:27:ee:ba:c1:63:5d:17:6e:ee:27:
         af:04:9a:81:95:fb:36:51:e3:99:66:97:d6:5d:95:75:6f:d5:
         ca:87:db:7b:16:73:5f:bd:5b:7a:fd:23:86:d0:74:4b:3c:f2:
         4f:bd:cc:32:45:a3:08:40:34:6b:9b:43:bf:01:88:e7:82:4e:
         95:69:91:79:86:5a:c9:3e:3b:4c:5a:5e:36:e9:4e:82:9e:1d:
         a6:28:13:b1:6c:a8:3f:69:74:6e:69:c2:7d:f4:c3:2f:48:b6:
         e8:dd:9b:68:83:39:b3:fb:39:23:50:ae:52:14:ef:9d:92:a5:
         ed:d5:ec:b0:80:2f:19:bb:87:81:a9:a0:7c:67:18:da:7f:f3:
         0f:16:13:ba:71:fd:78:88:fa:31:9f:f9:68:99:9f:f0:43:b7:
         2d:7c:34:95:f7:cc:12:6e:2d:e2:e2:c7:2b:ac:65:83:24:46:
         0a:96:25:9b:4a:7f:58:eb:a4:42:e4:dd:13:cd:63:a8:b9:8f:
         3a:71:a5:09:2c:c0:b4:2e:91:3e:37:33:ab:f1:48:7d:cf:13:
         67:fc:cb:d8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NjkwOTExMC8GA1UEBRMoM0I0OEFCODYxNjUyRkFFRUQ3RTFEMTI1ODNGMTZCQjdG
QkIyODkxMzAeFw0yMjEwMTcwMzU0NDJaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGNkMjAyLTc2Y2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqCnwD1/uIi8C/AEcjk5fLkwpq8fqvcQZCaFqEAeHossH5NPe3bWkELqpwkYCF
FTIdblv36Ra1XX1cKE/e+VvO+8hFbFbigpqoWYnGtqOF2VdHx2x1mmCSO5HpIQP0
pwKp5mfS9Whp+BvsUjAOX4lZTtov6mLx3+oHiVURR1oq/D76JnrWidJU7aUwq0IX
BXrFuCRt7RS0mVXAMs3VdF3ahNfaTaua+XY3XTM9J6RX/5LKP/a9oyEHagoYlNU/
Yqgxm/VtjVaDB89/6AiRefWMIgPdFq8Lj+F2Jg0De7QZJ5KsNkih+X5eYnZg7kiU
Kf6OMnY2rf46Ks1X8Q5RTXYrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpHXFMhzJ
widz55yrc1ndYsU0V5EwHwYDVR0jBBgwFoAUO0irhhZS+u7X4dElg/Frt/uyiRMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2OTA5LzlBQkFDQUM4NERD
QjExRUQ4Mjk2MUIzNkM0RjlBRTAyL08waXJoaFpTLXU3WDRkRWxnX0ZydF91eWlS
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTzBpcmhoWlMtdTdYNGRFbGdfRnJ0X3V5aVJNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NjkwOS85QUJBQ0FDODREQ0IxMUVEODI5NjFCMzZDNEY5QUUwMi82RTU3MTgyMDRE
Q0YxMUVEODVFRkEyNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcU8jANBgkqhkiG9w0BAQsFAAOCAQEAmfG6b0BHeR1GGeYg
gCsTEZ2pzfwJbJOh2MP8qgUJctWLQkRcDYyrH2A2Fzwn7rrBY10Xbu4nrwSagZX7
NlHjmWaX1l2VdW/VyofbexZzX71bev0jhtB0SzzyT73MMkWjCEA0a5tDvwGI54JO
lWmReYZayT47TFpeNulOgp4dpigTsWyoP2l0bmnCffTDL0i26N2baIM5s/s5I1Cu
UhTvnZKl7dXssIAvGbuHgamgfGcY2n/zDxYTunH9eIj6MZ/5aJmf8EO3LXw0lffM
Em4t4uLHK6xlgyRGCpYlm0p/WOukQuTdE81jqLmPOnGlCSzAtC6RPjczq/FIfc8T
Z/zL2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org