Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/82A40DACF93611EDA923691DC4F9AE02.roa
File:                     82A40DACF93611EDA923691DC4F9AE02.roa (raw, json)
Hash identifier:          aEbl5C94n9wmq1vIMICMNg8QFALkhtdSenQ+hBBsmK8=
Subject key identifier:   7E:EE:F8:E8:FC:54:09:85:DB:F8:1D:92:6E:BF:3E:7B:4F:15:EC:6B
Certificate issuer:       /CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
Certificate serial:       04F1
Authority key identifier: AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/82A40DACF93611EDA923691DC4F9AE02.roa
Signing time:             Tue 23 May 2023 06:53:23 +0000
ROA not before:           Tue 23 May 2023 06:53:23 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     142032
IP address blocks:        103.151.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1265 (0x4f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
        Validity
            Not Before: May 23 06:53:23 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=646c62e3-db91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e1:2f:c0:45:b6:14:65:99:7a:60:bf:b0:cf:
                    9d:a5:52:2c:b1:4a:24:ce:d4:d5:65:74:8d:db:f9:
                    71:34:16:c0:dc:6c:d0:de:c2:4a:9b:45:13:f1:09:
                    d0:a9:42:f7:ac:46:ea:2f:c3:d7:7d:7e:ea:59:78:
                    6e:cc:eb:98:7e:28:4a:2d:f1:b5:4c:75:47:40:76:
                    fb:70:e6:29:22:cc:96:36:cb:e0:b0:b6:14:fb:97:
                    fa:54:f5:76:92:c4:2b:cd:38:5c:ea:5e:00:c0:18:
                    92:21:4e:b5:42:fb:d2:f8:d0:35:6b:c2:bf:09:10:
                    0c:7a:cd:0c:4a:8d:8d:94:31:8e:c5:a0:b1:fc:90:
                    3c:00:76:36:3a:3b:ad:0d:54:dc:b5:7e:a9:4f:4a:
                    8a:90:d4:9d:dc:08:14:f8:02:18:91:a5:cc:a3:14:
                    39:19:36:30:84:00:c0:d7:1f:2f:25:24:95:e8:9a:
                    55:0e:aa:6a:1a:d7:b4:ad:df:34:e2:16:9f:af:51:
                    16:a7:1b:77:ef:27:0b:d4:c7:ba:0f:45:28:fd:d4:
                    6c:b5:46:e5:7d:c6:e9:a6:2b:cc:df:69:66:ea:ce:
                    5f:ae:64:9b:a4:19:85:83:1a:a0:84:b2:5e:c8:ad:
                    5c:77:3b:31:50:ad:1d:ff:3a:3f:66:1c:3a:b6:8f:
                    a9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EE:F8:E8:FC:54:09:85:DB:F8:1D:92:6E:BF:3E:7B:4F:15:EC:6B
            X509v3 Authority Key Identifier:
                keyid:AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/qq7HHKNN7wjYjud72RwVcXXMPAk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/82A40DACF93611EDA923691DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:1f:b0:5d:7c:d0:b0:44:26:1d:94:32:23:59:97:f4:18:51:
         cf:64:22:f6:3b:4e:19:36:0b:80:0c:7c:21:fe:7c:8c:49:37:
         63:52:19:6d:08:81:14:f9:a8:70:83:ca:d3:ec:7e:d2:05:8d:
         ad:13:7d:4f:5d:25:37:06:4a:ce:46:91:c2:e4:7c:7d:ba:e6:
         95:bc:86:f6:3c:3d:99:b9:3f:f2:0d:a1:8f:12:4c:cd:21:db:
         6e:53:77:ff:1f:1e:c4:66:10:5b:dc:64:d8:41:c3:0a:a4:27:
         3b:74:29:98:94:95:49:ad:cf:d0:c6:ee:6f:80:36:c8:7b:9f:
         f3:9b:db:a4:e7:57:fb:83:22:10:05:a4:0d:42:3b:e3:87:b2:
         b0:13:b8:88:d3:02:9c:24:e7:12:d9:d2:1d:87:ac:20:8f:bf:
         f4:40:07:5c:58:86:11:32:29:8b:14:39:03:2b:3e:62:e1:25:
         c7:5e:ac:bd:5a:3c:6b:fa:b5:54:07:ae:c3:f3:1c:b6:18:7e:
         f8:b4:93:dd:03:d1:f1:c4:b9:8b:03:05:cc:0f:47:ec:3c:20:
         7f:5d:b3:07:b1:4d:97:c2:6b:91:7b:39:d8:79:4b:87:2c:f9:
         dc:92:58:ea:f0:f6:c9:65:5a:45:ff:76:15:d3:4f:13:6d:22:
         6e:5d:dc:ff
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYzNTMxMTAvBgNVBAUTKEFBQUVDNzFDQTM0REVGMDhEODhFRTc3QkQ5MUMxNTcx
NzVDQzNDMDkwHhcNMjMwNTIzMDY1MzIzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZjNjJlMy1kYjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7eEvwEW2FGWZemC/sM+dpVIssUokztTVZXSN2/lxNBbA3GzQ3sJKm0UT8QnQ
qUL3rEbqL8PXfX7qWXhuzOuYfihKLfG1THVHQHb7cOYpIsyWNsvgsLYU+5f6VPV2
ksQrzThc6l4AwBiSIU61QvvS+NA1a8K/CRAMes0MSo2NlDGOxaCx/JA8AHY2Ojut
DVTctX6pT0qKkNSd3AgU+AIYkaXMoxQ5GTYwhADA1x8vJSSV6JpVDqpqGte0rd80
4hafr1EWpxt37ycL1Me6D0Uo/dRstUblfcbppivM32lm6s5frmSbpBmFgxqghLJe
yK1cdzsxUK0d/zo/Zhw6to+pDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH7u+Oj8
VAmF2/gdkm6/PntPFexrMB8GA1UdIwQYMBaAFKquxxyjTe8I2I7ne9kcFXF1zDwJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjM1My8zQkZERUQ2NDg2
QkExMUVCQkNDMzk4NzVDNEY5QUUwMi9xcTdISEtOTjd3allqdWQ3MlJ3VmNYWE1Q
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FxN0hIS05ON3dqWWp1ZDcyUndWY1hYTVBBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYzNTMvM0JGREVENjQ4NkJBMTFFQkJDQzM5ODc1QzRGOUFFMDIvODJBNDBEQUNG
OTM2MTFFREE5MjM2OTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlwQwDQYJKoZIhvcNAQELBQADggEBAH0fsF180LBEJh2U
MiNZl/QYUc9kIvY7Thk2C4AMfCH+fIxJN2NSGW0IgRT5qHCDytPsftIFja0TfU9d
JTcGSs5GkcLkfH265pW8hvY8PZm5P/INoY8STM0h225Td/8fHsRmEFvcZNhBwwqk
Jzt0KZiUlUmtz9DG7m+ANsh7n/Ob26TnV/uDIhAFpA1CO+OHsrATuIjTApwk5xLZ
0h2HrCCPv/RAB1xYhhEyKYsUOQMrPmLhJcderL1aPGv6tVQHrsPzHLYYfvi0k90D
0fHEuYsDBcwPR+w8IH9dswexTZfCa5F7Odh5S4cs+dySWOrw9sllWkX/dhXTTxNt
Im5d3P8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org