Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/0D0BB782D32311EC85B03557C4F9AE02.roa
File:                     0D0BB782D32311EC85B03557C4F9AE02.roa (raw, json)
Hash identifier:          4lXgv8WNvS7Ik1Yqb/pBIYRWSb6PmC6ByS+iFYGPoJg=
Subject key identifier:   03:44:55:9A:F7:B4:52:C5:8C:3B:C7:97:BA:35:C2:32:36:8A:FE:44
Certificate issuer:       /CN=A917CEE3/serialNumber=30E0803DEBA600AC9A92644C96F78A8E885D7C50
Certificate serial:       021D
Authority key identifier: 30:E0:80:3D:EB:A6:00:AC:9A:92:64:4C:96:F7:8A:8E:88:5D:7C:50
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOCAPeumAKyakmRMlveKjohdfFA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/0D0BB782D32311EC85B03557C4F9AE02.roa
Signing time:             Sat 14 May 2022 01:13:24 +0000
ROA not before:           Sat 14 May 2022 01:13:24 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     38264
IP address blocks:        103.123.113.0/24 maxlen: 24
                          103.123.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 541 (0x21d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917CEE3/serialNumber=30E0803DEBA600AC9A92644C96F78A8E885D7C50
        Validity
            Not Before: May 14 01:13:24 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=627f0234-25f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2b:c8:9c:45:22:25:0a:97:fb:81:6a:bb:6a:
                    f5:2a:bf:53:4d:f6:55:70:d0:70:22:85:7a:c5:02:
                    ed:66:4a:08:e6:f5:64:38:e2:1c:15:8a:9e:e7:74:
                    ef:ba:95:89:23:cb:1c:44:20:e1:83:25:26:08:45:
                    ca:16:94:37:7d:24:7a:7b:ed:12:e4:f5:85:a2:57:
                    55:0e:b3:42:a2:1c:78:37:de:e3:3d:49:5b:01:3b:
                    5a:87:56:41:b2:b3:e9:d1:85:e1:97:65:c3:ce:b0:
                    98:3a:12:01:38:49:5d:1c:20:a4:b1:a6:be:b4:de:
                    4f:8e:7d:d0:b4:48:f7:b1:18:d3:99:ad:17:44:a9:
                    2e:0d:97:a2:46:0a:a2:05:0b:83:4f:8d:63:e1:57:
                    00:6a:5d:43:66:c2:a4:80:f6:08:35:61:12:5d:9d:
                    2e:dc:c5:df:36:0f:99:92:28:d3:cc:6b:6c:3d:06:
                    b5:4d:ef:dd:2d:b8:6d:ef:d9:80:05:7a:13:ae:6c:
                    19:b0:9c:31:05:0f:39:92:9b:cd:09:7f:af:cf:63:
                    bf:ad:1c:95:5e:0c:21:e2:ed:ff:3b:30:f8:73:3f:
                    ea:2b:d2:d9:83:d0:f8:3e:5b:fc:22:1a:90:ba:b3:
                    f6:59:f3:83:ac:48:78:87:14:f2:7c:de:c8:ad:92:
                    ab:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:44:55:9A:F7:B4:52:C5:8C:3B:C7:97:BA:35:C2:32:36:8A:FE:44
            X509v3 Authority Key Identifier:
                keyid:30:E0:80:3D:EB:A6:00:AC:9A:92:64:4C:96:F7:8A:8E:88:5D:7C:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/MOCAPeumAKyakmRMlveKjohdfFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOCAPeumAKyakmRMlveKjohdfFA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/0D0BB782D32311EC85B03557C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.113.0/24
                  103.123.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:83:53:a8:00:dc:e8:a6:25:e7:00:43:c6:65:65:1b:75:69:
         e3:02:64:6e:94:14:ad:e6:77:3b:7d:f4:9d:07:31:10:bc:d7:
         f7:bb:3a:53:12:c6:c0:47:f9:29:51:d9:08:9c:18:0d:31:5a:
         7c:6e:dc:16:0d:e4:88:6f:09:3d:e3:b9:ad:0d:8b:56:af:28:
         e8:a2:db:db:6b:dc:8b:e7:c1:ee:3a:99:cd:a1:d9:86:ef:8d:
         6a:b1:bb:6a:29:fe:e5:5b:e6:8b:7b:4d:d5:d3:60:b3:e9:04:
         d3:12:64:34:1a:ce:e8:4d:c7:f0:27:8d:32:0b:7f:58:af:93:
         18:f3:ab:05:a9:05:1c:c2:10:7c:91:cc:66:55:6d:82:e9:e4:
         b3:83:9d:d3:1f:37:f8:fe:41:f5:1f:ba:9e:d1:83:5e:1e:c0:
         df:6a:b5:a1:b4:df:e9:03:1b:e9:ab:a3:41:b6:d9:0a:cf:fb:
         46:75:e6:c9:c8:05:39:96:08:ff:9d:69:94:03:a8:09:ed:54:
         44:bc:27:e5:7f:c5:92:d1:79:0b:8a:fb:17:dc:b7:a7:44:cb:
         88:7e:22:62:06:37:16:32:50:03:4a:ab:d2:f9:22:90:2a:db:
         5a:5c:26:91:a5:5d:d9:fb:32:49:a4:d7:73:a3:91:7a:3a:89:
         c7:b7:99:f6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFRTMxMTAvBgNVBAUTKDMwRTA4MDNERUJBNjAwQUM5QTkyNjQ0Qzk2Rjc4QThF
ODg1RDdDNTAwHhcNMjIwNTE0MDExMzI0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdmMDIzNC0yNWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxSvInEUiJQqX+4Fqu2r1Kr9TTfZVcNBwIoV6xQLtZkoI5vVkOOIcFYqe53Tv
upWJI8scRCDhgyUmCEXKFpQ3fSR6e+0S5PWFoldVDrNCohx4N97jPUlbATtah1ZB
srPp0YXhl2XDzrCYOhIBOEldHCCksaa+tN5Pjn3QtEj3sRjTma0XRKkuDZeiRgqi
BQuDT41j4VcAal1DZsKkgPYINWESXZ0u3MXfNg+ZkijTzGtsPQa1Te/dLbht79mA
BXoTrmwZsJwxBQ85kpvNCX+vz2O/rRyVXgwh4u3/OzD4cz/qK9LZg9D4Plv8IhqQ
urP2WfODrEh4hxTyfN7IrZKrQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFANEVZr3
tFLFjDvHl7o1wjI2iv5EMB8GA1UdIwQYMBaAFDDggD3rpgCsmpJkTJb3io6IXXxQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0VFMy85QTc3QUEyQTA1
OTQxMUVDOUY2NDY4NTRDNEY5QUUwMi9NT0NBUGV1bUFLeWFrbVJNbHZlS2pvaGRm
RkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PQ0FQZXVtQUt5YWttUk1sdmVLam9oZGZGQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFRTMvOUE3N0FBMkEwNTk0MTFFQzlGNjQ2ODU0QzRGOUFFMDIvMEQwQkI3ODJE
MzIzMTFFQzg1QjAzNTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABne3EDBABne3MwDQYJKoZIhvcNAQELBQADggEBAGuDU6gA
3OimJecAQ8ZlZRt1aeMCZG6UFK3mdzt99J0HMRC81/e7OlMSxsBH+SlR2QicGA0x
Wnxu3BYN5IhvCT3jua0Ni1avKOii29tr3Ivnwe46mc2h2YbvjWqxu2op/uVb5ot7
TdXTYLPpBNMSZDQazuhNx/AnjTILf1ivkxjzqwWpBRzCEHyRzGZVbYLp5LODndMf
N/j+QfUfup7Rg14ewN9qtaG03+kDG+mro0G22QrP+0Z15snIBTmWCP+daZQDqAnt
VES8J+V/xZLReQuK+xfct6dEy4h+ImIGNxYyUANKq9L5IpAq21pcJpGlXdn7Mkmk
13OjkXo6ice3mfY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org