Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/0B4E59A8410A11EEA7D99248C4F9AE02.roa
File:                     0B4E59A8410A11EEA7D99248C4F9AE02.roa (raw, json)
Hash identifier:          LuB39G83fkW+zYeBmg2gIWEjYI5SXBGhsZd4u+nNCa0=
Subject key identifier:   B5:DF:ED:6B:94:BE:4D:77:2C:40:8A:64:30:9E:50:14:A3:21:02:A6
Certificate issuer:       /CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Certificate serial:       13
Authority key identifier: 59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/0B4E59A8410A11EEA7D99248C4F9AE02.roa
Signing time:             Tue 22 Aug 2023 16:36:29 +0000
ROA not before:           Tue 22 Aug 2023 16:36:29 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     139482
IP address blocks:        103.99.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19 (0x13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
        Validity
            Not Before: Aug 22 16:36:29 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64e4e40d-5237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a1:37:96:b9:0b:ef:2c:b6:51:7e:8a:5b:88:
                    50:61:7f:c7:a4:2c:f9:24:a1:42:65:60:2d:f5:cd:
                    a9:b4:73:8a:59:67:28:a5:dc:6f:a5:4b:20:0b:df:
                    17:37:75:3c:16:28:9d:76:03:bb:5b:72:1a:7a:b5:
                    66:09:87:c0:74:19:40:6c:79:68:89:6c:53:44:6a:
                    58:cf:f5:29:e7:55:89:a4:7d:bb:7d:6b:fb:11:c9:
                    7e:26:eb:f5:dc:a2:d5:c8:1a:8e:e9:4e:db:5a:93:
                    15:55:c2:ad:44:7d:3d:7b:c5:e2:ce:eb:51:34:cc:
                    25:12:30:73:f1:5a:38:62:92:e0:c5:35:bb:92:21:
                    6e:5e:4a:e8:36:66:9a:02:d6:81:2a:8b:30:e3:2b:
                    ee:e0:97:c9:e2:c9:36:f4:ad:da:27:d2:08:f9:0d:
                    11:89:bc:d7:85:15:11:04:75:e1:dd:df:84:0a:e5:
                    ea:08:56:09:ed:3b:c3:aa:6f:49:ee:12:c2:17:37:
                    b9:cd:8e:d1:49:3c:39:0a:dc:bb:97:cf:23:42:3c:
                    c0:d9:bd:80:c1:31:ec:ce:9c:70:c4:f5:ed:4f:d7:
                    7b:65:4c:f2:7c:f2:8d:25:5e:28:6c:29:bb:b2:f2:
                    f9:ac:25:a2:9c:71:37:ce:a3:ec:7c:64:0d:16:a4:
                    5b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:DF:ED:6B:94:BE:4D:77:2C:40:8A:64:30:9E:50:14:A3:21:02:A6
            X509v3 Authority Key Identifier:
                keyid:59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/WdWIElpxZphzjR0enm2KaNdAmyc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/0B4E59A8410A11EEA7D99248C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.99.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:d0:74:95:c0:8c:9d:8d:8f:d2:5c:50:da:2a:1c:25:cd:b6:
         37:87:d3:c0:d8:f1:4e:91:45:59:62:7c:90:7b:f2:6f:46:b0:
         0f:3d:be:ef:68:cf:a7:d1:21:d4:7f:9b:78:1c:df:b7:cf:04:
         40:89:49:fd:9c:1a:73:8a:6c:13:a1:b0:be:46:1d:d5:4b:64:
         92:dc:5d:b9:72:c2:4f:ff:02:64:c2:63:08:00:f7:bf:5e:e4:
         e6:f0:93:66:5c:1a:c3:85:49:d9:72:6b:e7:4b:90:76:c9:fe:
         02:ed:e8:a8:f6:4c:1d:d7:65:6d:42:98:ed:3a:15:b6:2a:0f:
         6c:af:a5:27:8e:a9:9b:32:5c:3a:39:65:7f:b3:2c:77:c4:04:
         65:fb:a3:65:91:3d:15:3e:ca:f2:44:60:6b:8b:02:30:19:ad:
         5a:f5:e8:34:09:92:5d:c0:32:d2:0b:eb:77:f0:02:3e:9d:5d:
         9b:43:32:47:75:7f:22:58:d9:59:eb:d4:50:4e:56:64:ab:08:
         4e:e0:83:c3:b2:82:19:ca:6b:44:57:ff:cd:12:84:54:b6:d9:
         f0:be:76:ce:aa:cb:46:f3:9e:d9:1f:ee:30:48:a3:e2:0b:2b:
         44:69:34:d5:17:eb:85:a5:c1:aa:41:7d:d8:ef:34:13:13:c8:
         22:a7:ce:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MjdBQjExMC8GA1UEBRMoNTlENTg4MTI1QTcxNjY5ODczOEQxRDFFOUU2RDhBNjhE
NzQwOUIyNzAeFw0yMzA4MjIxNjM2MjlaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTRlNDBkLTUyMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBoTeWuQvvLLZRfopbiFBhf8ekLPkkoUJlYC31zam0c4pZZyil3G+lSyAL3xc3
dTwWKJ12A7tbchp6tWYJh8B0GUBseWiJbFNEaljP9SnnVYmkfbt9a/sRyX4m6/Xc
otXIGo7pTttakxVVwq1EfT17xeLO61E0zCUSMHPxWjhikuDFNbuSIW5eSug2ZpoC
1oEqizDjK+7gl8niyTb0rdon0gj5DRGJvNeFFREEdeHd34QK5eoIVgntO8Oqb0nu
EsIXN7nNjtFJPDkK3LuXzyNCPMDZvYDBMezOnHDE9e1P13tlTPJ88o0lXihsKbuy
8vmsJaKccTfOo+x8ZA0WpFuzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtd/ta5S+
TXcsQIpkMJ5QFKMhAqYwHwYDVR0jBBgwFoAUWdWIElpxZphzjR0enm2KaNdAmycw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyN0FCLzZGNkU5ODI4MzEw
RTExRUU4ODlGRjAzRkM0RjlBRTAyL1dkV0lFbHB4WnBoempSMGVubTJLYU5kQW15
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV2RXSUVscHhacGh6alIwZW5tMkthTmRBbXljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MjdBQi82RjZFOTgyODMxMEUxMUVFODg5RkYwM0ZDNEY5QUUwMi8wQjRFNTlBODQx
MEExMUVFQTdEOTkyNDhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdjNjANBgkqhkiG9w0BAQsFAAOCAQEAx9B0lcCMnY2P0lxQ
2iocJc22N4fTwNjxTpFFWWJ8kHvyb0awDz2+72jPp9Eh1H+beBzft88EQIlJ/Zwa
c4psE6GwvkYd1UtkktxduXLCT/8CZMJjCAD3v17k5vCTZlwaw4VJ2XJr50uQdsn+
Au3oqPZMHddlbUKY7ToVtioPbK+lJ46pmzJcOjllf7Msd8QEZfujZZE9FT7K8kRg
a4sCMBmtWvXoNAmSXcAy0gvrd/ACPp1dm0MyR3V/IljZWevUUE5WZKsITuCDw7KC
GcprRFf/zRKEVLbZ8L52zqrLRvOe2R/uMEij4gsrRGk01RfrhaXBqkF92O80ExPI
IqfOAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org