Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/6ED9C038D45A11EDAE69296CC4F9AE02.roa
File:                     6ED9C038D45A11EDAE69296CC4F9AE02.roa (raw, json)
Hash identifier:          llIsbRDrMgbw0IQb2R4EmYQkphfzXam4+uqzdu93iNM=
Subject key identifier:   35:05:73:74:98:41:71:0B:09:4E:15:A7:16:DC:A6:70:4F:0C:BF:C5
Certificate issuer:       /CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
Certificate serial:       02
Authority key identifier: 58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/6ED9C038D45A11EDAE69296CC4F9AE02.roa
Signing time:             Thu 06 Apr 2023 09:07:19 +0000
ROA not before:           Thu 06 Apr 2023 09:07:19 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     138402
IP address blocks:        103.124.192.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
        Validity
            Not Before: Apr  6 09:07:19 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=642e8bc7-c622
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9c:c3:0c:8c:c9:87:12:93:99:21:e3:4b:e3:
                    7c:c9:a1:8b:67:d1:34:23:39:51:2b:47:41:3d:e0:
                    84:cc:60:48:39:56:f3:91:eb:3b:bc:57:f0:d7:d2:
                    bd:6a:83:8d:ae:71:e9:4a:85:8e:c6:9b:d8:f6:7a:
                    3c:60:06:a3:b9:8a:d7:dd:0a:2c:ae:92:cf:76:a7:
                    47:58:98:6b:b3:d6:49:5d:c9:d9:10:4b:e9:56:13:
                    ce:a5:ae:1e:02:c5:c1:71:05:76:ee:31:05:d2:d1:
                    ca:cc:dd:88:6c:1a:57:75:01:2a:73:1f:1f:f4:7e:
                    5a:13:95:18:95:af:2a:b8:ec:bf:0d:69:42:fb:55:
                    a6:6a:02:2b:d7:23:70:3b:e6:2c:aa:d6:9f:11:a3:
                    80:4d:92:2e:48:ec:fc:c5:02:05:74:a9:00:bf:f8:
                    de:27:7e:d0:56:3f:57:32:cd:aa:25:c6:c0:d0:e6:
                    c6:a3:4e:38:10:44:95:20:5a:f6:0f:0e:2f:27:5a:
                    ce:e5:f2:54:82:4c:2a:c3:83:c4:c6:ef:ab:ea:e3:
                    1a:af:6c:25:4d:3a:09:fc:1b:16:44:2e:6b:10:9b:
                    0d:c5:cc:16:1f:20:a2:b8:16:28:ee:90:59:ce:a0:
                    f5:d0:7f:68:49:4f:3a:25:8f:0d:40:c7:0b:cc:bc:
                    9e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:05:73:74:98:41:71:0B:09:4E:15:A7:16:DC:A6:70:4F:0C:BF:C5
            X509v3 Authority Key Identifier:
                keyid:58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/6ED9C038D45A11EDAE69296CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.124.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:2f:74:07:91:64:e0:5e:a3:09:53:87:bb:32:45:3f:af:31:
         5f:98:1a:1d:bb:6b:fa:0f:ef:bc:30:1a:a6:fc:03:40:a1:84:
         5f:06:1a:f6:3a:e0:ea:eb:22:c0:2f:29:44:20:2e:72:09:48:
         c5:64:fa:be:6a:3e:ff:d5:90:70:72:de:bc:26:47:19:32:af:
         3a:23:94:7a:e8:f4:cd:92:4b:c8:37:bd:c6:29:42:e6:bd:9e:
         1a:d4:15:05:9f:52:71:db:bd:0c:3c:a6:ad:61:81:70:14:3e:
         cb:28:8b:23:99:83:2d:d3:fe:1c:a4:f3:15:43:fb:a5:83:98:
         3f:df:01:a3:ed:a7:1c:e9:3e:2d:dd:aa:e4:52:7a:c3:a0:bd:
         0b:bb:47:28:58:7c:4b:2f:b9:64:c4:5d:7b:b0:f3:0a:af:fc:
         0d:17:5d:c0:43:87:dd:38:d5:d1:4e:d9:eb:1b:0a:79:7f:89:
         a2:71:dc:a4:33:b7:67:c5:84:d9:0d:d4:d9:c1:ca:53:ca:2e:
         d0:02:2d:21:e5:40:e1:b0:a5:14:c8:73:a7:49:23:ca:47:e6:
         d6:2e:2a:7f:32:38:11:df:31:0a:da:ae:04:69:48:7a:de:9e:
         be:c7:8f:f2:61:36:31:11:74:2a:73:e6:b7:6b:1d:e3:4d:b4:
         84:2f:71:b3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RjJDRDExMC8GA1UEBRMoNTg3NDUyMERBNzgxRjc4MERCRDcxMEQ0MkM4NDFDMTNB
N0FEMTc1NzAeFw0yMzA0MDYwOTA3MTlaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MmU4YmM3LWM2MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4nMMMjMmHEpOZIeNL43zJoYtn0TQjOVErR0E94ITMYEg5VvOR6zu8V/DX0r1q
g42ucelKhY7Gm9j2ejxgBqO5itfdCiyuks92p0dYmGuz1kldydkQS+lWE86lrh4C
xcFxBXbuMQXS0crM3YhsGld1ASpzHx/0floTlRiVryq47L8NaUL7VaZqAivXI3A7
5iyq1p8Ro4BNki5I7PzFAgV0qQC/+N4nftBWP1cyzaolxsDQ5sajTjgQRJUgWvYP
Di8nWs7l8lSCTCrDg8TG76vq4xqvbCVNOgn8GxZELmsQmw3FzBYfIKK4FijukFnO
oPXQf2hJTzoljw1AxwvMvJ6dAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNQVzdJhB
cQsJThWnFtymcE8Mv8UwHwYDVR0jBBgwFoAUWHRSDaeB94Db1xDULIQcE6etF1cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMkNELzRGQ0JBQzAwRDQ0
QzExRUQ4NjI3MTU4MkM0RjlBRTAyL1dIUlNEYWVCOTREYjF4RFVMSVFjRTZldEYx
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV0hSU0RhZUI5NERiMXhEVUxJUWNFNmV0RjFjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjJDRC80RkNCQUMwMEQ0NEMxMUVEODYyNzE1ODJDNEY5QUUwMi82RUQ5QzAzOEQ0
NUExMUVEQUU2OTI5NkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmd8wDANBgkqhkiG9w0BAQsFAAOCAQEAoy90B5Fk4F6jCVOH
uzJFP68xX5gaHbtr+g/vvDAapvwDQKGEXwYa9jrg6usiwC8pRCAucglIxWT6vmo+
/9WQcHLevCZHGTKvOiOUeuj0zZJLyDe9xilC5r2eGtQVBZ9Scdu9DDymrWGBcBQ+
yyiLI5mDLdP+HKTzFUP7pYOYP98Bo+2nHOk+Ld2q5FJ6w6C9C7tHKFh8Sy+5ZMRd
e7DzCq/8DRddwEOH3TjV0U7Z6xsKeX+JonHcpDO3Z8WE2Q3U2cHKU8ou0AItIeVA
4bClFMhzp0kjykfm1i4qfzI4Ed8xCtquBGlIet6evseP8mE2MRF0KnPmt2sd4020
hC9xsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org