Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
File:                     A9506634A52711ED91089263C4F9AE02.roa (raw, json)
Hash identifier:          QIdnKAdFoLm9HYKEjobiAJaRydSw82P8WM4/3Lx2zDE=
Subject key identifier:   7D:8D:AC:25:A8:AB:7C:8D:0E:47:F8:BD:97:FC:F7:51:ED:7F:7D:9B
Certificate issuer:       /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
Certificate serial:       12
Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
Signing time:             Tue 07 Feb 2023 06:55:22 +0000
ROA not before:           Tue 07 Feb 2023 06:55:22 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     63986
IP address blocks:        103.117.118.0/24 maxlen: 24
                          103.117.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
        Validity
            Not Before: Feb  7 06:55:22 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=63e1f5da-e117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:eb:16:b9:74:cc:0a:5d:e2:5f:43:ba:fa:28:
                    66:19:e8:c9:80:34:9e:61:88:37:7d:f0:15:ab:34:
                    37:f4:ad:34:25:1a:75:ff:08:68:5c:22:f9:a1:ae:
                    6f:46:0e:c1:13:d1:bf:59:f4:32:b3:ef:84:bf:5b:
                    0f:3c:01:3a:1f:a3:5c:3c:00:92:5d:ea:f3:e0:c1:
                    5b:7f:84:c5:ad:1a:92:c5:40:8c:90:bb:2a:8d:2d:
                    17:14:78:63:89:a6:6f:9b:bc:56:91:93:99:2a:5c:
                    37:d5:38:48:f0:21:48:26:c0:10:36:64:a7:cf:3a:
                    1b:8e:e1:27:96:3f:e8:1e:35:45:50:30:cd:f7:cf:
                    43:2b:c4:5d:72:66:58:e3:a1:8a:a3:08:2b:d7:14:
                    f2:58:92:93:10:be:56:67:8a:5e:0d:30:fc:2f:bb:
                    93:11:86:08:18:68:ec:58:fa:b5:38:d1:5f:0a:0f:
                    81:8a:64:61:b3:a1:46:c6:0f:dc:70:d0:84:41:81:
                    6c:bd:72:9c:b7:6e:0c:5b:0b:fb:42:ce:c5:cd:24:
                    0c:cf:5d:48:74:93:fd:3d:c0:14:f6:b5:8e:a8:57:
                    c0:06:e9:de:b5:bc:45:72:be:30:88:c0:cc:b8:fd:
                    8f:1b:e4:d0:e2:86:92:d0:d4:80:45:3e:c4:d6:ec:
                    60:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:8D:AC:25:A8:AB:7C:8D:0E:47:F8:BD:97:FC:F7:51:ED:7F:7D:9B
            X509v3 Authority Key Identifier:
                keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.118.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:4d:ce:b9:f8:08:44:82:73:10:21:ef:21:de:f2:56:b4:fc:
         25:85:8f:9c:1e:40:32:85:42:66:58:05:6e:61:cb:86:6f:52:
         23:1e:6b:4b:30:27:48:a5:8a:10:2a:c9:d4:eb:77:f6:92:19:
         d3:51:8a:26:ad:dd:42:f1:41:ff:55:d0:f4:9f:45:bf:bf:c9:
         d2:6a:8e:33:18:cf:cd:2d:3c:70:42:b1:0f:95:63:7d:80:22:
         ff:75:fe:f1:b4:99:97:bb:1d:d2:54:bf:fc:47:c0:6b:92:02:
         fe:78:b1:11:57:87:de:81:9e:69:fb:8f:51:7b:c7:1f:f1:57:
         b0:6c:db:0f:81:f9:46:65:94:d2:a2:ed:da:fc:8f:33:6a:a4:
         65:0d:fd:f1:11:1f:b6:96:e5:30:eb:5d:80:84:fc:5e:3b:96:
         e6:32:ac:87:d4:72:4c:fd:b7:f0:77:a2:35:d8:a3:26:ef:78:
         ef:3e:60:ec:41:8c:84:5b:1a:28:f7:53:d4:22:b4:17:e2:20:
         8b:7a:82:aa:79:56:6f:bd:85:e4:07:92:79:07:f6:aa:d5:bd:
         b4:69:90:50:d1:e0:0c:a5:71:7b:df:65:d5:b3:77:05:4a:77:
         50:a9:a0:01:a4:c2:7f:10:61:9d:29:07:07:e7:e0:4b:36:4e:
         87:6c:47:42
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
N0M2ODExMC8GA1UEBRMoMEY2MjZBMzI2NEQ2RkVDQ0NCRkVCMkQ5OUIxREJGOEFG
RkVDM0IzNDAeFw0yMzAyMDcwNjU1MjJaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZTFmNWRhLWUxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCv6xa5dMwKXeJfQ7r6KGYZ6MmANJ5hiDd98BWrNDf0rTQlGnX/CGhcIvmhrm9G
DsET0b9Z9DKz74S/Ww88ATofo1w8AJJd6vPgwVt/hMWtGpLFQIyQuyqNLRcUeGOJ
pm+bvFaRk5kqXDfVOEjwIUgmwBA2ZKfPOhuO4SeWP+geNUVQMM33z0MrxF1yZljj
oYqjCCvXFPJYkpMQvlZnil4NMPwvu5MRhggYaOxY+rU40V8KD4GKZGGzoUbGD9xw
0IRBgWy9cpy3bgxbC/tCzsXNJAzPXUh0k/09wBT2tY6oV8AG6d61vEVyvjCIwMy4
/Y8b5NDihpLQ1IBFPsTW7GBhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfY2sJair
fI0OR/i9l/z3Ue1/fZswHwYDVR0jBBgwFoAUD2JqMmTW/szL/rLZmx2/iv/sOzQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3QzY4LzQyMzk4NkY2OTcy
MTExRURBMkUwMjI1MUM0RjlBRTAyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRDJKcU1tVFdfc3pMX3JMWm14Ml9pdl9zT3pRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9BOTUwNjYzNEE1
MjcxMUVEOTEwODkyNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd1djANBgkqhkiG9w0BAQsFAAOCAQEAj03OufgIRIJzECHv
Id7yVrT8JYWPnB5AMoVCZlgFbmHLhm9SIx5rSzAnSKWKECrJ1Ot39pIZ01GKJq3d
QvFB/1XQ9J9Fv7/J0mqOMxjPzS08cEKxD5VjfYAi/3X+8bSZl7sd0lS//EfAa5IC
/nixEVeH3oGeafuPUXvHH/FXsGzbD4H5RmWU0qLt2vyPM2qkZQ398REftpblMOtd
gIT8XjuW5jKsh9RyTP238HeiNdijJu947z5g7EGMhFsaKPdT1CK0F+Igi3qCqnlW
b72F5AeSeQf2qtW9tGmQUNHgDKVxe99l1bN3BUp3UKmgAaTCfxBhnSkHB+fgSzZO
h2xHQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org