Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/570031E8F48C11EDA48EDC25C4F9AE02.roa
File:                     570031E8F48C11EDA48EDC25C4F9AE02.roa (raw, json)
Hash identifier:          hFgUNKaQmnqN18uaOcASV9Z7/w9aj1515K+5iAAvy2A=
Subject key identifier:   0A:2B:11:E6:FB:B2:A6:6B:B4:AC:D1:D7:3E:CA:E2:E9:AE:1D:58:78
Certificate issuer:       /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial:       03D5
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/570031E8F48C11EDA48EDC25C4F9AE02.roa
Signing time:             Wed 17 May 2023 09:04:15 +0000
ROA not before:           Wed 17 May 2023 09:04:15 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     56264
IP address blocks:        103.31.210.0/24 maxlen: 24
                          103.31.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 981 (0x3d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
        Validity
            Not Before: May 17 09:04:15 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=6464988f-ef01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:fd:d5:b8:45:3e:6c:a6:a1:d8:57:91:54:f2:
                    4b:0a:e1:f9:15:a6:88:bc:04:ea:37:66:b1:98:ac:
                    45:52:f0:cc:64:9d:59:8b:3b:09:e7:95:77:95:26:
                    7e:bb:45:9f:46:21:b4:43:ae:be:34:f3:ca:95:bf:
                    bc:90:a9:30:c7:8a:b3:9f:f3:33:45:38:ef:c7:75:
                    7b:a1:95:cb:81:34:4f:42:17:1f:1e:ba:de:d6:9b:
                    e9:b8:ef:5c:37:35:e0:02:e0:6c:34:dc:fe:80:24:
                    41:da:ca:27:ce:2b:9d:44:a3:64:65:41:d9:ce:eb:
                    c1:d8:98:40:2b:aa:d5:94:5a:1d:4f:21:9c:d2:ad:
                    11:37:fc:14:d7:ec:fc:90:f0:e3:73:3d:68:0a:e4:
                    7c:a9:6f:c0:8f:6d:27:66:23:e1:84:e4:0a:46:ef:
                    19:1d:52:02:98:b9:d4:dc:a4:19:b1:ca:8d:1b:d5:
                    6b:cd:4e:29:fe:db:b5:79:bd:41:39:31:eb:2e:9d:
                    d7:06:db:e3:ed:f6:dc:ed:8c:49:24:49:c5:db:a3:
                    52:c0:37:ee:c4:75:55:4a:0d:3a:11:f4:a9:38:73:
                    ad:30:54:2f:51:35:5a:99:71:dc:37:90:7b:2d:7d:
                    4b:62:4f:2b:32:97:51:4c:23:64:53:95:2d:00:9e:
                    77:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:2B:11:E6:FB:B2:A6:6B:B4:AC:D1:D7:3E:CA:E2:E9:AE:1D:58:78
            X509v3 Authority Key Identifier:
                keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/570031E8F48C11EDA48EDC25C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.31.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         23:72:4f:0c:03:72:bb:ff:82:bc:32:d5:24:a6:f2:1c:4a:05:
         20:6b:c6:69:57:90:28:36:8f:59:84:7c:1d:d8:bc:53:23:b1:
         d0:6a:24:60:29:f5:88:d8:3e:ba:68:47:aa:6a:37:37:74:55:
         de:41:a0:34:66:17:7a:b4:48:b7:4a:4c:c8:0b:60:02:1e:f1:
         b4:e7:b5:25:3b:00:f7:86:6b:c9:fd:bc:ea:85:ff:e3:49:c5:
         a5:c2:ff:c2:94:2a:4e:be:80:fa:a1:d1:5f:7c:a2:22:17:96:
         b5:1e:e1:20:9c:1a:50:ca:69:12:ec:cc:2d:03:c4:11:e5:00:
         79:07:95:08:5e:79:84:24:ee:15:84:0a:15:d7:e7:45:35:8e:
         94:4f:62:df:77:26:63:43:8b:61:3d:21:5d:6a:5e:78:fe:4d:
         13:5c:47:d8:55:6e:fc:66:21:a7:03:ba:34:20:ea:e6:90:98:
         a9:4d:1f:00:91:da:d9:35:7d:fc:c0:37:e5:2c:ee:4d:ac:e7:
         f2:c3:e1:d1:3e:52:8b:ac:b1:a1:61:20:6d:d8:2b:8e:ca:28:
         03:e3:d8:d8:5b:da:45:d2:1c:f0:66:3c:fc:6b:0c:7c:36:7c:
         79:a8:b4:d7:9f:56:06:ad:46:05:49:50:05:91:28:40:dc:44:
         6c:fe:05:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjMwNTE3MDkwNDE1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY0OTg4Zi1lZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1f3VuEU+bKah2FeRVPJLCuH5FaaIvATqN2axmKxFUvDMZJ1ZizsJ55V3lSZ+
u0WfRiG0Q66+NPPKlb+8kKkwx4qzn/MzRTjvx3V7oZXLgTRPQhcfHrre1pvpuO9c
NzXgAuBsNNz+gCRB2sonziudRKNkZUHZzuvB2JhAK6rVlFodTyGc0q0RN/wU1+z8
kPDjcz1oCuR8qW/Aj20nZiPhhOQKRu8ZHVICmLnU3KQZscqNG9VrzU4p/tu1eb1B
OTHrLp3XBtvj7fbc7YxJJEnF26NSwDfuxHVVSg06EfSpOHOtMFQvUTVamXHcN5B7
LX1LYk8rMpdRTCNkU5UtAJ533QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAorEeb7
sqZrtKzR1z7K4umuHVh4MB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvNTcwMDMxRThG
NDhDMTFFREE0OEVEQzI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnH9IwDQYJKoZIhvcNAQELBQADggEBACNyTwwDcrv/grwy
1SSm8hxKBSBrxmlXkCg2j1mEfB3YvFMjsdBqJGAp9YjYPrpoR6pqNzd0Vd5BoDRm
F3q0SLdKTMgLYAIe8bTntSU7APeGa8n9vOqF/+NJxaXC/8KUKk6+gPqh0V98oiIX
lrUe4SCcGlDKaRLszC0DxBHlAHkHlQheeYQk7hWEChXX50U1jpRPYt93JmNDi2E9
IV1qXnj+TRNcR9hVbvxmIacDujQg6uaQmKlNHwCR2tk1ffzAN+Us7k2s5/LD4dE+
UoussaFhIG3YK47KKAPj2Nhb2kXSHPBmPPxrDHw2fHmotNefVgatRgVJUAWRKEDc
RGz+Be8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org