Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/E3E8322E956D11ECA2D1695DC4F9AE02.roa
File:                     E3E8322E956D11ECA2D1695DC4F9AE02.roa (raw, json)
Hash identifier:          hVauPFZcqsSgnozrA2w05kIvnaXwYdm8F8QqYUKHPrk=
Subject key identifier:   83:C8:DC:48:D2:B3:C5:58:56:37:32:10:5B:89:D0:54:59:D8:F4:BC
Certificate issuer:       /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial:       028B
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/E3E8322E956D11ECA2D1695DC4F9AE02.roa
Signing time:             Fri 02 Dec 2022 16:32:33 +0000
ROA not before:           Fri 02 Dec 2022 16:32:33 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     10075
IP address blocks:        103.172.138.0/24 maxlen: 24
                          103.172.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 651 (0x28b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
        Validity
            Not Before: Dec  2 16:32:33 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=638a28a1-25f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:90:d9:bb:17:08:42:40:09:55:ba:62:14:c7:
                    74:5b:79:4a:9e:d5:72:63:39:9f:2d:f8:4b:78:b4:
                    45:c2:be:19:ee:e3:ab:d4:d0:b2:5b:41:ba:40:98:
                    a7:3c:19:a3:20:49:2c:aa:3d:20:d3:ba:d7:ab:49:
                    1e:f0:92:15:74:3c:a8:c1:dd:c3:3f:b2:2f:7a:a4:
                    dc:80:b2:3f:c9:9a:cd:cb:7e:4c:aa:4e:d8:e9:01:
                    d0:7b:29:22:3e:1f:6a:65:b2:23:28:58:48:0b:5f:
                    b2:6e:99:59:1a:72:3d:ba:83:f9:82:c9:19:78:12:
                    3e:01:c7:87:a4:4f:a7:53:08:e6:d5:60:e7:5c:63:
                    81:c2:b7:f8:8d:ff:c4:d7:6d:25:46:52:6c:ef:a1:
                    5b:f1:c7:3b:5e:56:36:71:43:0c:a5:3e:69:fe:1a:
                    06:11:94:13:d3:f7:75:4c:0a:86:3f:7a:33:e1:b4:
                    f3:8d:eb:5c:fb:82:b4:e6:4a:05:99:1f:a8:d3:ed:
                    20:5d:79:75:18:fb:5f:b6:bb:47:74:8e:96:73:a7:
                    cd:e3:cd:2a:d9:60:5b:b8:3c:18:7e:a1:e1:48:09:
                    9c:ad:a2:fb:a6:ce:47:3e:f0:f5:68:92:b5:33:64:
                    68:87:4a:4b:b4:34:f5:33:c7:fe:9c:e4:7c:fc:d3:
                    c4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:C8:DC:48:D2:B3:C5:58:56:37:32:10:5B:89:D0:54:59:D8:F4:BC
            X509v3 Authority Key Identifier:
                keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/E3E8322E956D11ECA2D1695DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:e0:4b:02:52:16:68:32:f5:af:15:00:4e:25:13:b1:e7:6d:
         c2:60:bc:64:4a:38:b4:e4:c9:12:13:34:ed:81:81:69:08:40:
         ec:4f:99:d6:78:94:a4:09:fe:b3:ce:99:43:3c:dd:62:2f:94:
         d4:ca:5c:98:d2:41:f1:da:cc:b6:b2:7f:cf:ac:0e:25:8f:8c:
         22:ad:f5:62:9e:c7:25:bd:44:9a:af:f6:7a:af:d1:86:3d:f0:
         e8:af:cc:c1:26:a9:be:39:2b:5f:4f:83:db:70:d7:df:09:11:
         49:e2:d2:65:9c:bb:4b:c3:f9:5a:79:11:5e:04:1d:75:b4:40:
         bb:2e:ab:fb:b7:78:f8:e9:aa:6f:82:c1:33:8c:b3:b5:07:dc:
         8f:22:2f:20:2d:25:cc:11:4e:e3:69:5b:d8:18:7f:ec:4d:80:
         e4:1b:bc:af:c1:1b:a0:a8:84:44:86:4c:a0:d2:95:11:5f:40:
         d0:8d:65:2b:0b:83:e7:cc:8d:8d:e2:a7:31:c7:77:3f:06:6b:
         fa:e2:36:8f:a2:f2:d5:2b:a4:b6:18:07:57:24:e5:b0:1b:38:
         3d:45:8d:ba:86:5f:1c:ab:a0:a8:e6:c5:9f:75:d4:f0:6c:f9:
         51:45:54:b8:0a:cf:71:0a:15:a5:63:c5:1d:df:e8:2a:d4:51:
         16:46:6e:84
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYzNUIxMTAvBgNVBAUTKEU0MDcyMEJBMjkzQkFGMjVCQzBBMTc3OEM2NUNGMEQy
RTBGMzUxNjAwHhcNMjIxMjAyMTYzMjMzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhMjhhMS0yNWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA25DZuxcIQkAJVbpiFMd0W3lKntVyYzmfLfhLeLRFwr4Z7uOr1NCyW0G6QJin
PBmjIEksqj0g07rXq0ke8JIVdDyowd3DP7IveqTcgLI/yZrNy35Mqk7Y6QHQeyki
Ph9qZbIjKFhIC1+ybplZGnI9uoP5gskZeBI+AceHpE+nUwjm1WDnXGOBwrf4jf/E
120lRlJs76Fb8cc7XlY2cUMMpT5p/hoGEZQT0/d1TAqGP3oz4bTzjetc+4K05koF
mR+o0+0gXXl1GPtftrtHdI6Wc6fN480q2WBbuDwYfqHhSAmcraL7ps5HPvD1aJK1
M2Roh0pLtDT1M8f+nOR8/NPEKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIPI3EjS
s8VYVjcyEFuJ0FRZ2PS8MB8GA1UdIwQYMBaAFOQHILopO68lvAoXeMZc8NLg81Fg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjM1Qi9FMDEwMTU4QTU2
NEUxMUVDODU4ODU5MTRDNEY5QUUwMi81QWNndWlrN3J5VzhDaGQ0eGx6dzB1RHpV
V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVXQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYzNUIvRTAxMDE1OEE1NjRFMTFFQzg1ODg1OTE0QzRGOUFFMDIvRTNFODMyMkU5
NTZEMTFFQ0EyRDE2OTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrIowDQYJKoZIhvcNAQELBQADggEBAMLgSwJSFmgy9a8V
AE4lE7HnbcJgvGRKOLTkyRITNO2BgWkIQOxPmdZ4lKQJ/rPOmUM83WIvlNTKXJjS
QfHazLayf8+sDiWPjCKt9WKexyW9RJqv9nqv0YY98OivzMEmqb45K19Pg9tw198J
EUni0mWcu0vD+Vp5EV4EHXW0QLsuq/u3ePjpqm+CwTOMs7UH3I8iLyAtJcwRTuNp
W9gYf+xNgOQbvK/BG6CohESGTKDSlRFfQNCNZSsLg+fMjY3ipzHHdz8Ga/riNo+i
8tUrpLYYB1ck5bAbOD1FjbqGXxyroKjmxZ911PBs+VFFVLgKz3EKFaVjxR3f6CrU
URZGboQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org