Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5496D4EE6EF811ED945DA385C4F9AE02.roa
File:                     5496D4EE6EF811ED945DA385C4F9AE02.roa (raw, json)
Hash identifier:          MeTHdFNcQp31vxgcut1b6PnM5YVqBdC0488XofjgbxE=
Subject key identifier:   72:F0:CC:3D:14:B4:26:ED:F0:D0:14:DB:BE:89:39:05:88:B4:96:E9
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       3B47
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5496D4EE6EF811ED945DA385C4F9AE02.roa
Signing time:             Mon 28 Nov 2022 08:40:37 +0000
ROA not before:           Mon 28 Nov 2022 08:40:37 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     149152
IP address blocks:        103.90.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15175 (0x3b47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
        Validity
            Not Before: Nov 28 08:40:37 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=63847405-8b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5f:da:77:ff:1e:0c:29:84:b2:48:cb:49:92:
                    39:69:2d:d3:3a:6e:d3:4c:bb:c6:67:6f:1e:ce:55:
                    b7:4b:bc:9f:b4:67:b4:45:cf:b2:f6:cd:52:19:3a:
                    7c:3a:89:b9:8e:d0:c9:7c:c5:88:1d:d4:97:a4:ec:
                    78:21:a5:c6:91:17:51:c4:59:49:e3:76:9a:ca:a6:
                    77:dc:fa:61:00:a5:50:0a:30:19:f0:ce:ca:55:4d:
                    b8:00:0a:f3:61:79:f5:72:56:de:9e:7d:f3:2b:f6:
                    29:24:9b:43:94:1f:c7:11:ad:f1:82:7d:02:9f:a6:
                    47:f4:92:e5:37:46:45:28:08:83:77:45:f7:c2:4a:
                    1f:01:a0:b7:26:11:2a:d4:24:bb:a8:56:10:46:bb:
                    25:3e:91:6d:3a:44:b9:79:b1:8e:c2:4d:51:42:17:
                    bd:46:1d:45:76:5f:f8:6a:d3:73:cd:d4:31:12:2b:
                    e3:86:0f:95:3e:2a:6b:78:25:49:7a:37:1d:d2:f0:
                    70:01:46:57:f9:8d:96:bb:da:31:97:3d:78:74:f3:
                    fe:aa:94:b0:f5:b3:63:56:67:1e:f7:0d:96:b6:60:
                    4e:bd:a7:9a:fe:bf:13:e9:7a:05:81:f4:78:37:b7:
                    92:ce:9f:e1:3b:ad:c7:14:5a:f2:de:c5:07:01:17:
                    9f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F0:CC:3D:14:B4:26:ED:F0:D0:14:DB:BE:89:39:05:88:B4:96:E9
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5496D4EE6EF811ED945DA385C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.90.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:0a:e4:95:de:47:c0:9a:27:1a:b0:bc:e3:bd:be:1e:f9:84:
         b1:85:1d:b7:9a:85:c5:70:47:ce:ca:bb:b3:6b:b0:19:3c:42:
         b2:5e:73:20:6d:ef:28:41:67:14:98:d5:b6:15:d9:3f:ed:ac:
         c1:99:df:cb:bc:1a:a0:9f:ae:7a:22:37:97:8e:a5:fa:c1:a7:
         99:eb:e5:01:f7:53:13:1a:c6:35:57:87:c9:30:f5:19:46:ff:
         ad:43:7e:70:82:1d:8a:14:d5:9b:93:b0:2a:fe:5f:b3:ac:22:
         c0:b6:ab:dc:2c:5d:96:b6:dd:6f:c5:83:4b:06:e0:74:b6:5c:
         9b:51:2d:a2:74:1a:17:59:6b:56:e8:f0:ba:c0:a4:04:3d:9c:
         f9:16:99:97:d8:3f:5e:58:1b:b4:50:40:d8:2e:c8:e1:50:65:
         a1:79:66:a8:3b:2d:13:cd:a1:2c:b6:82:42:d0:2b:72:06:02:
         39:1c:f3:68:da:e7:4b:0c:96:e3:fd:04:e9:30:fd:37:de:2c:
         b4:58:b8:17:a1:36:2f:92:4e:bd:36:8a:37:b0:ff:a5:49:e7:
         81:72:ba:a2:9e:6a:09:76:96:58:16:8d:37:dc:c9:81:dc:86:
         a4:c3:16:57:b3:88:2b:54:17:eb:f4:1f:d0:eb:ed:56:b4:4f:
         ea:8e:1b:ff
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICO0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIxMTI4MDg0MDM3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg0NzQwNS04Yjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy1/ad/8eDCmEskjLSZI5aS3TOm7TTLvGZ28ezlW3S7yftGe0Rc+y9s1SGTp8
Oom5jtDJfMWIHdSXpOx4IaXGkRdRxFlJ43aayqZ33PphAKVQCjAZ8M7KVU24AArz
YXn1clbenn3zK/YpJJtDlB/HEa3xgn0Cn6ZH9JLlN0ZFKAiDd0X3wkofAaC3JhEq
1CS7qFYQRrslPpFtOkS5ebGOwk1RQhe9Rh1Fdl/4atNzzdQxEivjhg+VPipreCVJ
ejcd0vBwAUZX+Y2Wu9oxlz14dPP+qpSw9bNjVmce9w2WtmBOvaea/r8T6XoFgfR4
N7eSzp/hO63HFFry3sUHARefZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHLwzD0U
tCbt8NAU276JOQWItJbpMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNTQ5NkQ0RUU2
RUY4MTFFRDk0NURBMzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnWuQwDQYJKoZIhvcNAQELBQADggEBAHIK5JXeR8CaJxqw
vOO9vh75hLGFHbeahcVwR87Ku7NrsBk8QrJecyBt7yhBZxSY1bYV2T/trMGZ38u8
GqCfrnoiN5eOpfrBp5nr5QH3UxMaxjVXh8kw9RlG/61DfnCCHYoU1ZuTsCr+X7Os
IsC2q9wsXZa23W/Fg0sG4HS2XJtRLaJ0GhdZa1bo8LrApAQ9nPkWmZfYP15YG7RQ
QNguyOFQZaF5Zqg7LRPNoSy2gkLQK3IGAjkc82ja50sMluP9BOkw/TfeLLRYuBeh
Ni+STr02ijew/6VJ54FyuqKeagl2llgWjTfcyYHchqTDFleziCtUF+v0H9Dr7Va0
T+qOG/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org