Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/532D384AAD6F11EDB5C06767C4F9AE02.roa
File:                     532D384AAD6F11EDB5C06767C4F9AE02.roa (raw, json)
Hash identifier:          ERR0K7k0UxOScKydcGAYO6Dndf2jUOCHZvGh0Ik3CJ8=
Subject key identifier:   83:28:9E:29:1B:12:29:42:B4:F3:88:D0:7D:E5:A2:6D:A8:21:84:8E
Certificate issuer:       /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial:       076C
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/532D384AAD6F11EDB5C06767C4F9AE02.roa
Signing time:             Sat 04 Mar 2023 23:09:06 +0000
ROA not before:           Sat 04 Mar 2023 23:09:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212953
IP address blocks:        103.112.1.0/24 maxlen: 24
                          103.112.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1900 (0x76c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
        Validity
            Not Before: Mar  4 23:09:06 2023 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6403cf92-0b9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:00:45:fa:5c:03:40:2d:5b:55:ed:fd:b5:c5:
                    42:04:f3:a8:c0:40:98:7a:e2:54:6a:93:c6:cd:43:
                    9b:45:75:fa:80:5c:df:28:89:1e:b4:1d:60:29:0e:
                    a0:71:ea:fc:02:2f:09:99:8c:ec:33:eb:69:c3:e3:
                    a8:04:29:ad:f5:6c:41:bd:cc:15:2c:5a:8a:93:ba:
                    f4:ff:69:be:b4:be:49:8d:67:04:8a:e0:e7:f2:b7:
                    37:4a:7a:c2:f1:05:c7:fb:c2:a5:4f:59:a0:15:99:
                    87:e4:74:a8:f0:2c:d8:ab:46:14:85:58:80:47:3a:
                    24:44:db:83:56:6a:7c:c0:79:53:31:06:f9:9b:60:
                    b5:81:19:ac:aa:21:a2:39:56:9f:42:52:69:50:a1:
                    e6:d0:97:12:84:ce:39:7c:5f:0e:c7:1a:9f:f3:f3:
                    8a:03:86:1b:3b:f6:af:82:6f:e3:71:62:e9:97:cf:
                    69:fa:a3:5e:2b:be:78:19:4e:a9:b7:27:59:eb:25:
                    bd:ef:28:00:bf:53:c8:b9:a3:50:23:68:b1:55:99:
                    d0:ab:d5:fb:0b:be:7a:bf:ab:71:4c:46:c5:d4:05:
                    d0:40:3c:86:69:db:ba:b1:4c:c5:4b:35:5a:f3:71:
                    50:9d:4e:c6:0e:8f:8a:fd:c7:e5:91:0a:67:ee:be:
                    35:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:28:9E:29:1B:12:29:42:B4:F3:88:D0:7D:E5:A2:6D:A8:21:84:8E
            X509v3 Authority Key Identifier:
                keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/532D384AAD6F11EDB5C06767C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.112.1.0-103.112.2.255

    Signature Algorithm: sha256WithRSAEncryption
         53:6c:1b:9b:94:56:74:65:e0:fc:f8:99:08:ff:c7:62:d9:e6:
         5e:0d:a3:d6:11:2e:71:41:08:1e:03:0e:b6:3b:06:7c:f1:9e:
         40:79:2c:b0:08:29:2a:aa:b5:8f:1f:5e:b0:bf:ee:2a:6c:53:
         5f:b8:01:e4:8d:7d:51:1c:ea:92:91:3d:ed:c1:70:c6:01:10:
         55:3d:be:d0:dd:b4:e7:e9:8f:f9:31:bb:c0:b1:1f:a4:f7:71:
         ff:f7:e0:40:47:1f:39:c9:66:ed:d2:09:8a:37:89:fa:15:d3:
         a1:5f:f6:13:4d:95:ad:3d:e6:b6:eb:8b:14:b9:f0:d2:af:2f:
         ee:25:c3:95:0d:c7:3a:12:8d:0d:4c:d7:6d:8d:08:cc:a9:5d:
         3b:c9:3b:fe:8d:56:d5:bf:bb:5f:46:17:c8:5c:ec:65:ce:aa:
         41:b3:50:b2:9b:43:b9:18:14:5b:f6:24:5f:a5:9a:b9:b6:be:
         8c:12:67:6a:18:5b:2a:ae:08:37:f3:5a:b3:af:cf:44:7b:4e:
         c9:bd:7e:62:a2:c3:bb:06:68:6f:08:55:2c:49:24:bb:29:13:
         ec:78:51:c7:c0:c4:71:47:f8:55:b3:e1:ea:4c:dc:9e:9d:37:
         09:13:76:63:39:79:b1:3e:fa:ae:0b:be:d0:68:61:2e:9d:af:
         9e:b4:d5:4f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICB2wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjMwMzA0MjMwOTA2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDAzY2Y5Mi0wYjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ABF+lwDQC1bVe39tcVCBPOowECYeuJUapPGzUObRXX6gFzfKIketB1gKQ6g
cer8Ai8JmYzsM+tpw+OoBCmt9WxBvcwVLFqKk7r0/2m+tL5JjWcEiuDn8rc3SnrC
8QXH+8KlT1mgFZmH5HSo8CzYq0YUhViARzokRNuDVmp8wHlTMQb5m2C1gRmsqiGi
OVafQlJpUKHm0JcShM45fF8Oxxqf8/OKA4YbO/avgm/jcWLpl89p+qNeK754GU6p
tydZ6yW97ygAv1PIuaNQI2ixVZnQq9X7C756v6txTEbF1AXQQDyGadu6sUzFSzVa
83FQnU7GDo+K/cflkQpn7r41zwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIMonikb
EilCtPOI0H3lom2oIYSOMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvNTMyRDM4NEFB
RDZGMTFFREI1QzA2NzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdwAQMEAGdwAjANBgkqhkiG9w0BAQsFAAOCAQEAU2wb
m5RWdGXg/PiZCP/HYtnmXg2j1hEucUEIHgMOtjsGfPGeQHkssAgpKqq1jx9esL/u
KmxTX7gB5I19URzqkpE97cFwxgEQVT2+0N205+mP+TG7wLEfpPdx//fgQEcfOclm
7dIJijeJ+hXToV/2E02VrT3mtuuLFLnw0q8v7iXDlQ3HOhKNDUzXbY0IzKldO8k7
/o1W1b+7X0YXyFzsZc6qQbNQsptDuRgUW/YkX6Wauba+jBJnahhbKq4IN/Nas6/P
RHtOyb1+YqLDuwZobwhVLEkkuykT7HhRx8DEcUf4VbPh6kzcnp03CRN2Yzl5sT76
rgu+0GhhLp2vnrTVTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org