Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
File:                     925DB0920F6D11EA8840135DC4F9AE02.roa (raw, json)
Hash identifier:          PykvjdKpn7Robs0AMP1J36Fxjk9oyb8vmFzyboGTkAA=
Subject key identifier:   96:EE:49:25:C6:9A:C7:58:DF:DF:6F:FB:50:6F:76:E9:87:0F:E3:91
Certificate issuer:       /CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734
Certificate serial:       0752
Authority key identifier: 2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
Signing time:             Wed 13 Oct 2021 08:55:58 +0000
ROA not before:           Wed 13 Oct 2021 08:55:58 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     134383
IP address blocks:        103.121.140.0/22 maxlen: 24
                          2001:df6:4300::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1874 (0x752)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734
        Validity
            Not Before: Oct 13 08:55:58 2021 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=61669f1d-7a07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:2e:ae:63:60:80:63:ff:6c:fb:1d:3f:24:31:
                    de:87:41:94:4a:57:b3:37:06:81:32:9c:62:e3:8e:
                    86:7c:96:04:6a:20:0a:f1:84:36:6c:24:04:aa:a1:
                    c5:38:53:9e:55:f4:5c:5d:51:e6:ba:aa:f5:08:b2:
                    15:44:f0:1d:23:b2:5a:f7:5f:2d:ec:1c:14:6d:8c:
                    f9:4c:16:60:cb:e6:cb:c4:21:ab:26:d2:04:22:fb:
                    ed:06:df:8f:10:85:d8:90:04:bf:18:95:a4:9e:09:
                    13:e3:32:9b:61:de:f3:3a:19:d0:49:3d:36:34:c8:
                    b5:0f:7d:ec:ea:a5:c0:ab:2c:f1:a9:7b:71:d2:52:
                    15:ad:13:ba:37:e5:39:f3:41:5c:aa:95:39:d2:f3:
                    48:85:c3:1b:74:59:9b:ca:90:24:dc:dd:51:22:40:
                    56:2d:48:0c:80:c2:8c:80:c9:8a:ed:07:51:b8:6d:
                    52:d8:c3:3d:cc:7b:69:7c:32:a2:50:44:43:05:e9:
                    12:7f:13:49:29:f9:0b:d0:77:fc:25:6c:1d:e3:2f:
                    0a:81:05:2c:2a:8c:f7:51:31:5b:ac:c2:83:28:52:
                    78:06:07:14:d7:79:4f:ba:21:cf:34:3a:ea:c0:39:
                    03:e0:67:05:87:d7:5f:8f:73:1b:d3:e0:1f:0f:8d:
                    35:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:EE:49:25:C6:9A:C7:58:DF:DF:6F:FB:50:6F:76:E9:87:0F:E3:91
            X509v3 Authority Key Identifier:
                keyid:2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.140.0/22
                IPv6:
                  2001:df6:4300::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:c0:43:88:f9:ac:59:42:c3:e9:45:12:49:3b:da:1c:e7:b9:
         25:09:f7:8f:49:ee:72:24:19:d3:76:12:f2:41:62:53:3c:43:
         f0:cc:e9:57:07:77:f1:bd:c6:59:0a:5c:6f:e9:6b:b7:18:0d:
         5a:d0:40:bf:68:91:03:65:66:2c:24:1e:1c:07:7f:4b:08:5a:
         aa:c6:d8:e4:aa:56:2d:53:16:c3:11:97:bc:60:00:0a:5f:d5:
         49:20:d8:af:f8:4b:0f:27:a7:9c:7e:e6:e2:dc:2a:95:fb:d1:
         a4:d9:33:90:21:18:42:1d:24:45:4f:83:c5:69:67:27:35:cb:
         6a:9c:3e:76:fa:94:db:8f:59:19:96:2e:22:f1:64:25:3e:db:
         ed:4b:85:f5:69:b1:e0:c5:9a:10:6e:7a:b2:64:a5:39:64:51:
         ba:cf:4d:9d:ff:aa:c1:6f:ca:80:04:94:95:96:3d:64:8d:78:
         57:aa:eb:24:74:35:ad:19:a2:19:c9:9f:55:98:9f:13:c8:99:
         ec:56:cd:c2:4d:f9:04:cc:4a:24:0f:c8:98:36:43:0e:37:40:
         ab:6b:68:93:73:c5:a9:17:da:55:11:92:ba:72:1d:be:11:8e:
         f1:02:ea:e3:2c:84:3f:93:13:e4:77:8f:74:39:63:29:2d:f9:
         a2:7f:cc:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICB1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM0OTYxMTAvBgNVBAUTKDJGN0ExQzFERDI3RUE3ODE1OENFMjFBOTREQkJGQjkw
NzJGQjE3MzQwHhcNMjExMDEzMDg1NTU4WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTY2OWYxZC03YTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0y6uY2CAY/9s+x0/JDHeh0GUSlezNwaBMpxi446GfJYEaiAK8YQ2bCQEqqHF
OFOeVfRcXVHmuqr1CLIVRPAdI7Ja918t7BwUbYz5TBZgy+bLxCGrJtIEIvvtBt+P
EIXYkAS/GJWkngkT4zKbYd7zOhnQST02NMi1D33s6qXAqyzxqXtx0lIVrRO6N+U5
80FcqpU50vNIhcMbdFmbypAk3N1RIkBWLUgMgMKMgMmK7QdRuG1S2MM9zHtpfDKi
UERDBekSfxNJKfkL0Hf8JWwd4y8KgQUsKoz3UTFbrMKDKFJ4BgcU13lPuiHPNDrq
wDkD4GcFh9dfj3Mb0+AfD401EQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJbuSSXG
msdY399v+1BvdumHD+ORMB8GA1UdIwQYMBaAFC96HB3SfqeBWM4hqU27+5By+xc0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzQ5Ni8yMzQxQTU2NjBG
NkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0Rll6aUdwVGJ2N2tITDdG
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0wzb2NIZEotcDRGWXppR3BUYnY3a0hMN0Z6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM0OTYvMjM0MUE1NjYwRjZDMTFFQUE3MEY3OTVBQzRGOUFFMDIvOTI1REIwOTIw
RjZEMTFFQTg4NDAxMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJneYwwDwQCAAIwCQMHACABDfZDADANBgkqhkiG9w0BAQsF
AAOCAQEAD8BDiPmsWULD6UUSSTvaHOe5JQn3j0nuciQZ03YS8kFiUzxD8MzpVwd3
8b3GWQpcb+lrtxgNWtBAv2iRA2VmLCQeHAd/SwhaqsbY5KpWLVMWwxGXvGAACl/V
SSDYr/hLDyennH7m4twqlfvRpNkzkCEYQh0kRU+DxWlnJzXLapw+dvqU249ZGZYu
IvFkJT7b7UuF9Wmx4MWaEG56smSlOWRRus9Nnf+qwW/KgASUlZY9ZI14V6rrJHQ1
rRmiGcmfVZifE8iZ7FbNwk35BMxKJA/ImDZDDjdAq2tok3PFqRfaVRGSunIdvhGO
8QLq4yyEP5MT5HePdDljKS35on/Mcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org