Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/535710A24B3F11EE8975DA46C4F9AE02.roa
File:                     535710A24B3F11EE8975DA46C4F9AE02.roa (raw, json)
Hash identifier:          R+9E2ETMBJB6pa2yQvqAK1XxErqZZXCp6EZfZ2s9rOE=
Subject key identifier:   36:19:EF:14:9C:C8:CE:BD:33:37:54:69:3B:E2:87:83:C0:A1:1C:47
Certificate issuer:       /CN=A9193D85/serialNumber=BB07ED464B280D57FA771841F77F52EA7D507927
Certificate serial:       0EFA
Authority key identifier: BB:07:ED:46:4B:28:0D:57:FA:77:18:41:F7:7F:52:EA:7D:50:79:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uwftRksoDVf6dxhB939S6n1QeSc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/535710A24B3F11EE8975DA46C4F9AE02.roa
Signing time:             Mon 04 Sep 2023 16:23:45 +0000
ROA not before:           Mon 04 Sep 2023 16:23:45 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        103.136.41.0/24 maxlen: 24
                          103.136.42.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3834 (0xefa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9193D85/serialNumber=BB07ED464B280D57FA771841F77F52EA7D507927
        Validity
            Not Before: Sep  4 16:23:45 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64f60491-b4b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:70:62:10:2f:f6:dc:a0:c4:fc:b5:e9:15:a2:
                    f1:2c:bc:bc:3a:03:14:fa:2b:ff:cd:ff:e4:93:dc:
                    22:1b:f9:fd:3c:64:1f:31:69:47:bb:11:33:03:84:
                    d1:f3:08:b7:cd:20:ed:12:6b:e8:f0:e2:97:6b:13:
                    05:53:16:2d:85:6c:56:91:cd:39:5f:d8:f5:f2:c6:
                    80:f3:c4:0c:f4:f9:f9:71:b0:2e:94:2d:df:5d:a6:
                    32:5a:65:9e:83:8a:c1:ca:56:1f:ee:aa:de:fa:3d:
                    c0:f9:6c:38:c8:c3:68:02:51:54:8e:cd:94:41:3e:
                    b9:d5:4e:8d:32:16:f7:17:61:be:a2:7f:4b:68:6e:
                    83:53:8f:f0:68:46:06:b0:55:12:e7:96:90:a5:78:
                    b7:29:18:d1:1b:67:e8:1f:88:8c:fd:14:41:ea:9c:
                    56:a3:bf:d9:3b:b5:e3:ff:87:25:26:5d:6c:80:bd:
                    59:ae:5d:2e:7e:fd:29:ba:3e:39:a3:7f:2d:fc:ad:
                    31:47:67:66:f0:bb:51:82:35:c9:9b:98:b1:17:06:
                    ee:73:41:63:51:91:9e:ce:43:22:b0:ac:8b:bf:ec:
                    3a:b4:fa:dc:7d:0c:75:a8:ef:e4:c6:63:d0:06:21:
                    e1:b6:f7:b3:da:88:8f:eb:1e:1e:5b:5b:90:56:0e:
                    96:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:19:EF:14:9C:C8:CE:BD:33:37:54:69:3B:E2:87:83:C0:A1:1C:47
            X509v3 Authority Key Identifier:
                keyid:BB:07:ED:46:4B:28:0D:57:FA:77:18:41:F7:7F:52:EA:7D:50:79:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/uwftRksoDVf6dxhB939S6n1QeSc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uwftRksoDVf6dxhB939S6n1QeSc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193D85/915325203FC911E9979BB83BC4F9AE02/535710A24B3F11EE8975DA46C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.41.0-103.136.42.255

    Signature Algorithm: sha256WithRSAEncryption
         b5:66:96:6e:db:96:5a:79:ed:3f:c1:01:54:08:90:ff:f8:2c:
         b7:e8:63:fa:18:e8:19:8f:e2:f2:ea:f8:e6:71:44:e0:a5:c5:
         c7:da:38:e3:9c:f4:39:f1:a6:54:90:f7:a7:bf:2a:f9:bc:46:
         4a:dc:b0:ba:b6:9d:9e:19:23:4e:f9:7e:06:b9:7b:51:f4:7a:
         f5:5b:5c:e4:68:89:37:e4:bf:4e:68:7b:0a:8c:de:d6:2d:b1:
         3b:ba:3f:d1:a6:bd:63:e2:ff:fc:f6:ff:00:bc:e4:c6:e8:51:
         b0:00:70:e0:cc:92:13:e7:87:ba:e9:fd:76:b3:2d:4c:eb:bb:
         1c:69:4f:62:db:b3:1b:01:2d:c2:f2:35:66:98:70:e2:d1:93:
         19:65:b8:e9:41:82:c7:29:5f:54:f0:b2:fe:58:bc:c9:36:32:
         3e:bb:26:16:94:e4:60:4b:26:0e:0f:08:a9:8f:3e:22:84:f6:
         62:27:b3:b9:ad:f8:59:ac:6a:27:69:1e:b5:68:81:16:50:36:
         29:1a:3c:b0:36:36:56:4f:5b:d4:2e:6d:cd:f7:c9:f7:b1:a3:
         f4:1d:11:ba:5c:45:e4:a0:50:ea:42:b4:2f:6b:6f:17:20:5b:
         f5:b5:78:30:11:0a:5b:88:03:d9:92:56:57:e7:6b:ab:a5:4a:
         71:b4:99:0a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICDvowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTNEODUxMTAvBgNVBAUTKEJCMDdFRDQ2NEIyODBENTdGQTc3MTg0MUY3N0Y1MkVB
N0Q1MDc5MjcwHhcNMjMwOTA0MTYyMzQ1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2MDQ5MS1iNGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv3BiEC/23KDE/LXpFaLxLLy8OgMU+iv/zf/kk9wiG/n9PGQfMWlHuxEzA4TR
8wi3zSDtEmvo8OKXaxMFUxYthWxWkc05X9j18saA88QM9Pn5cbAulC3fXaYyWmWe
g4rBylYf7qre+j3A+Ww4yMNoAlFUjs2UQT651U6NMhb3F2G+on9LaG6DU4/waEYG
sFUS55aQpXi3KRjRG2foH4iM/RRB6pxWo7/ZO7Xj/4clJl1sgL1Zrl0ufv0puj45
o38t/K0xR2dm8LtRgjXJm5ixFwbuc0FjUZGezkMisKyLv+w6tPrcfQx1qO/kxmPQ
BiHhtvez2oiP6x4eW1uQVg6W9QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDYZ7xSc
yM69MzdUaTvih4PAoRxHMB8GA1UdIwQYMBaAFLsH7UZLKA1X+ncYQfd/Uup9UHkn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5M0Q4NS85MTUzMjUyMDNG
QzkxMUU5OTc5QkI4M0JDNEY5QUUwMi91d2Z0Umtzb0RWZjZkeGhCOTM5UzZuMVFl
U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3V3ZnRSa3NvRFZmNmR4aEI5MzlTNm4xUWVTYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTNEODUvOTE1MzI1MjAzRkM5MTFFOTk3OUJCODNCQzRGOUFFMDIvNTM1NzEwQTI0
QjNGMTFFRTg5NzVEQTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGeIKQMEAGeIKjANBgkqhkiG9w0BAQsFAAOCAQEAtWaW
btuWWnntP8EBVAiQ//gst+hj+hjoGY/i8ur45nFE4KXFx9o445z0OfGmVJD3p78q
+bxGStywuradnhkjTvl+Brl7UfR69Vtc5GiJN+S/Tmh7Coze1i2xO7o/0aa9Y+L/
/Pb/ALzkxuhRsABw4MySE+eHuun9drMtTOu7HGlPYtuzGwEtwvI1Zphw4tGTGWW4
6UGCxylfVPCy/li8yTYyPrsmFpTkYEsmDg8IqY8+IoT2Yiezua34WaxqJ2ketWiB
FlA2KRo8sDY2Vk9b1C5tzffJ97Gj9B0RulxF5KBQ6kK0L2tvFyBb9bV4MBEKW4gD
2ZJWV+drq6VKcbSZCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org