Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
File:                     C1A1F0C8B11A11ED9D25347CC4F9AE02.roa (raw, json)
Hash identifier:          N2+J1aIrQ13/huB3Glf/4ejbjdUDJbiXrKtIiWKfegw=
Subject key identifier:   F6:4B:89:DB:D8:E8:9C:2C:79:B9:63:27:18:88:7A:2F:06:31:83:5E
Certificate issuer:       /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial:       0372
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
Signing time:             Thu 16 Mar 2023 10:12:54 +0000
ROA not before:           Thu 16 Mar 2023 10:12:54 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     140697
IP address blocks:        103.151.236.0/24 maxlen: 24
                          103.151.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882 (0x372)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
        Validity
            Not Before: Mar 16 10:12:54 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6412eba5-bb5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:12:e4:12:07:e5:6a:75:9d:65:12:55:3e:99:
                    c5:a9:62:66:60:41:b4:ed:6b:45:c1:ca:17:22:30:
                    63:0c:75:2c:fa:e9:a2:8c:e5:cf:d1:d0:25:f0:13:
                    d4:b8:ca:35:3b:d1:c0:9a:a6:59:41:b8:fd:35:3d:
                    be:f7:ad:9a:e3:ee:42:43:0e:ba:65:64:ac:a3:c9:
                    31:e4:aa:9a:e2:b5:65:0c:a9:5f:6a:75:65:f1:36:
                    a5:f5:34:fd:74:66:21:6c:6b:04:60:79:5b:9a:f3:
                    7b:22:d8:36:21:a6:22:c3:e2:92:18:fb:a6:e4:0f:
                    39:bc:6c:65:33:bd:3f:74:49:ff:7e:0c:6f:1d:a3:
                    a5:92:37:1e:ab:4d:55:a5:1c:7a:4a:5c:d1:db:4a:
                    3c:fa:c6:20:0a:e3:c1:42:ed:c8:08:47:05:44:9b:
                    2f:73:c7:0d:23:45:e8:ad:b8:e8:c5:53:3a:0a:43:
                    5c:33:82:74:c2:8a:f2:72:d4:92:c9:e8:e4:44:7c:
                    3c:23:cc:f1:b4:c0:fa:04:57:d5:ca:78:88:6c:d4:
                    c9:ab:e9:62:a6:6c:fb:85:7f:2f:da:9b:53:11:c5:
                    5d:b8:92:07:1a:f6:51:72:3b:bf:a0:e2:80:f1:e6:
                    c4:8d:6e:14:6d:a4:71:e5:eb:42:10:5c:00:9f:1d:
                    f4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4B:89:DB:D8:E8:9C:2C:79:B9:63:27:18:88:7A:2F:06:31:83:5E
            X509v3 Authority Key Identifier:
                keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:71:15:82:a1:fc:00:bc:96:54:df:c5:c7:6f:2c:76:04:13:
         55:fb:1f:cf:5e:5a:45:29:1b:88:6f:91:08:99:91:c2:68:3d:
         96:4a:dd:29:45:66:e6:de:33:d7:97:7f:5d:f8:34:6f:b5:42:
         72:c0:04:e7:ae:0e:3f:b7:d3:42:01:0a:b0:a8:00:57:76:6d:
         8a:c4:fa:74:f6:f0:c7:62:31:a1:70:3e:7a:d0:29:56:4d:d7:
         27:e9:d6:f9:92:56:68:20:b1:ce:1e:30:13:fa:69:51:b6:1f:
         b7:97:5e:f8:37:17:1e:c9:11:a5:22:59:26:fd:e6:fa:23:d8:
         5b:1f:23:f5:ae:de:56:f9:0a:99:62:58:8d:29:52:2b:0f:c5:
         8a:b6:ee:e8:ff:85:32:ae:4c:2a:cc:cb:50:e2:77:af:f0:73:
         5e:c2:4c:76:56:17:5f:d9:b4:8f:56:2e:01:18:72:05:66:b6:
         bf:4d:bb:52:77:e5:da:1d:b2:02:51:c0:35:b5:7e:38:33:09:
         05:35:ea:e2:30:d6:99:7f:c1:4c:d1:f2:7d:55:e5:79:10:f1:
         e0:25:44:e3:e0:7f:21:57:6e:06:5f:ec:1a:ef:c5:07:9b:2c:
         ce:cf:42:66:70:5e:1a:cf:5c:25:f7:07:3a:57:43:d3:2c:f2:
         5c:69:c6:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjMwMzE2MTAxMjU0WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEyZWJhNS1iYjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xLkEgflanWdZRJVPpnFqWJmYEG07WtFwcoXIjBjDHUs+umijOXP0dAl8BPU
uMo1O9HAmqZZQbj9NT2+962a4+5CQw66ZWSso8kx5Kqa4rVlDKlfanVl8Tal9TT9
dGYhbGsEYHlbmvN7Itg2IaYiw+KSGPum5A85vGxlM70/dEn/fgxvHaOlkjceq01V
pRx6SlzR20o8+sYgCuPBQu3ICEcFRJsvc8cNI0XorbjoxVM6CkNcM4J0woryctSS
yejkRHw8I8zxtMD6BFfVyniIbNTJq+lipmz7hX8v2ptTEcVduJIHGvZRcju/oOKA
8ebEjW4UbaRx5etCEFwAnx30KwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPZLidvY
6JwsebljJxiIei8GMYNeMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvQzFBMUYwQzhC
MTFBMTFFRDlEMjUzNDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnl+wwDQYJKoZIhvcNAQELBQADggEBADhxFYKh/AC8llTf
xcdvLHYEE1X7H89eWkUpG4hvkQiZkcJoPZZK3SlFZubeM9eXf134NG+1QnLABOeu
Dj+300IBCrCoAFd2bYrE+nT28MdiMaFwPnrQKVZN1yfp1vmSVmggsc4eMBP6aVG2
H7eXXvg3Fx7JEaUiWSb95voj2FsfI/Wu3lb5CpliWI0pUisPxYq27uj/hTKuTCrM
y1Did6/wc17CTHZWF1/ZtI9WLgEYcgVmtr9Nu1J35dodsgJRwDW1fjgzCQU16uIw
1pl/wUzR8n1V5XkQ8eAlROPgfyFXbgZf7BrvxQebLM7PQmZwXhrPXCX3BzpXQ9Ms
8lxpxlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org