Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/CE49BBD4430211EDB7CFF657C4F9AE02.roa
File:                     CE49BBD4430211EDB7CFF657C4F9AE02.roa (raw, json)
Hash identifier:          ikpWBtAMVxuAfEhdhmOQy83s9Vjk3hm2kZs0bNdiLYU=
Subject key identifier:   D4:35:5D:1F:A4:24:7C:89:FE:F3:80:23:D2:4D:52:ED:37:88:5D:0C
Certificate issuer:       /CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Certificate serial:       02
Authority key identifier: 15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/CE49BBD4430211EDB7CFF657C4F9AE02.roa
Signing time:             Mon 03 Oct 2022 10:04:45 +0000
ROA not before:           Mon 03 Oct 2022 10:04:45 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     150177
IP address blocks:        103.203.88.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
        Validity
            Not Before: Oct  3 10:04:45 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=633ab3bd-a76e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:53:b4:f3:d1:6e:94:c5:b3:90:df:f6:2f:bb:
                    43:70:22:df:b2:43:0a:d1:af:ab:ec:ce:5f:cc:07:
                    84:e3:fa:c9:45:a7:59:75:90:57:e7:68:e1:7a:98:
                    5f:83:21:3b:dc:d8:9a:2d:64:2c:76:90:32:1b:91:
                    f7:22:cb:45:9e:bb:b0:09:7d:a0:70:dc:b1:5a:f1:
                    9f:08:e8:a1:fc:ef:bd:45:52:c1:ef:d8:37:ae:4d:
                    a1:07:96:73:ff:b8:7c:be:1f:28:fd:1c:96:c1:19:
                    14:04:be:5c:75:4b:04:8b:ad:5d:88:98:28:85:15:
                    35:c4:b0:2a:15:c9:6a:80:a1:9c:5c:1b:f2:1e:b6:
                    4f:31:2b:22:1b:31:22:5b:e4:20:3d:88:ad:bd:0f:
                    9d:a0:2e:73:f6:94:16:f9:3c:0d:75:71:40:69:b8:
                    47:e9:56:b9:29:14:07:32:e2:c9:17:d8:61:49:f6:
                    af:8d:5f:b6:e9:d4:e2:4b:c7:28:0a:ef:80:b8:72:
                    62:ed:d4:d4:39:c9:df:da:72:fd:f2:37:03:a2:6c:
                    92:36:ac:e1:d7:da:f9:5e:59:77:97:aa:ba:b8:19:
                    ba:be:1f:50:59:9a:9b:4b:bb:69:8a:30:0a:15:3f:
                    b4:a7:f7:a6:f4:f3:60:ba:b0:ce:a2:89:a5:a8:43:
                    eb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:35:5D:1F:A4:24:7C:89:FE:F3:80:23:D2:4D:52:ED:37:88:5D:0C
            X509v3 Authority Key Identifier:
                keyid:15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FYuWZk-xya7us9KHB_h3_iN7Atw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/CE49BBD4430211EDB7CFF657C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.203.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:c8:f6:ff:63:01:c0:73:56:1b:c1:17:3d:d1:02:c7:59:7d:
         e6:bc:15:b6:3a:07:d5:33:04:b8:14:0e:8a:25:49:f1:4a:24:
         97:f0:36:d2:a7:ea:fc:67:98:53:61:7a:2e:13:f5:a5:b2:45:
         6d:f0:8c:08:41:a3:13:57:5d:2d:9c:c4:50:67:6b:8f:00:03:
         c6:65:db:80:ad:8d:35:ee:e0:ae:d1:5e:8f:4c:ba:e0:9f:81:
         f3:76:eb:0b:41:62:1e:0c:2f:4a:f8:98:08:73:0c:41:20:54:
         60:1e:16:fb:7e:2e:f4:47:59:51:b2:cc:7e:2c:64:03:28:0d:
         4a:a3:33:f9:4b:8f:db:bd:48:b8:6e:7a:cc:e8:60:a8:7e:c4:
         74:5c:a0:0e:3b:dd:68:ac:eb:57:cf:5d:8a:56:b1:93:82:36:
         ac:fd:db:10:5f:42:56:a2:28:ca:c7:4b:33:fe:b8:5d:ac:3b:
         b2:f8:04:b5:0f:f8:3c:07:87:30:61:1f:c4:e0:52:5e:1d:90:
         d6:25:c0:22:6e:31:13:27:f6:cd:05:48:5e:2f:2f:33:2a:a2:
         79:3d:fe:34:7d:54:f2:13:76:db:80:73:01:3f:90:1c:1d:61:
         1e:a0:3c:ac:c5:d2:90:3b:47:91:23:fe:ed:2f:2d:c8:87:17:
         93:52:f4:e5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MDhFRTExMC8GA1UEBRMoMTU4Qjk2NjY0RkIxQzlBRUVFQjNEMjg3MDdGODc3RkUy
MzdCMDJEQzAeFw0yMjEwMDMxMDA0NDVaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzM2FiM2JkLWE3NmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfU7Tz0W6UxbOQ3/Yvu0NwIt+yQwrRr6vszl/MB4Tj+slFp1l1kFfnaOF6mF+D
ITvc2JotZCx2kDIbkfciy0Weu7AJfaBw3LFa8Z8I6KH8771FUsHv2DeuTaEHlnP/
uHy+Hyj9HJbBGRQEvlx1SwSLrV2ImCiFFTXEsCoVyWqAoZxcG/Ietk8xKyIbMSJb
5CA9iK29D52gLnP2lBb5PA11cUBpuEfpVrkpFAcy4skX2GFJ9q+NX7bp1OJLxygK
74C4cmLt1NQ5yd/acv3yNwOibJI2rOHX2vleWXeXqrq4Gbq+H1BZmptLu2mKMAoV
P7Sn96b082C6sM6iiaWoQ+uHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1DVdH6Qk
fIn+84Aj0k1S7TeIXQwwHwYDVR0jBBgwFoAUFYuWZk+xya7us9KHB/h3/iN7Atww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwOEVFLzUzQzY3OEQ2NDMw
MDExRUQ4NDBCMzM1N0M0RjlBRTAyL0ZZdVdaay14eWE3dXM5S0hCX2gzX2lON0F0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRll1V1prLXh5YTd1czlLSEJfaDNfaU43QXR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDhFRS81M0M2NzhENjQzMDAxMUVEODQwQjMzNTdDNEY5QUUwMi9DRTQ5QkJENDQz
MDIxMUVEQjdDRkY2NTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfLWDANBgkqhkiG9w0BAQsFAAOCAQEAqcj2/2MBwHNWG8EX
PdECx1l95rwVtjoH1TMEuBQOiiVJ8Uokl/A20qfq/GeYU2F6LhP1pbJFbfCMCEGj
E1ddLZzEUGdrjwADxmXbgK2NNe7grtFej0y64J+B83brC0FiHgwvSviYCHMMQSBU
YB4W+34u9EdZUbLMfixkAygNSqMz+UuP271IuG56zOhgqH7EdFygDjvdaKzrV89d
ilaxk4I2rP3bEF9CVqIoysdLM/64Xaw7svgEtQ/4PAeHMGEfxOBSXh2Q1iXAIm4x
Eyf2zQVIXi8vMyqieT3+NH1U8hN224BzAT+QHB1hHqA8rMXSkDtHkSP+7S8tyIcX
k1L05Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org