Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D38D059677E411EB82978673C4F9AE02.roa
File:                     D38D059677E411EB82978673C4F9AE02.roa (raw, json)
Hash identifier:          zcFi8PHtPJ8NxIrTj9ak44125BHN0ga/J5T1HSG69VU=
Subject key identifier:   76:8B:BC:A2:3F:8D:8A:5D:64:ED:81:89:A6:68:58:9F:77:62:A6:5D
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0E04
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D38D059677E411EB82978673C4F9AE02.roa
Signing time:             Wed 03 Aug 2022 19:06:25 +0000
ROA not before:           Wed 03 Aug 2022 19:06:25 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     4842
IP address blocks:        103.140.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3588 (0xe04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  3 19:06:25 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62eac731-4f2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:bd:58:74:99:4e:d0:80:0c:81:fd:79:9b:4a:
                    98:f6:9d:76:48:f8:54:3a:8f:bf:3c:92:0a:f2:ce:
                    88:8a:4f:78:29:e2:2b:cd:27:13:9c:03:c2:8a:0f:
                    e0:f0:99:23:7c:c6:cf:77:3f:b8:fe:d9:6c:76:28:
                    ae:34:ff:8e:bc:a7:28:30:37:55:7e:54:c9:28:61:
                    3a:ee:d8:db:a6:1e:65:2b:8d:4a:8a:7c:d9:df:96:
                    8b:b1:58:79:8d:b5:79:67:c3:19:49:c9:0a:36:0f:
                    b1:5e:5b:b7:a6:09:cf:46:1f:8a:26:b4:32:89:24:
                    05:72:23:7b:50:69:18:3c:1c:35:d5:46:73:a2:56:
                    1b:b9:ff:a9:0b:47:77:af:30:07:c6:06:49:f1:05:
                    48:d5:85:a6:e7:85:f4:1b:01:e1:6a:07:25:6a:e7:
                    25:f7:57:d5:19:74:30:1a:b2:fb:d7:d1:57:42:c8:
                    46:35:eb:5c:b0:a5:69:a5:d3:bd:1e:6b:60:1a:5d:
                    f0:e9:54:82:97:1d:27:f0:84:38:53:42:6d:f4:f3:
                    46:12:f4:83:b9:77:5a:e5:91:ce:5c:f5:16:92:db:
                    95:0a:2a:bb:eb:4f:d2:50:20:e2:5d:14:7f:d5:fc:
                    d7:98:2a:ee:7d:97:de:50:b3:62:c1:23:50:ca:41:
                    2c:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8B:BC:A2:3F:8D:8A:5D:64:ED:81:89:A6:68:58:9F:77:62:A6:5D
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D38D059677E411EB82978673C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.140.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:5d:c4:90:ed:ad:a8:9d:39:2b:4b:19:dc:cc:75:1e:5c:c4:
         0a:7f:b1:4f:b5:e0:3f:0e:0f:48:6f:17:54:fa:b9:f3:ae:3a:
         9b:e4:bf:d7:63:22:66:dd:fe:f9:fc:e7:eb:b2:79:41:64:c1:
         c3:41:54:35:23:05:b3:b2:eb:04:86:e7:50:e3:53:fa:25:3c:
         d0:6f:18:5c:d5:7f:8d:04:f6:f2:84:81:43:5d:97:b4:97:14:
         a0:bc:fb:13:64:4c:44:31:05:bf:8b:12:3b:8e:4c:16:74:49:
         eb:2d:9c:32:90:5a:dc:e2:88:3a:61:9e:94:01:94:71:64:d6:
         84:b4:7d:40:f1:65:63:a8:97:c9:dd:b8:54:06:06:f6:e3:85:
         9a:0a:fa:13:5a:33:0d:4b:78:1f:50:94:03:c1:9b:81:71:77:
         98:73:38:a1:4e:41:ba:6d:75:fa:94:77:e8:81:39:00:59:2c:
         a7:d3:8a:82:60:02:7b:46:3e:69:15:6b:c3:92:0b:04:53:db:
         54:a4:bf:d8:69:95:c7:9c:c7:5a:37:2d:ff:7b:59:73:8d:1b:
         91:89:a6:3b:29:50:19:ab:cc:3a:0c:f1:ab:5d:da:c4:51:db:
         45:7b:f4:81:83:ec:fc:91:d7:ef:ac:3d:10:2c:a1:11:ff:ab:
         16:6d:2e:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNjI1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzczMS00ZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1r1YdJlO0IAMgf15m0qY9p12SPhUOo+/PJIK8s6Iik94KeIrzScTnAPCig/g
8JkjfMbPdz+4/tlsdiiuNP+OvKcoMDdVflTJKGE67tjbph5lK41KinzZ35aLsVh5
jbV5Z8MZSckKNg+xXlu3pgnPRh+KJrQyiSQFciN7UGkYPBw11UZzolYbuf+pC0d3
rzAHxgZJ8QVI1YWm54X0GwHhagclaucl91fVGXQwGrL719FXQshGNetcsKVppdO9
HmtgGl3w6VSClx0n8IQ4U0Jt9PNGEvSDuXda5ZHOXPUWktuVCiq760/SUCDiXRR/
1fzXmCrufZfeULNiwSNQykEsMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHaLvKI/
jYpdZO2BiaZoWJ93YqZdMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvRDM4RDA1OTY3
N0U0MTFFQjgyOTc4NjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnjAgwDQYJKoZIhvcNAQELBQADggEBAKNdxJDtraidOStL
GdzMdR5cxAp/sU+14D8OD0hvF1T6ufOuOpvkv9djImbd/vn85+uyeUFkwcNBVDUj
BbOy6wSG51DjU/olPNBvGFzVf40E9vKEgUNdl7SXFKC8+xNkTEQxBb+LEjuOTBZ0
SestnDKQWtziiDphnpQBlHFk1oS0fUDxZWOol8nduFQGBvbjhZoK+hNaMw1LeB9Q
lAPBm4Fxd5hzOKFOQbptdfqUd+iBOQBZLKfTioJgAntGPmkVa8OSCwRT21Skv9hp
lcecx1o3Lf97WXONG5GJpjspUBmrzDoM8atd2sRR20V79IGD7PyR1++sPRAsoRH/
qxZtLu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org