Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/846F444291CB11EA8212B15EC4F9AE02.roa
File:                     846F444291CB11EA8212B15EC4F9AE02.roa (raw, json)
Hash identifier:          YpKE/cRJ40BziH9n/XSxppNpSTiRAFpAGjVQbiuEB8o=
Subject key identifier:   76:27:F3:73:7C:64:77:AA:CC:79:6F:1A:8F:80:C7:44:F2:C7:51:F4
Certificate issuer:       /CN=A91B9F08/serialNumber=CE8CAD35621A9012C40B3637537CA40E3D07E8CF
Certificate serial:       0AC8
Authority key identifier: CE:8C:AD:35:62:1A:90:12:C4:0B:36:37:53:7C:A4:0E:3D:07:E8:CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zoytNWIakBLECzY3U3ykDj0H6M8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/846F444291CB11EA8212B15EC4F9AE02.roa
Signing time:             Mon 21 Mar 2022 03:09:08 +0000
ROA not before:           Mon 21 Mar 2022 03:09:08 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     138322
IP address blocks:        103.18.160.0/24 maxlen: 24
                          103.18.161.0/24 maxlen: 24
                          103.18.162.0/24 maxlen: 24
                          103.18.163.0/24 maxlen: 24
                          116.204.160.0/24 maxlen: 24
                          116.204.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2760 (0xac8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9F08/serialNumber=CE8CAD35621A9012C40B3637537CA40E3D07E8CF
        Validity
            Not Before: Mar 21 03:09:08 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=6237ec53-3668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e6:01:7d:99:b9:ad:70:ec:4e:9c:90:89:4a:
                    42:be:34:cf:99:f7:9d:ef:4b:50:d3:0e:85:c6:51:
                    b0:90:96:d8:c1:b1:c7:59:d9:b1:62:4a:2b:bb:4f:
                    9d:34:c9:f2:4e:40:e8:a8:2f:af:29:d9:3b:ca:a4:
                    ae:e8:c6:9a:08:44:2d:ec:99:86:a9:e4:a8:56:1c:
                    af:46:c7:90:05:1d:d5:0c:d9:2f:de:c4:6a:a1:50:
                    ea:17:ec:08:fe:b2:ce:62:62:af:61:ad:34:13:46:
                    52:6c:c8:dc:ce:df:7d:20:b0:c1:c5:e8:b0:24:98:
                    2c:51:34:4b:7a:85:9e:16:b3:f9:68:de:a0:02:20:
                    b6:86:6a:3c:d0:eb:48:e9:f8:c2:50:98:cc:dd:14:
                    c8:62:1e:b8:fe:19:67:a4:90:79:7d:e5:64:99:c4:
                    a1:fe:df:84:27:b0:b1:78:a8:67:24:e5:3d:19:36:
                    89:be:91:39:8d:94:14:d5:d2:d4:87:93:3f:2c:1f:
                    a0:de:1e:82:03:69:13:cd:58:d8:02:85:85:d4:b8:
                    27:09:36:ca:05:f2:6e:fc:5d:c2:99:d1:74:ba:72:
                    2c:ce:23:36:14:a2:93:40:48:6f:58:74:8c:ec:6f:
                    b6:1e:f6:84:26:cb:56:30:81:57:2c:d6:6f:1f:64:
                    03:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:27:F3:73:7C:64:77:AA:CC:79:6F:1A:8F:80:C7:44:F2:C7:51:F4
            X509v3 Authority Key Identifier:
                keyid:CE:8C:AD:35:62:1A:90:12:C4:0B:36:37:53:7C:A4:0E:3D:07:E8:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/zoytNWIakBLECzY3U3ykDj0H6M8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zoytNWIakBLECzY3U3ykDj0H6M8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/846F444291CB11EA8212B15EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.18.160.0/22
                  116.204.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:87:88:30:08:df:ee:f4:fa:85:f1:87:2f:da:0f:f3:bf:80:
         c9:ea:c3:0f:0b:a7:48:dd:c5:be:56:a3:31:03:a6:40:53:79:
         f5:d7:6b:a3:35:48:2a:31:f6:88:da:dd:b1:ea:c3:20:c4:9e:
         e0:c4:03:65:10:22:39:da:44:0e:33:65:c5:a4:63:13:04:87:
         54:2d:99:07:0e:d4:77:80:fc:80:3a:87:79:7c:83:5b:9f:de:
         9c:40:1f:cc:09:da:f0:dc:83:70:cb:08:64:2e:d2:68:2d:c6:
         2d:3b:bd:34:4e:00:44:af:14:eb:d5:50:22:34:b2:23:75:ff:
         35:e9:b6:e7:10:5a:24:0c:b2:74:3a:2e:b5:45:60:ba:3e:34:
         7b:a0:9e:e6:50:ef:50:23:d4:d2:d7:9c:4b:94:f0:50:17:79:
         c0:27:48:14:86:78:51:78:34:6a:71:21:e0:9f:4e:88:44:92:
         33:ed:94:cb:07:04:b2:06:42:4e:cf:a4:9f:db:2b:a8:86:f1:
         b3:dd:ee:b9:4f:08:3c:8d:3f:84:a8:0d:a2:8c:c6:0c:e5:7e:
         2b:e4:fb:73:0f:8e:3d:5d:62:25:b1:2a:54:f3:2d:cf:0a:df:
         a3:b4:de:fa:c6:62:fc:fa:15:99:1d:58:66:34:91:1e:e1:8e:
         b6:de:12:cf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlGMDgxMTAvBgNVBAUTKENFOENBRDM1NjIxQTkwMTJDNDBCMzYzNzUzN0NBNDBF
M0QwN0U4Q0YwHhcNMjIwMzIxMDMwOTA4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM3ZWM1My0zNjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo+YBfZm5rXDsTpyQiUpCvjTPmfed70tQ0w6FxlGwkJbYwbHHWdmxYkoru0+d
NMnyTkDoqC+vKdk7yqSu6MaaCEQt7JmGqeSoVhyvRseQBR3VDNkv3sRqoVDqF+wI
/rLOYmKvYa00E0ZSbMjczt99ILDBxeiwJJgsUTRLeoWeFrP5aN6gAiC2hmo80OtI
6fjCUJjM3RTIYh64/hlnpJB5feVkmcSh/t+EJ7CxeKhnJOU9GTaJvpE5jZQU1dLU
h5M/LB+g3h6CA2kTzVjYAoWF1LgnCTbKBfJu/F3CmdF0unIsziM2FKKTQEhvWHSM
7G+2HvaEJstWMIFXLNZvH2QDWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHYn83N8
ZHeqzHlvGo+Ax0Tyx1H0MB8GA1UdIwQYMBaAFM6MrTViGpASxAs2N1N8pA49B+jP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUYwOC8zMDkwRDkxNEEx
NEMxMUU5ODQ3NUE4MkRDNEY5QUUwMi96b3l0TldJYWtCTEVDelkzVTN5a0RqMEg2
TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pveXROV0lha0JMRUN6WTNVM3lrRGowSDZNOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlGMDgvMzA5MEQ5MTRBMTRDMTFFOTg0NzVBODJEQzRGOUFFMDIvODQ2RjQ0NDI5
MUNCMTFFQTgyMTJCMTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnEqADBAF0zKAwDQYJKoZIhvcNAQELBQADggEBAJGHiDAI
3+70+oXxhy/aD/O/gMnqww8Lp0jdxb5WozEDpkBTefXXa6M1SCox9oja3bHqwyDE
nuDEA2UQIjnaRA4zZcWkYxMEh1QtmQcO1HeA/IA6h3l8g1uf3pxAH8wJ2vDcg3DL
CGQu0mgtxi07vTROAESvFOvVUCI0siN1/zXptucQWiQMsnQ6LrVFYLo+NHugnuZQ
71Aj1NLXnEuU8FAXecAnSBSGeFF4NGpxIeCfTohEkjPtlMsHBLIGQk7PpJ/bK6iG
8bPd7rlPCDyNP4SoDaKMxgzlfivk+3MPjj1dYiWxKlTzLc8K36O03vrGYvz6FZkd
WGY0kR7hjrbeEs8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org