Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/E5A595A6A1E311EDAD2FE376C4F9AE02.roa
File:                     E5A595A6A1E311EDAD2FE376C4F9AE02.roa (raw, json)
Hash identifier:          NitBQqtoQWSII975qoVKUCwGB6FeD/QhjMj/uZI4xRE=
Subject key identifier:   EE:BB:AA:F8:63:0C:37:3A:F5:95:0B:7D:C1:11:A7:49:CF:B0:65:10
Certificate issuer:       /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial:       02E0
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/E5A595A6A1E311EDAD2FE376C4F9AE02.roa
Signing time:             Fri 17 Feb 2023 03:43:37 +0000
ROA not before:           Fri 17 Feb 2023 03:43:37 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     139901
IP address blocks:        103.176.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 736 (0x2e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
        Validity
            Not Before: Feb 17 03:43:37 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=63eef7e9-3765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4a:cc:7c:7f:5c:62:11:23:02:53:f6:d2:a4:
                    0e:32:31:62:ba:71:d9:0e:eb:0e:8a:5d:ca:e2:15:
                    0d:a7:5a:7c:90:21:6c:42:e5:51:ce:b2:37:73:f5:
                    dd:a8:85:c5:f5:2e:e2:90:00:d3:9b:30:6d:fc:cc:
                    35:f0:0e:14:2f:e5:a1:cf:a5:cf:16:87:ab:92:cc:
                    84:10:e5:2c:a4:f2:d8:f0:32:b4:28:dc:b8:42:4a:
                    c9:42:e3:4c:de:61:53:95:14:fb:b2:80:6d:2f:d2:
                    0f:a9:54:19:f8:98:0a:c5:bb:88:1e:27:ea:17:c7:
                    f0:f5:05:43:69:e6:6b:c5:f7:de:0e:4f:54:dc:1c:
                    6a:1c:11:8c:07:91:a7:99:df:43:55:10:43:0a:b2:
                    fe:d0:84:83:2c:8c:7b:b5:8c:7e:55:35:08:b1:e6:
                    00:1b:30:ad:2f:f7:5c:87:e3:62:06:dd:e1:2e:a5:
                    38:d6:ad:56:5d:dd:ca:18:1e:87:43:df:4c:11:ff:
                    44:87:58:de:7e:a2:d1:1b:52:f1:d9:74:e6:f8:1f:
                    51:3e:83:6c:94:ab:26:ef:e8:d5:f7:77:18:29:38:
                    8e:0a:d1:7b:c9:63:4e:31:43:25:1d:e1:af:f2:7a:
                    71:4b:06:5c:b6:02:24:e6:ee:5c:a7:e5:db:9c:ec:
                    fb:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:BB:AA:F8:63:0C:37:3A:F5:95:0B:7D:C1:11:A7:49:CF:B0:65:10
            X509v3 Authority Key Identifier:
                keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/E5A595A6A1E311EDAD2FE376C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.176.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:fa:32:b9:61:cf:bd:36:2f:25:30:33:43:a8:40:ac:e6:96:
         3f:de:c2:68:bf:3a:3e:56:17:7f:fd:c0:03:b6:c8:da:81:ab:
         5e:fd:9f:eb:f7:3f:60:f7:f9:db:3c:bf:e8:a3:b7:7b:02:3e:
         ec:2f:2b:d7:08:71:2f:47:31:2e:7d:67:8e:f2:e6:db:05:29:
         6c:3b:b5:42:8e:42:6c:ce:3a:6c:bb:b4:32:6d:d3:e2:db:80:
         59:3a:52:26:d9:f9:f3:5a:a9:72:d9:13:85:08:c4:15:b2:1f:
         13:5f:f0:c2:01:0e:ea:d6:8a:29:4a:7b:49:6a:c1:89:43:50:
         d2:da:81:8c:a3:a7:73:d1:b9:37:01:f4:a7:cb:a3:75:c6:35:
         e3:90:be:c0:64:c8:f5:da:67:d4:99:6e:9e:12:2b:06:98:31:
         ea:74:17:1c:52:50:ea:d0:15:8a:9b:95:87:d9:7e:53:81:d4:
         e4:5c:5a:fe:27:e7:79:90:d9:03:ab:56:44:ec:55:c2:74:5f:
         cc:82:49:e0:f0:7b:a7:83:94:4a:ef:7e:b7:21:e7:52:99:7b:
         62:f0:28:60:ff:3f:f3:df:0f:36:2a:ba:c7:e0:79:5d:35:92:
         89:c2:3d:29:d6:35:b6:a8:8e:0e:66:a6:7c:2c:6d:16:64:fa:
         ef:a8:7d:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjMwMjE3MDM0MzM3WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VlZjdlOS0zNzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoErMfH9cYhEjAlP20qQOMjFiunHZDusOil3K4hUNp1p8kCFsQuVRzrI3c/Xd
qIXF9S7ikADTmzBt/Mw18A4UL+Whz6XPFoerksyEEOUspPLY8DK0KNy4QkrJQuNM
3mFTlRT7soBtL9IPqVQZ+JgKxbuIHifqF8fw9QVDaeZrxffeDk9U3BxqHBGMB5Gn
md9DVRBDCrL+0ISDLIx7tYx+VTUIseYAGzCtL/dch+NiBt3hLqU41q1WXd3KGB6H
Q99MEf9Eh1jefqLRG1Lx2XTm+B9RPoNslKsm7+jV93cYKTiOCtF7yWNOMUMlHeGv
8npxSwZctgIk5u5cp+XbnOz7xwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO67qvhj
DDc69ZULfcERp0nPsGUQMB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvRTVBNTk1QTZB
MUUzMTFFREFEMkZFMzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsAIwDQYJKoZIhvcNAQELBQADggEBAFP6Mrlhz702LyUw
M0OoQKzmlj/ewmi/Oj5WF3/9wAO2yNqBq179n+v3P2D3+ds8v+ijt3sCPuwvK9cI
cS9HMS59Z47y5tsFKWw7tUKOQmzOOmy7tDJt0+LbgFk6UibZ+fNaqXLZE4UIxBWy
HxNf8MIBDurWiilKe0lqwYlDUNLagYyjp3PRuTcB9KfLo3XGNeOQvsBkyPXaZ9SZ
bp4SKwaYMep0FxxSUOrQFYqblYfZflOB1ORcWv4n53mQ2QOrVkTsVcJ0X8yCSeDw
e6eDlErvfrch51KZe2LwKGD/P/PfDzYqusfgeV01konCPSnWNbaojg5mpnwsbRZk
+u+ofVU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org