Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5606/940C5D9C710211EB87073B70C4F9AE02/02AEACA6293D11EEB8695E50C4F9AE02.roa
File:                     02AEACA6293D11EEB8695E50C4F9AE02.roa (raw, json)
Hash identifier:          R+RwLqZTam/MBRXdrDf5MyA2l5T/Y8DfcmwaqNo2gew=
Subject key identifier:   A4:1D:E7:91:75:55:0A:53:2A:A6:C5:E9:2B:B1:07:92:2F:D8:06:9B
Certificate issuer:       /CN=A91D5606/serialNumber=1E16F83D0C40335D796BE5BA21C90CBEE99759BC
Certificate serial:       0557
Authority key identifier: 1E:16:F8:3D:0C:40:33:5D:79:6B:E5:BA:21:C9:0C:BE:E9:97:59:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hhb4PQxAM115a-W6IckMvumXWbw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D5606/940C5D9C710211EB87073B70C4F9AE02/02AEACA6293D11EEB8695E50C4F9AE02.roa
Signing time:             Sun 23 Jul 2023 09:40:51 +0000
ROA not before:           Sun 23 Jul 2023 09:40:51 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     150774
IP address blocks:        103.162.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1367 (0x557)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D5606/serialNumber=1E16F83D0C40335D796BE5BA21C90CBEE99759BC
        Validity
            Not Before: Jul 23 09:40:51 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64bcf5a3-d109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b5:e0:13:e4:bb:9e:57:dc:0d:f9:72:35:ab:
                    3d:9e:ff:7b:f1:99:28:59:1a:18:a9:93:67:a9:00:
                    94:ea:bc:90:bd:bb:69:72:ed:5b:c6:15:30:99:33:
                    ba:6a:a3:ad:4c:3b:72:a4:07:d4:46:23:64:6b:6a:
                    ad:72:a7:44:4f:77:f1:ec:46:5d:aa:d2:ad:e3:0f:
                    29:c3:bf:d2:19:b6:7b:c6:a5:27:0e:cd:0a:10:da:
                    c3:d9:d5:31:38:33:34:6c:73:9b:23:26:d2:e5:f3:
                    0e:c2:52:e5:1f:23:ae:89:07:ae:e8:38:db:29:5b:
                    f4:43:9e:69:f8:c1:0e:41:ff:1f:e4:58:50:23:39:
                    0a:06:dc:8c:35:20:09:63:d9:6a:72:8c:f0:63:7a:
                    75:95:fe:f7:cd:10:b2:b8:85:e7:32:1f:8b:e3:67:
                    0b:ca:aa:2b:d4:01:f5:c2:71:48:41:82:45:1f:a6:
                    b1:97:20:db:af:c3:a8:0b:9b:5e:85:c1:00:d1:30:
                    9d:bf:2b:c3:d2:8b:8e:da:08:1d:88:20:db:c4:98:
                    5a:a5:18:80:20:4e:ff:6b:3a:d5:37:3a:8c:a3:7d:
                    1e:10:fd:06:b5:51:62:2f:d0:7c:c8:b3:9e:28:f8:
                    c2:f7:f5:d8:33:a2:7d:bb:19:48:ac:fd:77:b3:4d:
                    18:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:1D:E7:91:75:55:0A:53:2A:A6:C5:E9:2B:B1:07:92:2F:D8:06:9B
            X509v3 Authority Key Identifier:
                keyid:1E:16:F8:3D:0C:40:33:5D:79:6B:E5:BA:21:C9:0C:BE:E9:97:59:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D5606/940C5D9C710211EB87073B70C4F9AE02/Hhb4PQxAM115a-W6IckMvumXWbw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hhb4PQxAM115a-W6IckMvumXWbw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5606/940C5D9C710211EB87073B70C4F9AE02/02AEACA6293D11EEB8695E50C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.162.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:21:88:b7:5c:2c:56:71:9d:a6:39:de:4f:37:67:fd:dd:4d:
         ba:1e:6f:82:6f:ab:89:2b:c8:8f:94:51:c7:eb:e2:ea:53:49:
         b6:ac:28:5e:d0:ec:cb:3d:a2:4d:aa:62:11:68:e5:f2:da:9a:
         92:2d:c6:a0:a3:4f:8e:a7:8e:bd:e0:af:6d:b8:25:5e:75:75:
         b3:7b:60:4c:ba:a9:32:36:37:47:73:ff:8a:95:e8:e2:d2:bc:
         fb:64:57:28:41:a2:b6:d1:73:2a:02:a9:0c:2a:f8:74:c8:5c:
         26:18:bb:29:ff:b4:7a:69:a6:0b:a9:12:0b:f9:4b:7a:2d:81:
         56:16:5b:ca:de:92:0f:23:7c:5b:58:d4:86:b1:c0:0b:d4:f6:
         9f:b8:53:8f:b7:78:57:ab:6e:d6:2d:1b:e6:7f:1c:91:9b:c2:
         0d:2f:2e:f9:df:45:56:c5:80:b9:9a:b2:d2:60:1d:b6:67:9c:
         c8:40:a9:73:f6:dc:b7:07:d0:85:a8:56:0f:2e:51:cd:6b:19:
         3c:83:65:92:36:0a:00:0f:91:70:eb:87:18:ac:34:76:22:70:
         ae:14:5d:3b:5a:f2:5e:0b:88:1f:22:a7:ee:54:04:c9:d4:58:
         dd:8b:53:9d:76:99:a7:07:04:e8:66:5d:84:25:4f:20:1e:61:
         68:47:bd:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU2MDYxMTAvBgNVBAUTKDFFMTZGODNEMEM0MDMzNUQ3OTZCRTVCQTIxQzkwQ0JF
RTk5NzU5QkMwHhcNMjMwNzIzMDk0MDUxWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJjZjVhMy1kMTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz7XgE+S7nlfcDflyNas9nv978ZkoWRoYqZNnqQCU6ryQvbtpcu1bxhUwmTO6
aqOtTDtypAfURiNka2qtcqdET3fx7EZdqtKt4w8pw7/SGbZ7xqUnDs0KENrD2dUx
ODM0bHObIybS5fMOwlLlHyOuiQeu6DjbKVv0Q55p+MEOQf8f5FhQIzkKBtyMNSAJ
Y9lqcozwY3p1lf73zRCyuIXnMh+L42cLyqor1AH1wnFIQYJFH6axlyDbr8OoC5te
hcEA0TCdvyvD0ouO2ggdiCDbxJhapRiAIE7/azrVNzqMo30eEP0GtVFiL9B8yLOe
KPjC9/XYM6J9uxlIrP13s00YpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKQd55F1
VQpTKqbF6SuxB5Iv2AabMB8GA1UdIwQYMBaAFB4W+D0MQDNdeWvluiHJDL7pl1m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTYwNi85NDBDNUQ5Qzcx
MDIxMUVCODcwNzNCNzBDNEY5QUUwMi9IaGI0UFF4QU0xMTVhLVc2SWNrTXZ1bVhX
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hoYjRQUXhBTTExNWEtVzZJY2tNdnVtWFdidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU2MDYvOTQwQzVEOUM3MTAyMTFFQjg3MDczQjcwQzRGOUFFMDIvMDJBRUFDQTYy
OTNEMTFFRUI4Njk1RTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnojMwDQYJKoZIhvcNAQELBQADggEBAJMhiLdcLFZxnaY5
3k83Z/3dTboeb4Jvq4kryI+UUcfr4upTSbasKF7Q7Ms9ok2qYhFo5fLampItxqCj
T46njr3gr224JV51dbN7YEy6qTI2N0dz/4qV6OLSvPtkVyhBorbRcyoCqQwq+HTI
XCYYuyn/tHpppgupEgv5S3otgVYWW8rekg8jfFtY1IaxwAvU9p+4U4+3eFerbtYt
G+Z/HJGbwg0vLvnfRVbFgLmastJgHbZnnMhAqXP23LcH0IWoVg8uUc1rGTyDZZI2
CgAPkXDrhxisNHYicK4UXTta8l4LiB8ip+5UBMnUWN2LU512macHBOhmXYQlTyAe
YWhHvQA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org