Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE323/9E61E424525F11EE80BA0D74C4F9AE02/375950A4526011EE8E503D2BC4F9AE02.roa
File:                     375950A4526011EE8E503D2BC4F9AE02.roa (raw, json)
Hash identifier:          lNjxqBxxRG+qFYZimjwmkQQCKyh387/4d5c66ePurzI=
Subject key identifier:   04:DD:31:56:80:06:E9:BD:6D:92:1A:EB:2A:7A:A6:45:58:D6:B6:02
Certificate issuer:       /CN=A91DE323/serialNumber=9304234E739049143A8591A3745A53E4B92AD8D8
Certificate serial:       06
Authority key identifier: 93:04:23:4E:73:90:49:14:3A:85:91:A3:74:5A:53:E4:B9:2A:D8:D8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kwQjTnOQSRQ6hZGjdFpT5Lkq2Ng.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DE323/9E61E424525F11EE80BA0D74C4F9AE02/375950A4526011EE8E503D2BC4F9AE02.roa
Signing time:             Wed 13 Sep 2023 18:06:58 +0000
ROA not before:           Wed 13 Sep 2023 18:06:58 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     18155
IP address blocks:        103.161.216.0/23 maxlen: 23
                          103.161.216.0/24 maxlen: 24
                          103.161.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DE323/serialNumber=9304234E739049143A8591A3745A53E4B92AD8D8
        Validity
            Not Before: Sep 13 18:06:58 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=6501fa41-8fca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:88:94:24:99:c8:16:a1:08:b7:78:ea:9b:89:
                    8f:03:17:7b:ec:8a:b9:19:c2:af:3a:b4:3e:74:80:
                    21:c8:01:e6:fd:81:73:bc:2a:ca:2b:68:81:31:84:
                    31:ae:bd:93:44:6e:37:b1:89:56:04:db:07:bd:11:
                    c0:c5:85:70:c0:5f:f4:55:9c:76:4a:77:b2:ed:d6:
                    94:37:f6:88:75:7b:44:34:8e:ef:d3:41:06:26:d8:
                    b3:f6:79:fa:aa:a3:a3:5a:8b:56:c8:11:8d:63:3c:
                    34:a1:36:25:be:e9:51:da:fb:a5:8e:0c:8b:20:50:
                    ed:6e:55:7a:9e:3c:98:15:5e:02:a4:6b:b9:a6:55:
                    22:c9:5b:fb:b6:2e:8e:f1:cc:d8:ff:59:b7:9d:00:
                    22:e7:e3:d0:37:41:8b:8e:0b:b7:88:66:60:0e:86:
                    ad:39:60:35:5c:ec:77:3b:cb:dc:c7:a1:87:87:49:
                    19:f7:17:40:9d:d2:98:b3:79:c5:39:e1:5b:16:51:
                    93:da:c7:bd:d2:7a:f2:22:3f:59:8e:2a:1d:d0:2b:
                    2b:da:5b:41:a0:3a:c9:35:21:cf:b1:e1:50:0c:56:
                    80:15:33:58:0a:61:80:64:58:0f:c0:06:1a:1c:85:
                    fb:b8:c0:94:cb:cd:8d:0d:6e:d5:af:1f:f4:5f:24:
                    e4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:DD:31:56:80:06:E9:BD:6D:92:1A:EB:2A:7A:A6:45:58:D6:B6:02
            X509v3 Authority Key Identifier:
                keyid:93:04:23:4E:73:90:49:14:3A:85:91:A3:74:5A:53:E4:B9:2A:D8:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DE323/9E61E424525F11EE80BA0D74C4F9AE02/kwQjTnOQSRQ6hZGjdFpT5Lkq2Ng.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kwQjTnOQSRQ6hZGjdFpT5Lkq2Ng.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE323/9E61E424525F11EE80BA0D74C4F9AE02/375950A4526011EE8E503D2BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d0:2b:0b:7e:2a:e1:ac:ae:9e:5d:01:26:82:a8:e7:ec:8e:52:
         2b:c9:a8:15:3a:b0:e1:c7:e7:4e:56:37:80:3c:04:de:48:5a:
         b5:9b:09:1a:58:8d:e2:b6:6b:c5:d4:b7:cf:48:cb:83:de:39:
         34:da:9a:7f:0b:16:12:41:3b:71:45:89:c8:9f:15:2d:40:5d:
         a9:1c:78:59:2d:27:c5:6d:6a:b1:59:52:bd:85:4d:0e:07:11:
         07:22:af:9e:87:db:ef:0b:13:61:6f:50:dc:72:59:b2:ba:3e:
         c1:1e:43:e0:42:22:e8:48:27:82:93:1a:a7:49:5d:58:60:de:
         41:bd:5a:43:44:df:cd:3d:0f:4c:e4:a5:42:27:ad:76:11:9e:
         68:9f:e6:d6:15:40:ba:df:6a:4e:b3:95:0e:6e:7f:c1:4a:f4:
         96:53:66:7d:a1:fd:41:a0:08:ce:d8:27:6a:27:52:7d:7f:fe:
         cb:99:ba:e4:4d:9b:e1:f6:57:c0:3c:91:d3:49:be:ee:14:10:
         2c:be:9b:10:f2:0c:17:6c:63:4c:28:15:ea:fc:ec:a6:c3:06:
         40:30:e2:b7:90:10:7f:a5:33:2c:c2:e9:66:cf:dc:81:bb:a7:
         09:f0:2c:b2:e7:cd:0e:07:19:87:28:bc:da:93:eb:2e:f7:44:
         97:7d:7e:10
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RTMyMzExMC8GA1UEBRMoOTMwNDIzNEU3MzkwNDkxNDNBODU5MUEzNzQ1QTUzRTRC
OTJBRDhEODAeFw0yMzA5MTMxODA2NThaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDFmYTQxLThmY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD6iJQkmcgWoQi3eOqbiY8DF3vsirkZwq86tD50gCHIAeb9gXO8KsoraIExhDGu
vZNEbjexiVYE2we9EcDFhXDAX/RVnHZKd7Lt1pQ39oh1e0Q0ju/TQQYm2LP2efqq
o6Nai1bIEY1jPDShNiW+6VHa+6WODIsgUO1uVXqePJgVXgKka7mmVSLJW/u2Lo7x
zNj/WbedACLn49A3QYuOC7eIZmAOhq05YDVc7Hc7y9zHoYeHSRn3F0Cd0pizecU5
4VsWUZPax73SevIiP1mOKh3QKyvaW0GgOsk1Ic+x4VAMVoAVM1gKYYBkWA/ABhoc
hfu4wJTLzY0NbtWvH/RfJOT3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBN0xVoAG
6b1tkhrrKnqmRVjWtgIwHwYDVR0jBBgwFoAUkwQjTnOQSRQ6hZGjdFpT5Lkq2Ngw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFMzIzLzlFNjFFNDI0NTI1
RjExRUU4MEJBMEQ3NEM0RjlBRTAyL2t3UWpUbk9RU1JRNmhaR2pkRnBUNUxrcTJO
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva3dRalRuT1FTUlE2aFpHamRGcFQ1TGtxMk5nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RTMyMy85RTYxRTQyNDUyNUYxMUVFODBCQTBENzRDNEY5QUUwMi8zNzU5NTBBNDUy
NjAxMUVFOEU1MDNEMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeh2DANBgkqhkiG9w0BAQsFAAOCAQEA0CsLfirhrK6eXQEm
gqjn7I5SK8moFTqw4cfnTlY3gDwE3khatZsJGliN4rZrxdS3z0jLg945NNqafwsW
EkE7cUWJyJ8VLUBdqRx4WS0nxW1qsVlSvYVNDgcRByKvnofb7wsTYW9Q3HJZsro+
wR5D4EIi6EgngpMap0ldWGDeQb1aQ0TfzT0PTOSlQietdhGeaJ/m1hVAut9qTrOV
Dm5/wUr0llNmfaH9QaAIztgnaidSfX/+y5m65E2b4fZXwDyR00m+7hQQLL6bEPIM
F2xjTCgV6vzspsMGQDDit5AQf6UzLMLpZs/cgbunCfAssufNDgcZhyi82pPrLvdE
l31+EA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org