Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
File:                     4B12E1640E2311EDB690EE6FC4F9AE02.roa (raw, json)
Hash identifier:          /1kA8pXB7MXohs/f2pTQD+3juzC/mqyDPGckiWL1bZg=
Subject key identifier:   80:B5:A5:9F:97:65:4E:79:76:1C:C5:57:5E:59:4D:DE:95:B8:C8:06
Certificate issuer:       /CN=A91E30BC/serialNumber=8D120AE17B91ADB0F6A2E59E4EA4EA4D1744C8DB
Certificate serial:       02
Authority key identifier: 8D:12:0A:E1:7B:91:AD:B0:F6:A2:E5:9E:4E:A4:EA:4D:17:44:C8:DB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jRIK4XuRrbD2ouWeTqTqTRdEyNs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
Signing time:             Thu 28 Jul 2022 03:13:47 +0000
ROA not before:           Thu 28 Jul 2022 03:13:47 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     150144
IP address blocks:        103.6.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E30BC/serialNumber=8D120AE17B91ADB0F6A2E59E4EA4EA4D1744C8DB
        Validity
            Not Before: Jul 28 03:13:47 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=62e1feea-0b33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:63:cd:43:03:e4:c7:0b:2a:d9:ec:bb:78:2c:
                    d7:33:e9:62:fe:c8:69:7d:32:4e:a9:10:fa:7d:b1:
                    a1:93:83:b4:2f:08:77:1c:2e:d4:97:07:33:53:1f:
                    d2:88:ea:92:39:fb:04:9c:97:69:5f:cb:7d:f0:bb:
                    cc:f4:fc:a0:61:4b:07:ba:ce:23:b0:bc:db:0f:82:
                    32:20:2b:68:8d:e8:2a:7c:05:f2:b9:6e:44:db:dc:
                    93:11:4b:c5:39:72:e2:e5:82:b3:dc:97:50:02:15:
                    a6:58:84:0c:2b:c5:fb:5e:35:9c:aa:00:10:14:3f:
                    87:aa:c1:9b:9b:d7:90:3b:69:34:73:b2:82:f2:fe:
                    ad:be:7a:fa:57:d2:77:ce:00:b3:48:dd:bc:09:07:
                    9f:f9:1c:62:c3:62:5b:74:d8:b6:fe:33:25:7d:05:
                    51:41:27:4d:9f:36:c6:38:b8:19:f6:19:e8:02:ed:
                    28:52:b1:9b:67:ae:bb:ae:2e:b6:26:c1:32:6b:d7:
                    23:ac:d9:00:27:af:a1:f8:32:9c:7e:44:67:63:31:
                    7d:92:23:87:23:20:b0:b6:80:0d:65:70:09:a6:f9:
                    63:fc:4b:a0:29:94:5e:97:2e:b3:9f:38:2b:33:0d:
                    81:2b:f7:87:5c:8c:1d:79:9e:98:0b:d6:49:41:ef:
                    80:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B5:A5:9F:97:65:4E:79:76:1C:C5:57:5E:59:4D:DE:95:B8:C8:06
            X509v3 Authority Key Identifier:
                keyid:8D:12:0A:E1:7B:91:AD:B0:F6:A2:E5:9E:4E:A4:EA:4D:17:44:C8:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/jRIK4XuRrbD2ouWeTqTqTRdEyNs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jRIK4XuRrbD2ouWeTqTqTRdEyNs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.6.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:31:99:6b:29:0c:b2:e8:ca:07:5d:9e:8c:2e:2a:98:4d:eb:
         19:bd:ca:ac:43:c0:f0:f3:b5:fa:ff:75:cc:00:2c:6b:c3:cb:
         0a:b6:76:2a:b3:e9:15:77:d4:d9:7c:b8:01:de:7f:de:59:f2:
         34:fb:54:63:04:b3:49:ba:80:6a:7f:ac:31:7a:c1:4a:de:2f:
         6c:6f:2b:ee:83:33:b6:c6:ce:b2:75:c9:3c:3c:b6:69:7e:b1:
         27:2d:ea:82:be:a3:c9:8c:f5:44:f6:78:14:60:4e:2e:39:80:
         98:ac:bf:9f:4a:64:37:df:9d:e0:04:6f:d8:ce:26:f1:0a:b4:
         7f:10:d7:42:fd:94:65:40:7a:00:62:8c:08:a5:51:60:ec:86:
         e3:18:df:34:7b:1e:f3:19:48:a2:8a:87:a5:2c:96:f0:2d:78:
         fb:a9:0d:fd:6c:5e:e7:9d:8a:ad:38:b4:b0:90:0b:f9:ad:f1:
         7a:3b:ad:9a:02:bd:c9:28:c6:2b:7b:a4:6f:73:2e:25:28:41:
         e8:6d:81:29:f9:d8:ee:f7:2c:2b:e7:63:64:a6:07:37:7f:6f:
         1f:fd:40:25:21:92:b7:45:4c:ef:5e:5b:a7:c5:95:5f:b0:b4:
         d1:77:04:4c:b4:71:8d:f1:bd:1e:00:18:bb:f3:79:12:0f:d0:
         9d:15:62:05
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MzBCQzExMC8GA1UEBRMoOEQxMjBBRTE3QjkxQURCMEY2QTJFNTlFNEVBNEVBNEQx
NzQ0QzhEQjAeFw0yMjA3MjgwMzEzNDdaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZTFmZWVhLTBiMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9Y81DA+THCyrZ7Lt4LNcz6WL+yGl9Mk6pEPp9saGTg7QvCHccLtSXBzNTH9KI
6pI5+wScl2lfy33wu8z0/KBhSwe6ziOwvNsPgjIgK2iN6Cp8BfK5bkTb3JMRS8U5
cuLlgrPcl1ACFaZYhAwrxfteNZyqABAUP4eqwZub15A7aTRzsoLy/q2+evpX0nfO
ALNI3bwJB5/5HGLDYlt02Lb+MyV9BVFBJ02fNsY4uBn2GegC7ShSsZtnrruuLrYm
wTJr1yOs2QAnr6H4Mpx+RGdjMX2SI4cjILC2gA1lcAmm+WP8S6AplF6XLrOfOCsz
DYEr94dcjB15npgL1klB74CVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgLWln5dl
Tnl2HMVXXllN3pW4yAYwHwYDVR0jBBgwFoAUjRIK4XuRrbD2ouWeTqTqTRdEyNsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzMEJDLzM4NTdERUYyMEUx
RjExRUQ4NTNBRjU2NUM0RjlBRTAyL2pSSUs0WHVScmJEMm91V2VUcVRxVFJkRXlO
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvalJJSzRYdVJyYkQyb3VXZVRxVHFUUmRFeU5zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MzBCQy8zODU3REVGMjBFMUYxMUVEODUzQUY1NjVDNEY5QUUwMi80QjEyRTE2NDBF
MjMxMUVEQjY5MEVFNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcGdzANBgkqhkiG9w0BAQsFAAOCAQEATjGZaykMsujKB12e
jC4qmE3rGb3KrEPA8PO1+v91zAAsa8PLCrZ2KrPpFXfU2Xy4Ad5/3lnyNPtUYwSz
SbqAan+sMXrBSt4vbG8r7oMztsbOsnXJPDy2aX6xJy3qgr6jyYz1RPZ4FGBOLjmA
mKy/n0pkN9+d4ARv2M4m8Qq0fxDXQv2UZUB6AGKMCKVRYOyG4xjfNHse8xlIooqH
pSyW8C14+6kN/Wxe552KrTi0sJAL+a3xejutmgK9ySjGK3ukb3MuJShB6G2BKfnY
7vcsK+djZKYHN39vH/1AJSGSt0VM715bp8WVX7C00XcETLRxjfG9HgAYu/N5Eg/Q
nRViBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org