Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/E6A5A1FAB2FE11ECAD63E74BC4F9AE02.roa
File:                     E6A5A1FAB2FE11ECAD63E74BC4F9AE02.roa (raw, json)
Hash identifier:          TcJ7Nejiwo63qcQ3wQP8XnRO6UK9Nc8t6xvUl0sKUDA=
Subject key identifier:   DF:B6:FA:BD:1A:A9:3A:B8:BE:AE:55:65:24:FB:1F:21:51:CB:6B:62
Certificate issuer:       /CN=A9193339/serialNumber=872E5AB539BE43857403D4F5D45A5472BB207A6D
Certificate serial:       03
Authority key identifier: 87:2E:5A:B5:39:BE:43:85:74:03:D4:F5:D4:5A:54:72:BB:20:7A:6D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hy5atTm-Q4V0A9T11FpUcrsgem0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/E6A5A1FAB2FE11ECAD63E74BC4F9AE02.roa
Signing time:             Sun 03 Apr 2022 03:34:00 +0000
ROA not before:           Sun 03 Apr 2022 03:34:00 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     137995
IP address blocks:        103.84.139.0/24 maxlen: 24
                          2400:a040:a::/48 maxlen: 48
                          2400:a040:ffff::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9193339/serialNumber=872E5AB539BE43857403D4F5D45A5472BB207A6D
        Validity
            Not Before: Apr  3 03:34:00 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=624915a8-a3ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e1:2f:34:88:2b:1f:0b:d7:7d:68:44:b8:10:
                    fd:d9:bb:4c:7d:d5:a8:7e:3b:a3:ad:74:d0:85:03:
                    20:4b:6a:17:31:ea:fc:d1:20:56:5a:f4:71:7e:47:
                    ce:37:ba:4d:f9:73:47:0f:9d:ce:c9:1c:3b:3f:b6:
                    a1:8d:9e:e3:d6:e0:73:ef:9d:a5:86:f5:ca:10:cc:
                    51:5c:a4:a2:b4:bb:c2:83:47:e9:1b:71:a8:67:26:
                    f5:8a:ff:17:66:93:2d:71:50:df:22:2d:d3:2f:23:
                    74:6d:62:e8:da:97:94:8a:99:03:3c:53:01:31:3a:
                    66:fe:54:63:50:69:4c:f0:4a:4e:7a:9b:16:dc:21:
                    ca:c3:d2:a5:a5:97:7e:36:3d:86:2a:4d:79:18:1c:
                    da:5c:d1:59:0b:57:84:34:2e:e7:ee:ad:75:12:1c:
                    38:6b:b6:88:fd:eb:06:33:07:f1:8d:35:c1:b7:4f:
                    67:8b:b9:22:e5:94:98:d8:8a:6c:2f:8c:c8:5e:23:
                    6a:59:95:53:0c:12:63:c8:e2:0c:e3:3c:bd:cf:59:
                    59:2a:a3:13:c8:13:14:f7:ed:42:f9:c9:7b:79:07:
                    0c:2a:08:de:af:b3:96:63:0c:69:ae:e1:43:76:00:
                    b2:39:67:80:01:c1:ae:99:54:0c:03:06:6f:04:17:
                    e6:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:B6:FA:BD:1A:A9:3A:B8:BE:AE:55:65:24:FB:1F:21:51:CB:6B:62
            X509v3 Authority Key Identifier:
                keyid:87:2E:5A:B5:39:BE:43:85:74:03:D4:F5:D4:5A:54:72:BB:20:7A:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/hy5atTm-Q4V0A9T11FpUcrsgem0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hy5atTm-Q4V0A9T11FpUcrsgem0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193339/45267970B2FA11ECB574CE7FC4F9AE02/E6A5A1FAB2FE11ECAD63E74BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.84.139.0/24
                IPv6:
                  2400:a040:a::/48
                  2400:a040:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:aa:b6:74:86:bc:b6:f9:97:45:f0:bf:25:bf:1c:6b:4d:4a:
         b4:a4:74:ae:d1:18:97:3a:7d:41:42:e5:43:0e:22:9f:c5:7e:
         5b:dd:19:c7:0e:73:99:59:72:2a:f7:05:21:a5:5c:be:55:0b:
         f4:a7:6f:a4:9d:c1:bc:35:32:6b:b5:20:93:b1:09:f5:a9:ee:
         88:61:1b:24:ad:ab:28:82:f5:78:d3:27:38:7e:8d:55:7b:2c:
         49:e0:73:95:8d:90:76:c9:31:1f:b2:b2:39:f3:96:f1:08:12:
         1e:d2:ef:ac:56:74:b0:bd:8e:b0:4c:bb:16:e4:0f:a7:bc:b2:
         98:44:8d:3f:3d:47:c6:4b:92:0e:de:89:d0:96:4b:f0:30:cc:
         b7:d2:40:04:1e:d7:0a:80:a8:d0:c8:49:60:1c:c5:93:97:87:
         88:45:20:03:09:7f:96:14:65:cb:0a:7e:1f:20:86:f0:09:9a:
         ec:ac:f0:20:26:9d:ab:8a:b6:ec:83:a3:f5:1e:25:7a:c1:ff:
         e5:b1:9f:f1:be:36:fd:fb:d3:b2:15:61:d0:18:4b:92:60:d1:
         2b:94:15:e0:fd:28:f3:7f:32:b1:96:3c:c4:b3:12:00:ab:aa:
         5e:fa:97:6c:ce:a4:ed:ac:24:a6:c9:43:7c:8c:04:8b:a4:7d:
         86:b3:01:72
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MzMzOTExMC8GA1UEBRMoODcyRTVBQjUzOUJFNDM4NTc0MDNENEY1RDQ1QTU0NzJC
QjIwN0E2RDAeFw0yMjA0MDMwMzM0MDBaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNDkxNWE4LWEzYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCe4S80iCsfC9d9aES4EP3Zu0x91ah+O6OtdNCFAyBLahcx6vzRIFZa9HF+R843
uk35c0cPnc7JHDs/tqGNnuPW4HPvnaWG9coQzFFcpKK0u8KDR+kbcahnJvWK/xdm
ky1xUN8iLdMvI3RtYujal5SKmQM8UwExOmb+VGNQaUzwSk56mxbcIcrD0qWll342
PYYqTXkYHNpc0VkLV4Q0LufurXUSHDhrtoj96wYzB/GNNcG3T2eLuSLllJjYimwv
jMheI2pZlVMMEmPI4gzjPL3PWVkqoxPIExT37UL5yXt5BwwqCN6vs5ZjDGmu4UN2
ALI5Z4ABwa6ZVAwDBm8EF+bJAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQU37b6vRqp
Ori+rlVlJPsfIVHLa2IwHwYDVR0jBBgwFoAUhy5atTm+Q4V0A9T11FpUcrsgem0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkzMzM5LzQ1MjY3OTcwQjJG
QTExRUNCNTc0Q0U3RkM0RjlBRTAyL2h5NWF0VG0tUTRWMEE5VDExRnBVY3JzZ2Vt
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaHk1YXRUbS1RNFYwQTlUMTFGcFVjcnNnZW0wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MzMzOS80NTI2Nzk3MEIyRkExMUVDQjU3NENFN0ZDNEY5QUUwMi9FNkE1QTFGQUIy
RkUxMUVDQUQ2M0U3NEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwDAQCAAEwBgMEAGdUizAYBAIAAjASAwcAJACgQAAKAwcAJACgQP//MA0GCSqG
SIb3DQEBCwUAA4IBAQChqrZ0hry2+ZdF8L8lvxxrTUq0pHSu0RiXOn1BQuVDDiKf
xX5b3RnHDnOZWXIq9wUhpVy+VQv0p2+kncG8NTJrtSCTsQn1qe6IYRskrasogvV4
0yc4fo1VeyxJ4HOVjZB2yTEfsrI585bxCBIe0u+sVnSwvY6wTLsW5A+nvLKYRI0/
PUfGS5IO3onQlkvwMMy30kAEHtcKgKjQyElgHMWTl4eIRSADCX+WFGXLCn4fIIbw
CZrsrPAgJp2rirbsg6P1HiV6wf/lsZ/xvjb9+9OyFWHQGEuSYNErlBXg/SjzfzKx
ljzEsxIAq6pe+pdszqTtrCSmyUN8jASLpH2GswFy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org