Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
File:                     DB234EB683DF11ECBB82F47DC4F9AE02.roa (raw, json)
Hash identifier:          LaCNnPsuufn/rTN2rRiZa3LfEvmI4GsnJ6Qd9A+HeGM=
Subject key identifier:   D4:1A:D9:66:E7:26:E6:E7:A4:E4:40:96:5A:0D:13:64:00:3D:1C:50
Certificate issuer:       /CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
Certificate serial:       1741
Authority key identifier: AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
Signing time:             Wed 02 Feb 2022 04:23:22 +0000
ROA not before:           Wed 02 Feb 2022 04:23:22 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     133326
IP address blocks:        103.38.120.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5953 (0x1741)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
        Validity
            Not Before: Feb  2 04:23:22 2022 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=61fa073a-dfc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f9:4c:68:f9:04:6f:40:57:67:18:4e:44:65:
                    8b:10:2b:9a:cf:69:9a:36:7b:04:04:9e:17:7b:dc:
                    1f:43:9e:f7:6f:fe:ba:d4:c7:5c:ad:33:c6:ea:09:
                    45:82:cf:60:88:ad:17:f9:21:59:bf:c0:2f:aa:02:
                    13:d6:12:e5:12:04:57:26:b6:7c:b8:8e:62:2a:fc:
                    94:a7:3a:9b:1f:8a:78:7a:64:cf:bd:41:26:8a:6d:
                    02:df:36:1d:a4:39:46:ff:dd:7f:25:e5:c6:ba:08:
                    2f:28:10:c6:6c:74:d9:d7:60:2b:fc:71:aa:ed:61:
                    b2:1c:1c:cd:c6:1c:6a:92:09:96:ed:99:00:1b:8e:
                    21:ec:38:6c:ec:86:96:ef:ca:ea:e0:19:70:d9:44:
                    fb:e6:9d:0b:67:94:37:fc:bb:6d:7b:0a:8c:52:f6:
                    17:5b:57:11:b8:90:8d:3e:3e:8b:d2:b5:2b:a4:3d:
                    3b:ba:ee:29:54:b6:8f:94:b2:77:09:98:c8:1e:0a:
                    71:54:41:12:47:14:f6:45:24:63:90:8e:97:60:ac:
                    2a:06:b9:1b:0a:90:58:1c:b2:06:b0:ae:dd:a3:75:
                    da:ce:36:71:92:d1:e6:c2:90:92:78:73:6e:ba:50:
                    0e:c6:b0:0d:6f:9b:de:db:a6:a8:2d:c3:55:94:4a:
                    61:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:1A:D9:66:E7:26:E6:E7:A4:E4:40:96:5A:0D:13:64:00:3D:1C:50
            X509v3 Authority Key Identifier:
                keyid:AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.38.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:88:64:f7:36:ad:58:96:4a:a8:45:e9:8a:5f:18:f9:07:77:
         2f:57:d7:a6:a1:d7:f3:eb:5f:c5:30:54:7a:1a:0d:9c:24:47:
         71:59:2a:9b:e7:11:11:2d:fd:b6:93:ff:79:d9:08:c8:4b:c8:
         09:9a:89:6a:86:0b:1e:ac:73:78:b1:1d:cd:34:44:2d:4f:32:
         42:fb:30:bf:40:34:90:49:bf:ca:c8:d9:0d:8d:9c:22:0f:0e:
         1e:49:60:b6:56:ee:c1:d6:fc:ce:28:6d:24:08:64:4b:e2:b0:
         e8:41:b5:c3:8b:92:14:15:f9:d9:d6:7d:03:31:43:48:c9:de:
         c2:af:3b:7e:e1:3e:ed:06:f7:db:ea:6b:a4:dd:9b:4d:f4:b8:
         aa:b6:9a:b9:95:2c:66:4d:a6:fd:6d:73:5d:b9:b4:71:74:6c:
         87:8c:f7:68:75:1b:13:b8:a2:46:6b:d8:8d:36:06:a4:b9:3a:
         41:a1:2d:00:8f:79:f2:23:77:ae:13:c8:5e:db:9b:2a:c3:6c:
         62:3f:02:c3:10:92:13:bc:cf:33:e0:b1:28:67:b2:d3:fc:94:
         ae:32:21:25:14:b2:c7:74:96:15:d6:15:09:75:68:51:85:b3:
         a3:76:d9:5d:b6:bf:aa:15:1a:da:cd:26:20:e3:3c:6e:13:b7:
         dc:c4:51:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFRjcxMTAvBgNVBAUTKEFBQjUyNEU1OTVBNTMwRTEyQzEzQUEyMTFDMkVGMjZC
NjlERDlDOUIwHhcNMjIwMjAyMDQyMzIyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWZhMDczYS1kZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvflMaPkEb0BXZxhORGWLECuaz2maNnsEBJ4Xe9wfQ573b/661MdcrTPG6glF
gs9giK0X+SFZv8AvqgIT1hLlEgRXJrZ8uI5iKvyUpzqbH4p4emTPvUEmim0C3zYd
pDlG/91/JeXGuggvKBDGbHTZ12Ar/HGq7WGyHBzNxhxqkgmW7ZkAG44h7Dhs7IaW
78rq4Blw2UT75p0LZ5Q3/LttewqMUvYXW1cRuJCNPj6L0rUrpD07uu4pVLaPlLJ3
CZjIHgpxVEESRxT2RSRjkI6XYKwqBrkbCpBYHLIGsK7do3XazjZxktHmwpCSeHNu
ulAOxrANb5ve26aoLcNVlEphAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNQa2Wbn
JubnpORAlloNE2QAPRxQMB8GA1UdIwQYMBaAFKq1JOWVpTDhLBOqIRwu8mtp3Zyb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEVGNy9DNDZGRDc3NDFC
OEYxMUU3QUM0QzcyMjlDNEY5QUUwMi9xclVrNVpXbE1PRXNFNm9oSEM3eWEybmRu
SnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyVWs1WldsTU9Fc0U2b2hIQzd5YTJuZG5Kcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFRjcvQzQ2RkQ3NzQxQjhGMTFFN0FDNEM3MjI5QzRGOUFFMDIvREIyMzRFQjY4
M0RGMTFFQ0JCODJGNDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnJngwDQYJKoZIhvcNAQELBQADggEBALSIZPc2rViWSqhF
6YpfGPkHdy9X16ah1/PrX8UwVHoaDZwkR3FZKpvnEREt/baT/3nZCMhLyAmaiWqG
Cx6sc3ixHc00RC1PMkL7ML9ANJBJv8rI2Q2NnCIPDh5JYLZW7sHW/M4obSQIZEvi
sOhBtcOLkhQV+dnWfQMxQ0jJ3sKvO37hPu0G99vqa6Tdm030uKq2mrmVLGZNpv1t
c125tHF0bIeM92h1GxO4okZr2I02BqS5OkGhLQCPefIjd64TyF7bmyrDbGI/AsMQ
khO8zzPgsShnstP8lK4yISUUssd0lhXWFQl1aFGFs6N22V22v6oVGtrNJiDjPG4T
t9zEUcM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org