Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/840F2D687E9B11E8BAB88E2EC4F9AE02.roa
File:                     840F2D687E9B11E8BAB88E2EC4F9AE02.roa (raw, json)
Hash identifier:          Ez9aWVc7cS43hbf0B+X1aYQ4o4yALnYBfRMFVzjYlbc=
Subject key identifier:   C7:00:CD:02:D5:8D:04:8F:97:BF:11:B1:24:1A:40:C5:7D:0B:C8:EF
Certificate issuer:       /CN=A91E76B8/serialNumber=30E7DEB1C522E791598592B645308863CA000E18
Certificate serial:       1243
Authority key identifier: 30:E7:DE:B1:C5:22:E7:91:59:85:92:B6:45:30:88:63:CA:00:0E:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOfescUi55FZhZK2RTCIY8oADhg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/840F2D687E9B11E8BAB88E2EC4F9AE02.roa
Signing time:             Fri 16 Dec 2022 02:34:31 +0000
ROA not before:           Fri 16 Dec 2022 02:34:31 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     136210
IP address blocks:        103.83.188.0/22 maxlen: 22
                          103.83.188.0/24 maxlen: 24
                          103.83.189.0/24 maxlen: 24
                          103.83.190.0/24 maxlen: 24
                          103.83.191.0/24 maxlen: 24
                          2400:ecc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4675 (0x1243)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E76B8/serialNumber=30E7DEB1C522E791598592B645308863CA000E18
        Validity
            Not Before: Dec 16 02:34:31 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=639bd936-dad6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6d:31:20:71:cb:4c:4e:0a:15:d8:d0:54:28:
                    d9:23:c4:3b:53:d9:dd:2b:59:40:51:4a:06:bc:93:
                    bf:06:5e:eb:3d:66:15:b3:d5:e9:95:13:f3:35:15:
                    11:2a:65:eb:ba:f9:17:2b:19:3b:9e:bc:e2:7e:13:
                    2b:a4:23:dc:92:06:7c:d1:15:0d:e2:14:33:05:7f:
                    47:04:df:ca:3e:63:00:be:e3:ff:52:c2:36:60:a5:
                    64:b5:04:f2:36:ea:73:c2:cf:59:bc:56:7d:92:f7:
                    9c:87:0c:32:70:bc:50:c0:e1:aa:20:30:82:97:0b:
                    ad:df:56:52:61:5d:8c:1c:66:0a:12:0f:a0:e7:bb:
                    49:0f:97:73:0c:c7:41:da:cb:d4:de:6f:b7:d0:b3:
                    2b:d6:1e:14:f3:fa:3f:16:ca:6f:9a:7b:56:32:31:
                    41:99:1c:74:e5:f8:42:02:70:a6:8e:4f:94:2e:32:
                    2f:68:8e:cf:2e:13:2f:fa:61:6b:b1:ec:d9:7c:ee:
                    bb:f2:8e:6a:f9:de:6d:6d:df:bf:4e:7f:ee:d6:80:
                    10:34:63:0a:8c:b8:0e:90:62:15:ce:5d:8c:ee:f6:
                    ce:22:94:29:74:41:96:c5:b1:38:c1:a6:65:51:06:
                    78:9f:db:a8:ee:bd:87:e4:51:52:18:47:ac:c9:23:
                    f7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:00:CD:02:D5:8D:04:8F:97:BF:11:B1:24:1A:40:C5:7D:0B:C8:EF
            X509v3 Authority Key Identifier:
                keyid:30:E7:DE:B1:C5:22:E7:91:59:85:92:B6:45:30:88:63:CA:00:0E:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/MOfescUi55FZhZK2RTCIY8oADhg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOfescUi55FZhZK2RTCIY8oADhg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E76B8/FF1508EE7E9A11E8B69FC02DC4F9AE02/840F2D687E9B11E8BAB88E2EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.83.188.0/22
                IPv6:
                  2400:ecc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:d5:40:e8:c9:69:b6:25:68:e4:5a:29:7b:fa:fa:fa:21:36:
         8f:ff:09:74:83:c9:24:06:83:53:e9:38:7b:cd:35:7d:54:44:
         9e:d1:be:4b:a4:06:e5:77:b3:26:b8:2b:ff:9b:49:b3:0b:48:
         6a:4b:f8:79:d3:c5:63:91:9c:23:64:4b:cc:29:09:d8:88:0e:
         48:b5:4f:89:82:20:17:26:76:53:cd:77:39:b5:cc:e9:c8:78:
         10:66:55:d5:62:30:5e:bf:c6:32:90:05:4d:a2:64:27:ee:9f:
         4a:59:c5:73:5f:81:d1:a6:9f:af:3f:a9:9a:5d:bb:b5:42:0e:
         9f:93:67:71:2e:9f:9b:8b:c8:b5:c0:fd:e1:f0:6a:51:2a:c0:
         c9:48:ed:ff:70:55:be:1d:39:a6:a7:1d:56:1d:2c:79:5a:f9:
         31:73:f1:0a:1c:57:fe:c8:34:d4:eb:3c:b9:90:d2:14:6b:8a:
         3e:41:73:8b:bd:d8:30:ff:af:b6:e2:07:c3:d2:c4:dc:6e:a4:
         f0:46:d8:0c:78:7d:3b:b0:82:00:e6:a5:49:39:88:78:a8:3a:
         e8:26:96:76:c9:ab:98:b8:4f:1a:83:1c:cb:4c:d7:13:a2:e9:
         2f:2a:cd:cb:70:ff:36:07:14:f2:38:1e:17:d5:65:59:1f:49:
         47:f4:5f:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc2QjgxMTAvBgNVBAUTKDMwRTdERUIxQzUyMkU3OTE1OTg1OTJCNjQ1MzA4ODYz
Q0EwMDBFMTgwHhcNMjIxMjE2MDIzNDMxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzliZDkzNi1kYWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxW0xIHHLTE4KFdjQVCjZI8Q7U9ndK1lAUUoGvJO/Bl7rPWYVs9XplRPzNRUR
KmXruvkXKxk7nrzifhMrpCPckgZ80RUN4hQzBX9HBN/KPmMAvuP/UsI2YKVktQTy
Nupzws9ZvFZ9kvechwwycLxQwOGqIDCClwut31ZSYV2MHGYKEg+g57tJD5dzDMdB
2svU3m+30LMr1h4U8/o/FspvmntWMjFBmRx05fhCAnCmjk+ULjIvaI7PLhMv+mFr
sezZfO678o5q+d5tbd+/Tn/u1oAQNGMKjLgOkGIVzl2M7vbOIpQpdEGWxbE4waZl
UQZ4n9uo7r2H5FFSGEesySP32wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMcAzQLV
jQSPl78RsSQaQMV9C8jvMB8GA1UdIwQYMBaAFDDn3rHFIueRWYWStkUwiGPKAA4Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzZCOC9GRjE1MDhFRTdF
OUExMUU4QjY5RkMwMkRDNEY5QUUwMi9NT2Zlc2NVaTU1RlpoWksyUlRDSVk4b0FE
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PZmVzY1VpNTVGWmhaSzJSVENJWThvQURoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc2QjgvRkYxNTA4RUU3RTlBMTFFOEI2OUZDMDJEQzRGOUFFMDIvODQwRjJENjg3
RTlCMTFFOEJBQjg4RTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnU7wwDQQCAAIwBwMFACQA7MAwDQYJKoZIhvcNAQELBQAD
ggEBALjVQOjJabYlaORaKXv6+vohNo//CXSDySQGg1PpOHvNNX1URJ7RvkukBuV3
sya4K/+bSbMLSGpL+HnTxWORnCNkS8wpCdiIDki1T4mCIBcmdlPNdzm1zOnIeBBm
VdViMF6/xjKQBU2iZCfun0pZxXNfgdGmn68/qZpdu7VCDp+TZ3Eun5uLyLXA/eHw
alEqwMlI7f9wVb4dOaanHVYdLHla+TFz8QocV/7INNTrPLmQ0hRrij5Bc4u92DD/
r7biB8PSxNxupPBG2Ax4fTuwggDmpUk5iHioOugmlnbJq5i4TxqDHMtM1xOi6S8q
zctw/zYHFPI4HhfVZVkfSUf0X/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org