Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/B63F97943BA511EC8737B534C4F9AE02.roa
File:                     B63F97943BA511EC8737B534C4F9AE02.roa (raw, json)
Hash identifier:          ngc6nj3C6nsNatpc/xQooHbdGREyEv9uB8x9d/JNPik=
Subject key identifier:   07:E8:94:45:3D:4F:59:81:5E:7D:25:E8:9A:ED:13:2E:7D:94:39:BF
Certificate issuer:       /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Certificate serial:       097F
Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/B63F97943BA511EC8737B534C4F9AE02.roa
Signing time:             Thu 26 May 2022 04:49:44 +0000
ROA not before:           Thu 26 May 2022 04:49:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     141452
IP address blocks:        103.214.81.0/24 maxlen: 24
                          144.48.84.0/24 maxlen: 24
                          144.48.85.0/24 maxlen: 24
                          144.48.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2431 (0x97f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
        Validity
            Not Before: May 26 04:49:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=628f06e7-434b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:99:90:e7:e0:0b:92:37:72:93:66:f9:37:ae:
                    cc:5e:59:15:2d:14:bf:be:d9:c4:60:28:8a:da:41:
                    67:7d:59:f1:da:cb:61:6d:7e:f3:07:b2:09:9b:77:
                    98:5d:e1:ef:b3:dd:11:d7:f4:8a:f0:98:cb:56:23:
                    d0:26:0b:c0:d8:f1:e5:65:9f:5d:92:2e:58:98:78:
                    73:28:45:cd:33:58:98:50:64:f7:86:36:d4:58:9c:
                    2b:a3:bc:75:a0:3c:8c:87:9c:24:a6:90:7d:99:9f:
                    da:17:f6:c0:84:86:40:4c:3e:c7:96:29:83:cb:92:
                    76:3a:ff:c7:0e:6d:5a:85:aa:c8:1b:70:8a:8f:96:
                    ff:7a:b5:44:17:98:93:f8:3f:4e:89:74:00:25:7d:
                    ab:db:65:49:4b:e9:78:35:44:68:cc:98:58:a1:84:
                    ad:ed:7f:42:44:0e:79:09:33:cb:9a:e2:9e:80:fd:
                    a9:b5:c0:df:aa:91:12:bc:bd:60:a7:2c:43:e8:e1:
                    95:f4:bf:47:1a:d0:67:12:b4:aa:82:95:a9:39:91:
                    5e:22:97:04:ff:37:e4:ff:57:22:a4:3a:96:cc:75:
                    0e:fd:18:2e:95:cb:c7:70:b2:39:b7:85:09:3e:69:
                    ea:7b:ed:b3:6f:d5:5a:42:f1:82:ed:3a:c5:24:81:
                    0f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:E8:94:45:3D:4F:59:81:5E:7D:25:E8:9A:ED:13:2E:7D:94:39:BF
            X509v3 Authority Key Identifier:
                keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/B63F97943BA511EC8737B534C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.214.81.0/24
                  144.48.84.0-144.48.86.255

    Signature Algorithm: sha256WithRSAEncryption
         c7:8a:9a:2f:47:26:dc:6c:31:f0:07:10:f0:41:56:91:cf:35:
         c8:99:4d:a9:92:34:84:cc:3c:0e:5e:52:9e:7b:9f:07:13:70:
         26:ee:81:e5:f6:ca:89:af:9f:96:4a:4a:73:3d:58:fd:9c:74:
         bc:1a:51:4f:12:80:62:b9:02:4f:18:d8:3f:2f:19:2c:6e:7b:
         7d:4d:ee:7e:98:a3:cf:74:80:0f:b5:be:a6:a4:ad:21:79:d5:
         43:01:c5:4f:4d:08:58:5d:d5:3c:1d:3f:95:bc:9a:82:21:35:
         17:70:c0:df:df:fa:5b:64:c7:db:fc:19:01:bd:cf:ed:93:ac:
         3a:06:a7:60:60:d3:3a:74:60:80:e2:93:50:b3:f9:4d:e2:e8:
         90:e5:14:1a:29:fb:7d:19:5d:07:b4:7a:04:31:f1:f8:88:df:
         13:48:45:61:ab:fc:17:f7:d8:aa:e7:5d:76:ca:3b:06:74:3e:
         12:55:40:85:31:50:d1:bf:dc:68:ef:8b:20:5d:61:d6:d9:e6:
         9a:54:12:df:9b:50:1a:4d:a4:a9:38:9c:9f:e9:ab:b8:65:1a:
         f3:17:b7:8f:2c:be:45:6a:6c:07:a9:07:91:3e:81:f4:b3:68:
         3e:54:03:5b:e9:da:d8:7d:56:fd:83:6f:0a:c6:66:7e:82:fa:
         d9:91:de:63
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE
MTdGQTk2Q0QwHhcNMjIwNTI2MDQ0OTQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhmMDZlNy00MzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJmQ5+ALkjdyk2b5N67MXlkVLRS/vtnEYCiK2kFnfVnx2sthbX7zB7IJm3eY
XeHvs90R1/SK8JjLViPQJgvA2PHlZZ9dki5YmHhzKEXNM1iYUGT3hjbUWJwro7x1
oDyMh5wkppB9mZ/aF/bAhIZATD7HlimDy5J2Ov/HDm1aharIG3CKj5b/erVEF5iT
+D9OiXQAJX2r22VJS+l4NURozJhYoYSt7X9CRA55CTPLmuKegP2ptcDfqpESvL1g
pyxD6OGV9L9HGtBnErSqgpWpOZFeIpcE/zfk/1cipDqWzHUO/RgulcvHcLI5t4UJ
Pmnqe+2zb9VaQvGC7TrFJIEPQwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFAfolEU9
T1mBXn0l6JrtEy59lDm/MB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0
NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvQjYzRjk3OTQz
QkE1MTFFQzg3MzdCNTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBABn1lEwDAMEApAwVAMEAJAwVjANBgkqhkiG9w0BAQsFAAOC
AQEAx4qaL0cm3Gwx8AcQ8EFWkc81yJlNqZI0hMw8Dl5SnnufBxNwJu6B5fbKia+f
lkpKcz1Y/Zx0vBpRTxKAYrkCTxjYPy8ZLG57fU3ufpijz3SAD7W+pqStIXnVQwHF
T00IWF3VPB0/lbyagiE1F3DA39/6W2TH2/wZAb3P7ZOsOganYGDTOnRggOKTULP5
TeLokOUUGin7fRldB7R6BDHx+IjfE0hFYav8F/fYqudddso7BnQ+ElVAhTFQ0b/c
aO+LIF1h1tnmmlQS35tQGk2kqTicn+mruGUa8xe3jyy+RWpsB6kHkT6B9LNoPlQD
W+na2H1W/YNvCsZmfoL62ZHeYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org