Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/B1D7D500F38611EDAE4A1B5CC4F9AE02.roa
File:                     B1D7D500F38611EDAE4A1B5CC4F9AE02.roa (raw, json)
Hash identifier:          eahMZyB5sfO8hCZG1VFWV9Qfbll/ew4pDePmlQ3N9G4=
Subject key identifier:   2B:96:01:EA:F0:53:10:FE:FE:58:CD:3A:6A:C8:9A:A5:D8:F2:E1:5F
Certificate issuer:       /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial:       0304
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/B1D7D500F38611EDAE4A1B5CC4F9AE02.roa
Signing time:             Fri 17 Nov 2023 21:46:10 +0000
ROA not before:           Fri 17 Nov 2023 21:46:10 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     151332
IP address blocks:        103.179.37.0/24 maxlen: 24
                          2001:df0:45c0::/48 maxlen: 48
                          2001:df0:45c1::/48 maxlen: 48
                          2001:df0:45c2::/47 maxlen: 48
                          2001:df0:45c7::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 772 (0x304)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
        Validity
            Not Before: Nov 17 21:46:10 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=6557df21-c45d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:27:9c:be:78:24:d6:f1:53:91:87:a7:67:0e:
                    83:b3:0d:b3:4a:31:ce:04:61:3c:e1:78:01:8c:9c:
                    78:16:d2:b9:cd:c5:61:7c:13:ac:85:74:61:bd:4a:
                    be:3f:dc:1e:db:d9:3e:63:6d:3e:8e:06:4a:8e:8e:
                    bf:9c:6d:e0:50:50:23:47:64:1b:dd:6a:60:84:a7:
                    bf:f4:38:b5:a6:61:b6:cb:26:47:0c:8d:94:17:9f:
                    ee:7c:ed:c5:c0:55:db:b9:66:8d:11:5c:12:5a:c5:
                    72:5b:1c:b3:d0:55:88:8b:2e:0d:d4:85:b7:5f:b8:
                    22:60:ab:15:8e:74:c3:92:42:05:d9:a6:09:75:e8:
                    df:38:46:76:5a:1d:39:02:95:a2:cb:60:91:c4:1f:
                    1d:72:99:ce:08:77:c1:5a:c1:9f:f2:c7:7c:0f:a1:
                    15:94:83:89:6e:24:e7:5e:81:68:38:e8:e7:86:80:
                    a4:42:1b:d6:62:26:7a:70:74:66:4c:28:35:80:40:
                    00:32:e5:83:0d:f5:bf:39:0a:c6:c3:18:d8:92:9e:
                    fb:8e:1d:d5:2b:59:d0:07:b6:42:a4:94:f0:8e:84:
                    5f:58:8b:d7:d6:91:ba:d8:bd:ea:55:b5:03:25:9e:
                    84:f9:73:06:3d:24:43:a5:4b:b8:1a:0b:a5:db:e0:
                    bc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:96:01:EA:F0:53:10:FE:FE:58:CD:3A:6A:C8:9A:A5:D8:F2:E1:5F
            X509v3 Authority Key Identifier:
                keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/B1D7D500F38611EDAE4A1B5CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.179.37.0/24
                IPv6:
                  2001:df0:45c0::/46
                  2001:df0:45c7::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:a3:c9:21:1c:3e:10:b0:18:e7:af:6f:0e:35:8b:72:45:5d:
         4f:d4:11:73:02:d3:f1:8f:be:e1:7a:7f:ac:e0:6b:27:af:12:
         fe:2a:2d:0d:41:23:e4:f6:55:33:8f:be:80:97:b6:14:a1:63:
         82:b6:55:b8:cd:30:fb:c3:ba:19:0d:2b:9b:de:ec:d3:31:4c:
         36:5a:c3:04:6c:dd:c4:af:cc:ea:e6:fe:ea:98:6d:04:b1:95:
         c8:62:dc:dd:2e:39:66:3f:4b:6b:8e:dc:b1:d1:d7:c2:10:02:
         75:5c:66:28:6a:bb:91:ca:86:c7:81:d9:31:e7:2c:7a:af:39:
         48:91:92:cf:5d:ad:46:44:ff:ae:fd:c6:8b:d7:5d:84:33:4e:
         ba:c4:06:dc:2a:a3:15:d0:fe:77:5b:a2:56:70:7c:b6:b6:b7:
         fb:7e:af:fc:91:3b:69:50:ad:15:d9:2c:d5:a7:5b:a2:77:e2:
         78:36:1f:bf:58:22:ed:f7:96:06:c9:3e:44:3e:f1:e7:d6:c6:
         14:e3:84:98:d8:21:fd:48:94:9b:3b:8f:b3:29:f9:4a:e8:0f:
         85:73:b2:62:1c:72:a8:d3:e5:de:03:d0:33:a6:8c:b8:55:f7:
         c5:a1:4b:e3:e5:b6:a8:e8:b2:a9:8b:c6:fa:a9:0e:ef:74:f4:
         28:fc:ad:c1
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjMxMTE3MjE0NjEwWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU3ZGYyMS1jNDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxiecvngk1vFTkYenZw6Dsw2zSjHOBGE84XgBjJx4FtK5zcVhfBOshXRhvUq+
P9we29k+Y20+jgZKjo6/nG3gUFAjR2Qb3WpghKe/9Di1pmG2yyZHDI2UF5/ufO3F
wFXbuWaNEVwSWsVyWxyz0FWIiy4N1IW3X7giYKsVjnTDkkIF2aYJdejfOEZ2Wh05
ApWiy2CRxB8dcpnOCHfBWsGf8sd8D6EVlIOJbiTnXoFoOOjnhoCkQhvWYiZ6cHRm
TCg1gEAAMuWDDfW/OQrGwxjYkp77jh3VK1nQB7ZCpJTwjoRfWIvX1pG62L3qVbUD
JZ6E+XMGPSRDpUu4Ggul2+C8RQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFCuWAerw
UxD+/ljNOmrImqXY8uFfMB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvQjFEN0Q1MDBG
Mzg2MTFFREFFNEExQjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBABnsyUwGAQCAAIwEgMHAiABDfBFwAMHACABDfBFxzANBgkq
hkiG9w0BAQsFAAOCAQEAUaPJIRw+ELAY569vDjWLckVdT9QRcwLT8Y++4Xp/rOBr
J68S/iotDUEj5PZVM4++gJe2FKFjgrZVuM0w+8O6GQ0rm97s0zFMNlrDBGzdxK/M
6ub+6phtBLGVyGLc3S45Zj9La47csdHXwhACdVxmKGq7kcqGx4HZMecseq85SJGS
z12tRkT/rv3Gi9ddhDNOusQG3CqjFdD+d1uiVnB8tra3+36v/JE7aVCtFdks1adb
onfieDYfv1gi7feWBsk+RD7x59bGFOOEmNgh/UiUmzuPsyn5SugPhXOyYhxyqNPl
3gPQM6aMuFX3xaFL4+W2qOiyqYvG+qkO73T0KPytwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org