Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/37C632EA5D1011EE9D7B6C3BC4F9AE02.roa
File:                     37C632EA5D1011EE9D7B6C3BC4F9AE02.roa (raw, json)
Hash identifier:          yqHsJGeCcTYQQeB74YEC9TRzQzCaQh90wuLLS0eOU9M=
Subject key identifier:   09:F3:99:AD:C3:B9:3D:CA:E2:26:A1:EB:33:30:B9:3E:65:AE:A4:B1
Certificate issuer:       /CN=A918D6BF/serialNumber=4E01F4FCA76DBF9295DEC61C1B32A4EE68ADFD23
Certificate serial:       1783
Authority key identifier: 4E:01:F4:FC:A7:6D:BF:92:95:DE:C6:1C:1B:32:A4:EE:68:AD:FD:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TgH0_Kdtv5KV3sYcGzKk7mit_SM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/37C632EA5D1011EE9D7B6C3BC4F9AE02.roa
Signing time:             Sat 18 Nov 2023 16:54:20 +0000
ROA not before:           Sat 18 Nov 2023 16:54:20 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     151657
IP address blocks:        103.39.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6019 (0x1783)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918D6BF/serialNumber=4E01F4FCA76DBF9295DEC61C1B32A4EE68ADFD23
        Validity
            Not Before: Nov 18 16:54:20 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=6558ec3c-e46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c3:f8:3a:2b:d2:d7:5c:bf:51:ae:69:61:5c:
                    7b:29:8c:5a:89:8e:fc:0c:ed:bf:7d:22:db:be:dc:
                    26:7d:82:d9:16:41:cc:06:7a:f6:f1:b8:76:b5:41:
                    77:9c:52:6e:c1:e1:e5:5e:d2:67:fb:ff:5b:7e:93:
                    82:6d:18:85:a5:68:91:2d:f5:89:37:7c:d8:c1:00:
                    a6:f8:b3:fa:e7:95:dd:e2:62:44:7a:bf:1e:98:eb:
                    b9:9a:c8:00:16:cc:fb:95:76:c6:de:7d:f7:9f:9a:
                    4d:39:60:06:3b:5e:47:fa:47:7a:38:55:49:6e:de:
                    d0:b5:4f:13:ad:e9:2e:8e:f5:76:8e:89:8e:d2:3a:
                    ab:0e:d9:9a:0b:8c:0a:1b:34:93:71:fa:4c:3d:1b:
                    82:a3:4a:3a:b3:2c:a1:7c:bc:60:7e:62:80:7c:53:
                    67:25:bc:71:4b:a9:b1:2a:3d:c8:05:3a:4e:11:f0:
                    a5:ee:49:d7:a7:dd:88:43:f8:d1:7d:be:e9:de:37:
                    8c:85:ed:d4:1a:35:de:88:54:5c:37:ff:c3:85:bc:
                    14:e3:42:c9:4f:9d:4e:28:ed:71:85:77:dc:a5:66:
                    01:14:71:b5:ce:59:a5:ba:59:93:3e:36:d3:58:d3:
                    45:7c:cf:35:4a:78:3a:95:64:24:3c:4a:a6:41:da:
                    fe:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F3:99:AD:C3:B9:3D:CA:E2:26:A1:EB:33:30:B9:3E:65:AE:A4:B1
            X509v3 Authority Key Identifier:
                keyid:4E:01:F4:FC:A7:6D:BF:92:95:DE:C6:1C:1B:32:A4:EE:68:AD:FD:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/TgH0_Kdtv5KV3sYcGzKk7mit_SM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TgH0_Kdtv5KV3sYcGzKk7mit_SM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/37C632EA5D1011EE9D7B6C3BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.39.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:42:a9:53:b8:58:ce:c9:5f:82:2f:72:42:47:4a:9a:5f:6e:
         74:b9:27:d4:36:3b:5c:38:30:09:fd:bb:1e:1d:08:81:2b:15:
         a4:f6:57:46:87:c3:ba:3b:60:16:4c:af:ef:81:50:73:1a:4d:
         40:21:1b:a9:9c:da:09:ac:56:29:9a:ba:d2:07:90:58:32:0a:
         92:03:f9:90:e3:22:1e:0d:e8:cd:b9:90:54:11:c7:72:a1:68:
         e1:29:a6:09:9e:5d:c0:91:c4:35:4b:4d:ee:ae:1a:56:37:9b:
         23:4c:ce:51:e9:00:db:2b:87:01:4f:18:bb:27:3d:47:03:10:
         5f:eb:4d:46:3e:ca:26:4b:da:ba:8e:bf:b1:f1:8f:44:8d:e6:
         ed:fe:8b:df:38:76:d5:94:08:1a:a6:fa:ef:1a:da:91:64:49:
         c2:4c:57:6c:58:31:8b:43:63:ad:36:e6:61:07:ef:44:b1:fa:
         1a:7b:b5:e8:95:f2:0c:3a:72:ef:41:10:02:4d:72:7f:bd:b1:
         57:a2:7f:b7:9c:b9:eb:cc:84:c5:33:9d:87:9c:4d:44:39:14:
         5b:28:1c:2b:4b:76:c5:06:1b:52:ae:8e:52:48:de:5f:01:f1:
         14:68:4c:b2:9e:10:ba:c7:6e:04:06:8a:72:76:8d:f5:3b:7f:
         12:27:ee:25
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ2QkYxMTAvBgNVBAUTKDRFMDFGNEZDQTc2REJGOTI5NURFQzYxQzFCMzJBNEVF
NjhBREZEMjMwHhcNMjMxMTE4MTY1NDIwWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU4ZWMzYy1lNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8P4OivS11y/Ua5pYVx7KYxaiY78DO2/fSLbvtwmfYLZFkHMBnr28bh2tUF3
nFJuweHlXtJn+/9bfpOCbRiFpWiRLfWJN3zYwQCm+LP655Xd4mJEer8emOu5msgA
Fsz7lXbG3n33n5pNOWAGO15H+kd6OFVJbt7QtU8TrekujvV2jomO0jqrDtmaC4wK
GzSTcfpMPRuCo0o6syyhfLxgfmKAfFNnJbxxS6mxKj3IBTpOEfCl7knXp92IQ/jR
fb7p3jeMhe3UGjXeiFRcN//DhbwU40LJT51OKO1xhXfcpWYBFHG1zlmlulmTPjbT
WNNFfM81Sng6lWQkPEqmQdr+QwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAnzma3D
uT3K4iah6zMwuT5lrqSxMB8GA1UdIwQYMBaAFE4B9Pynbb+Sld7GHBsypO5orf0j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDZCRi9FMzYxQkEyMEE1
QTExMUU3QjNBMzEyN0RDNEY5QUUwMi9UZ0gwX0tkdHY1S1Yzc1ljR3pLazdtaXRf
U00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RnSDBfS2R0djVLVjNzWWNHektrN21pdF9TTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ2QkYvRTM2MUJBMjBBNUExMTFFN0IzQTMxMjdEQzRGOUFFMDIvMzdDNjMyRUE1
RDEwMTFFRTlEN0I2QzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnJ+4wDQYJKoZIhvcNAQELBQADggEBAOBCqVO4WM7JX4Iv
ckJHSppfbnS5J9Q2O1w4MAn9ux4dCIErFaT2V0aHw7o7YBZMr++BUHMaTUAhG6mc
2gmsVimautIHkFgyCpID+ZDjIh4N6M25kFQRx3KhaOEppgmeXcCRxDVLTe6uGlY3
myNMzlHpANsrhwFPGLsnPUcDEF/rTUY+yiZL2rqOv7Hxj0SN5u3+i984dtWUCBqm
+u8a2pFkScJMV2xYMYtDY6025mEH70Sx+hp7teiV8gw6cu9BEAJNcn+9sVeif7ec
uevMhMUznYecTUQ5FFsoHCtLdsUGG1KujlJI3l8B8RRoTLKeELrHbgQGinJ2jfU7
fxIn7iU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org