Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/D4F92896BF5511EDA85E3066C4F9AE02.roa
File:                     D4F92896BF5511EDA85E3066C4F9AE02.roa (raw, json)
Hash identifier:          IWgXLcrvl6JpZDXJg4W0PrmGybGlhwUAYiIEGPd/A2E=
Subject key identifier:   7D:8D:C7:E1:BA:43:BC:32:91:42:7D:23:8A:68:24:BF:79:0A:C8:06
Certificate issuer:       /CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
Certificate serial:       04C6
Authority key identifier: AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/D4F92896BF5511EDA85E3066C4F9AE02.roa
Signing time:             Fri 10 Mar 2023 15:11:29 +0000
ROA not before:           Fri 10 Mar 2023 15:11:29 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        103.151.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1222 (0x4c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
        Validity
            Not Before: Mar 10 15:11:29 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=640b48a0-391c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bf:14:00:63:6c:bc:66:35:3a:08:58:3c:bb:
                    1d:ef:fc:c9:c3:a5:aa:ee:f1:5c:14:6a:c6:12:78:
                    07:09:93:1b:60:1e:4e:82:fb:78:32:1f:96:f2:8b:
                    39:64:0e:9f:88:20:0d:ef:08:6d:c1:81:39:04:7e:
                    dd:38:fe:70:e4:1a:ec:54:8d:86:ca:0e:67:04:67:
                    6d:45:9c:a1:0f:8f:18:01:45:96:dd:ce:03:f5:36:
                    8c:65:88:40:6d:65:c1:8d:ec:3e:03:c1:02:b6:de:
                    00:4c:2a:f4:02:63:9f:8b:47:17:df:42:a5:1f:dc:
                    a8:f1:3f:a7:5a:e7:d3:2e:ae:64:aa:4c:d1:1f:69:
                    9b:ab:57:b1:45:fe:05:be:5b:c8:d1:39:e4:5a:f8:
                    79:ee:a9:cc:b0:05:80:8b:c5:e8:7c:d0:14:25:2e:
                    ed:40:ac:0f:33:9e:4c:2b:5b:82:29:9d:52:4c:3d:
                    c8:dd:0c:a8:f0:6e:91:b6:ac:df:fe:ea:6e:66:04:
                    b3:f1:f5:75:16:2b:18:87:11:dd:e0:bc:11:79:be:
                    01:c1:36:c9:2f:1e:74:3f:aa:cb:bc:25:60:58:8c:
                    95:e4:2c:14:d6:64:fd:9d:1c:64:bb:1c:67:2a:ed:
                    a5:e2:03:0f:2b:80:21:ff:0b:00:aa:73:dd:28:25:
                    70:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:8D:C7:E1:BA:43:BC:32:91:42:7D:23:8A:68:24:BF:79:0A:C8:06
            X509v3 Authority Key Identifier:
                keyid:AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/qq7HHKNN7wjYjud72RwVcXXMPAk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/D4F92896BF5511EDA85E3066C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:4a:29:9b:bf:d5:7d:cb:5c:83:64:24:98:6e:8a:fa:fc:ac:
         20:28:38:69:8f:6f:fa:ed:ba:08:10:bb:6c:c0:18:6d:94:9c:
         a2:a4:81:12:3e:24:eb:ec:41:a2:d6:f6:4e:2f:c0:aa:30:db:
         80:6e:fd:dc:29:fd:6d:0f:67:c7:e2:ff:fa:85:3f:8a:d5:0d:
         ef:84:6f:ef:38:4c:d0:56:ff:2d:ed:92:6f:e6:54:81:a5:5f:
         d4:e4:45:13:cc:4a:f9:d0:25:88:87:49:2c:ca:ba:25:a2:93:
         2b:28:d3:5e:90:93:4f:d7:58:79:19:2a:b0:85:56:86:bc:1f:
         02:22:dc:5e:d9:55:90:0d:21:c7:6e:0c:e0:e9:ff:a7:55:1f:
         b6:60:37:e5:5f:a5:a5:2a:1d:99:ce:43:0c:fc:42:98:98:3c:
         4f:eb:3f:c4:b8:75:12:28:e2:30:b3:62:c7:88:40:d4:0f:69:
         f5:a4:cf:51:c8:3a:10:57:ee:85:6c:19:aa:f9:cd:34:84:4c:
         1f:46:3b:b4:c5:93:65:fd:1c:3a:6c:c3:89:dc:01:15:44:d8:
         bb:a7:4a:8f:05:4a:df:73:3c:33:18:c3:2d:f8:51:cf:7d:2e:
         78:e5:35:0e:48:62:3c:1a:39:2c:06:68:a4:ff:69:27:fb:f8:
         36:03:1d:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYzNTMxMTAvBgNVBAUTKEFBQUVDNzFDQTM0REVGMDhEODhFRTc3QkQ5MUMxNTcx
NzVDQzNDMDkwHhcNMjMwMzEwMTUxMTI5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBiNDhhMC0zOTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAor8UAGNsvGY1OghYPLsd7/zJw6Wq7vFcFGrGEngHCZMbYB5Ogvt4Mh+W8os5
ZA6fiCAN7whtwYE5BH7dOP5w5BrsVI2Gyg5nBGdtRZyhD48YAUWW3c4D9TaMZYhA
bWXBjew+A8ECtt4ATCr0AmOfi0cX30KlH9yo8T+nWufTLq5kqkzRH2mbq1exRf4F
vlvI0TnkWvh57qnMsAWAi8XofNAUJS7tQKwPM55MK1uCKZ1STD3I3Qyo8G6Rtqzf
/upuZgSz8fV1FisYhxHd4LwReb4BwTbJLx50P6rLvCVgWIyV5CwU1mT9nRxkuxxn
Ku2l4gMPK4Ah/wsAqnPdKCVw1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFH2Nx+G6
Q7wykUJ9I4poJL95CsgGMB8GA1UdIwQYMBaAFKquxxyjTe8I2I7ne9kcFXF1zDwJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjM1My8zQkZERUQ2NDg2
QkExMUVCQkNDMzk4NzVDNEY5QUUwMi9xcTdISEtOTjd3allqdWQ3MlJ3VmNYWE1Q
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FxN0hIS05ON3dqWWp1ZDcyUndWY1hYTVBBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYzNTMvM0JGREVENjQ4NkJBMTFFQkJDQzM5ODc1QzRGOUFFMDIvRDRGOTI4OTZC
RjU1MTFFREE4NUUzMDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlwQwDQYJKoZIhvcNAQELBQADggEBALlKKZu/1X3LXINk
JJhuivr8rCAoOGmPb/rtuggQu2zAGG2UnKKkgRI+JOvsQaLW9k4vwKow24Bu/dwp
/W0PZ8fi//qFP4rVDe+Eb+84TNBW/y3tkm/mVIGlX9TkRRPMSvnQJYiHSSzKuiWi
kyso016Qk0/XWHkZKrCFVoa8HwIi3F7ZVZANIcduDODp/6dVH7ZgN+VfpaUqHZnO
Qwz8QpiYPE/rP8S4dRIo4jCzYseIQNQPafWkz1HIOhBX7oVsGar5zTSETB9GO7TF
k2X9HDpsw4ncARVE2LunSo8FSt9zPDMYwy34Uc99LnjlNQ5IYjwaOSwGaKT/aSf7
+DYDHXs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org