Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/31F09D384E0711ED86B2FD31C4F9AE02.roa
File:                     31F09D384E0711ED86B2FD31C4F9AE02.roa (raw, json)
Hash identifier:          /v3c+Qcp7EOfQZOOsCVtoYsM8uVxASV3DRaiKDsdTjw=
Subject key identifier:   04:F6:58:09:22:C2:EF:39:59:3A:1F:20:29:C7:A4:95:0E:4B:8F:83
Certificate issuer:       /CN=A91BAD56/serialNumber=1EECA03A77652B9070B5E133809A223830C89CF9
Certificate serial:       70
Authority key identifier: 1E:EC:A0:3A:77:65:2B:90:70:B5:E1:33:80:9A:22:38:30:C8:9C:F9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HuygOndlK5BwteEzgJoiODDInPk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/31F09D384E0711ED86B2FD31C4F9AE02.roa
Signing time:             Mon 17 Oct 2022 10:33:53 +0000
ROA not before:           Mon 17 Oct 2022 10:33:53 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     133201
IP address blocks:        103.176.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112 (0x70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BAD56/serialNumber=1EECA03A77652B9070B5E133809A223830C89CF9
        Validity
            Not Before: Oct 17 10:33:53 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=634d2f91-3c49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f7:cd:77:af:45:b6:77:f3:ee:fe:d6:a2:0c:
                    bc:36:a0:e4:82:27:67:e5:ba:13:f6:23:2f:4f:8a:
                    68:0f:71:66:8c:db:c8:19:8b:9c:29:f0:bd:3c:95:
                    85:01:00:84:2c:57:3a:79:26:be:36:96:d2:27:87:
                    2d:bb:54:f2:ce:0c:41:a3:ee:82:91:eb:5c:d0:d7:
                    62:1b:0b:46:5b:12:d0:e3:5f:81:4f:86:8b:5a:28:
                    be:63:85:10:53:81:2c:2c:9e:62:4e:c2:9e:5d:0f:
                    10:41:57:6a:3a:29:42:5a:72:69:28:24:aa:dd:98:
                    ab:2d:5f:29:e7:86:18:b8:19:99:cc:e4:d9:9c:a4:
                    2d:03:b4:7d:00:e4:c7:ce:16:a0:2e:b7:f3:5c:10:
                    a4:26:a1:71:55:11:c5:f9:89:2f:57:92:10:88:59:
                    86:5c:c1:9c:24:54:f7:c9:51:57:86:88:74:3b:fc:
                    1e:0f:8c:b3:6c:b1:19:5b:97:23:e5:57:5c:90:f7:
                    f6:e7:ea:60:76:1c:73:61:97:1a:27:6c:f3:4c:6c:
                    29:dc:7f:a8:5b:77:c4:bd:13:70:c7:df:68:3f:cc:
                    e6:28:45:0b:96:99:14:d6:dc:98:39:51:10:5e:cf:
                    54:88:a4:45:6f:2f:86:c9:b6:26:f1:46:dd:a5:24:
                    9c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:F6:58:09:22:C2:EF:39:59:3A:1F:20:29:C7:A4:95:0E:4B:8F:83
            X509v3 Authority Key Identifier:
                keyid:1E:EC:A0:3A:77:65:2B:90:70:B5:E1:33:80:9A:22:38:30:C8:9C:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/HuygOndlK5BwteEzgJoiODDInPk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HuygOndlK5BwteEzgJoiODDInPk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/31F09D384E0711ED86B2FD31C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.176.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:ab:73:02:7f:a5:d5:0d:f7:f1:27:de:9e:22:12:4d:01:71:
         a7:04:e0:29:ef:f9:7d:3d:d8:6a:b8:ed:f5:c7:3e:a2:48:0a:
         f3:9d:23:53:f2:dc:f1:a8:c2:44:66:a1:52:7b:2c:6c:3a:27:
         53:05:2c:a8:1f:79:14:fa:d6:b4:7d:98:07:fc:9b:4d:31:26:
         df:34:3c:d4:43:ee:2a:e0:45:51:10:3a:2c:4c:34:c4:3e:f9:
         77:03:9f:15:1f:5e:ab:c2:54:c7:da:f6:70:0b:00:c5:dd:a9:
         94:4a:c8:a6:5d:57:95:de:13:94:ae:f0:af:a9:01:be:99:79:
         9e:36:64:89:e9:a6:f4:93:f3:57:1b:f0:39:5e:f8:a6:e5:e9:
         2b:76:0b:74:59:ad:cd:fa:08:9b:29:cb:2a:25:c0:e3:ed:6c:
         f4:a2:f2:3b:4d:71:b6:e3:a9:06:21:f7:9e:b0:ed:e0:fb:e2:
         bd:d2:09:6a:85:23:50:d9:77:0c:87:ce:1a:6b:10:e9:8f:b5:
         d7:6a:f0:3c:52:c2:89:97:3e:5b:e9:b7:50:7d:ee:b8:14:da:
         72:73:e3:7e:eb:d0:71:1b:b9:6b:7b:bb:00:ae:60:a8:89:7d:
         21:dd:dc:ec:24:1d:8c:b4:02:17:23:bc:5c:46:8f:2b:24:af:
         73:94:f5:05
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QUQ1NjExMC8GA1UEBRMoMUVFQ0EwM0E3NzY1MkI5MDcwQjVFMTMzODA5QTIyMzgz
MEM4OUNGOTAeFw0yMjEwMTcxMDMzNTNaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGQyZjkxLTNjNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDI9813r0W2d/Pu/taiDLw2oOSCJ2fluhP2Iy9PimgPcWaM28gZi5wp8L08lYUB
AIQsVzp5Jr42ltInhy27VPLODEGj7oKR61zQ12IbC0ZbEtDjX4FPhotaKL5jhRBT
gSwsnmJOwp5dDxBBV2o6KUJacmkoJKrdmKstXynnhhi4GZnM5NmcpC0DtH0A5MfO
FqAut/NcEKQmoXFVEcX5iS9XkhCIWYZcwZwkVPfJUVeGiHQ7/B4PjLNssRlblyPl
V1yQ9/bn6mB2HHNhlxonbPNMbCncf6hbd8S9E3DH32g/zOYoRQuWmRTW3Jg5URBe
z1SIpEVvL4bJtibxRt2lJJw5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBPZYCSLC
7zlZOh8gKceklQ5Lj4MwHwYDVR0jBBgwFoAUHuygOndlK5BwteEzgJoiODDInPkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBRDU2LzgxOEI0RDAyMUFB
RTExRUQ5Qjc0QUU1MUM0RjlBRTAyL0h1eWdPbmRsSzVCd3RlRXpnSm9pT0RESW5Q
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSHV5Z09uZGxLNUJ3dGVFemdKb2lPRERJblBrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QUQ1Ni84MThCNEQwMjFBQUUxMUVEOUI3NEFFNTFDNEY5QUUwMi8zMUYwOUQzODRF
MDcxMUVEODZCMkZEMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGewWzANBgkqhkiG9w0BAQsFAAOCAQEAhqtzAn+l1Q338Sfe
niISTQFxpwTgKe/5fT3Yarjt9cc+okgK850jU/Lc8ajCRGahUnssbDonUwUsqB95
FPrWtH2YB/ybTTEm3zQ81EPuKuBFURA6LEw0xD75dwOfFR9eq8JUx9r2cAsAxd2p
lErIpl1Xld4TlK7wr6kBvpl5njZkiemm9JPzVxvwOV74puXpK3YLdFmtzfoImynL
KiXA4+1s9KLyO01xtuOpBiH3nrDt4PvivdIJaoUjUNl3DIfOGmsQ6Y+112rwPFLC
iZc+W+m3UH3uuBTacnPjfuvQcRu5a3u7AK5gqIl9Id3c7CQdjLQCFyO8XEaPKySv
c5T1BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org