Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
File:                     6E65387C35C011EEBAB08C78C4F9AE02.roa (raw, json)
Hash identifier:          x/s8QqxuVINCpa7br4OWPHPFz/KkpcjgYr/C3DlJN4o=
Subject key identifier:   B2:3A:1C:22:0D:97:2A:07:DD:0E:E1:29:70:FC:7D:F0:F5:0B:3F:8F
Certificate issuer:       /CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
Certificate serial:       0283
Authority key identifier: 7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
Signing time:             Tue 08 Aug 2023 07:51:50 +0000
ROA not before:           Tue 08 Aug 2023 07:51:50 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     150750
IP address blocks:        103.179.241.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 643 (0x283)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
        Validity
            Not Before: Aug  8 07:51:50 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64d1f415-689f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0e:a4:a0:3d:5c:e3:e0:2d:1c:48:7b:8d:8b:
                    49:a3:e4:4b:3d:15:4b:93:b0:3b:d0:6a:18:16:24:
                    75:a3:8a:fd:f0:7d:7a:37:24:51:cf:d9:0a:49:f1:
                    ff:09:f9:68:1d:45:91:88:fc:70:1b:66:a2:9d:5a:
                    98:ad:f8:49:3e:cf:c3:68:17:c1:f5:5a:dd:27:b2:
                    6f:0c:f2:4f:51:38:7b:3c:0d:11:f9:d5:47:9f:8c:
                    50:35:7f:a5:6d:32:db:fd:b8:54:5e:13:a4:05:22:
                    fd:4a:85:21:23:52:82:a7:96:2a:94:3e:77:63:64:
                    f2:66:8d:5c:8e:cf:0e:66:51:94:ff:ec:2c:5f:30:
                    4a:84:48:22:0d:d5:fd:d3:15:16:0f:07:de:b8:c9:
                    42:3e:ab:30:3a:74:cb:20:85:b7:e4:e0:ba:87:da:
                    e4:36:d7:96:23:db:4d:88:b2:ab:79:32:2b:cf:2c:
                    2f:5e:fc:4d:75:54:c5:eb:67:f2:68:95:82:ff:1a:
                    f6:b2:49:16:d2:ee:a8:2f:51:c4:b3:96:1a:8f:04:
                    70:b8:52:d6:6d:40:d6:31:4f:4e:06:37:1c:1f:86:
                    4a:fb:ed:d6:e7:dc:6c:5e:14:36:5d:64:91:51:d7:
                    2a:b6:58:3e:da:7b:93:72:cd:c6:0e:cf:a0:aa:90:
                    06:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:3A:1C:22:0D:97:2A:07:DD:0E:E1:29:70:FC:7D:F0:F5:0B:3F:8F
            X509v3 Authority Key Identifier:
                keyid:7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/fF4N3E9YaXR7KjWMm3wPMejY3Ys.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.179.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:dc:d2:82:5d:79:25:9b:82:ee:66:3d:5a:a4:6f:26:59:7f:
         41:fc:38:eb:f1:9f:50:e5:4a:ee:bd:06:ae:2d:f4:9d:b0:c1:
         3a:eb:96:e2:b7:27:91:ec:dd:c6:c2:d1:b2:0d:6e:4d:1a:07:
         c2:3b:b5:20:4d:be:1b:05:85:a7:c5:f5:bb:40:55:17:1c:35:
         02:5b:12:77:65:c0:4a:44:ea:0b:8c:b7:4f:8c:09:51:e7:f4:
         d9:cb:c6:46:88:f7:ab:5d:75:d7:b8:b4:4d:f0:48:83:15:6b:
         14:ef:1e:10:7c:55:7f:84:87:88:2a:39:c7:01:34:95:8a:62:
         c0:72:34:cb:6d:29:c3:64:ae:b9:90:43:cd:d2:72:fc:ab:79:
         b2:97:16:45:3c:22:46:b0:d0:5e:5a:3b:a5:08:c3:2b:3c:09:
         79:78:d6:89:ff:4f:64:5f:37:b8:b6:d5:95:ea:2b:f6:69:bc:
         74:90:42:8e:d0:9d:8a:4d:b9:69:90:90:c7:08:19:81:82:a3:
         6c:92:8f:8d:32:3a:12:8a:e5:d3:b7:b3:e7:39:9e:e5:5d:2c:
         4b:fe:5a:2c:bd:a4:dc:ec:bf:43:3f:e4:a7:57:f1:7e:ba:be:
         3c:9d:33:43:08:ea:bf:c9:8c:ef:83:ac:ee:dd:16:4d:74:25:
         a7:cc:0d:62
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZDRjgxMTAvBgNVBAUTKDdDNUUwRERDNEY1ODY5NzQ3QjJBMzU4QzlCN0MwRjMx
RThEOEREOEIwHhcNMjMwODA4MDc1MTUwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQxZjQxNS02ODlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuQ6koD1c4+AtHEh7jYtJo+RLPRVLk7A70GoYFiR1o4r98H16NyRRz9kKSfH/
CfloHUWRiPxwG2ainVqYrfhJPs/DaBfB9VrdJ7JvDPJPUTh7PA0R+dVHn4xQNX+l
bTLb/bhUXhOkBSL9SoUhI1KCp5YqlD53Y2TyZo1cjs8OZlGU/+wsXzBKhEgiDdX9
0xUWDwfeuMlCPqswOnTLIIW35OC6h9rkNteWI9tNiLKreTIrzywvXvxNdVTF62fy
aJWC/xr2skkW0u6oL1HEs5YajwRwuFLWbUDWMU9OBjccH4ZK++3W59xsXhQ2XWSR
Udcqtlg+2nuTcs3GDs+gqpAG7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLI6HCIN
lyoH3Q7hKXD8ffD1Cz+PMB8GA1UdIwQYMBaAFHxeDdxPWGl0eyo1jJt8DzHo2N2L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkNGOC8wNUU0QzJEMjhC
MDIxMUVDODVGMkQwNzRDNEY5QUUwMi9mRjROM0U5WWFYUjdLaldNbTN3UE1lalkz
WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZGNE4zRTlZYVhSN0tqV01tM3dQTWVqWTNZcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZDRjgvMDVFNEMyRDI4QjAyMTFFQzg1RjJEMDc0QzRGOUFFMDIvNkU2NTM4N0Mz
NUMwMTFFRUJBQjA4Qzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABns/EwDQYJKoZIhvcNAQELBQADggEBAILc0oJdeSWbgu5m
PVqkbyZZf0H8OOvxn1DlSu69Bq4t9J2wwTrrluK3J5Hs3cbC0bINbk0aB8I7tSBN
vhsFhafF9btAVRccNQJbEndlwEpE6guMt0+MCVHn9NnLxkaI96tddde4tE3wSIMV
axTvHhB8VX+Eh4gqOccBNJWKYsByNMttKcNkrrmQQ83ScvyrebKXFkU8Ikaw0F5a
O6UIwys8CXl41on/T2RfN7i21ZXqK/ZpvHSQQo7QnYpNuWmQkMcIGYGCo2ySj40y
OhKK5dO3s+c5nuVdLEv+Wiy9pNzsv0M/5KdX8X66vjydM0MI6r/JjO+DrO7dFk10
JafMDWI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:28 2024 by rpki-client on console-ams.rpki-client.org