Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF547/626E109498C711EC86A00949C4F9AE02/5EED356098D811ECA7B7A349C4F9AE02.roa
File:                     5EED356098D811ECA7B7A349C4F9AE02.roa (raw, json)
Hash identifier:          JbwmoW4e9ndHTYYVlIdr3fiZ/1g4oXktNqSJSySXink=
Subject key identifier:   62:93:5D:70:0E:16:AB:7F:C7:01:B7:84:DF:A2:C6:D6:8F:AF:D1:69
Certificate issuer:       /CN=A91EF547/serialNumber=A683632546F1A10784BC1A4FF6FA0BBE6CEC2D4E
Certificate serial:       01BB
Authority key identifier: A6:83:63:25:46:F1:A1:07:84:BC:1A:4F:F6:FA:0B:BE:6C:EC:2D:4E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poNjJUbxoQeEvBpP9voLvmzsLU4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EF547/626E109498C711EC86A00949C4F9AE02/5EED356098D811ECA7B7A349C4F9AE02.roa
Signing time:             Fri 21 Oct 2022 04:33:16 +0000
ROA not before:           Fri 21 Oct 2022 04:33:16 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     147067
IP address blocks:        103.174.2.0/24 maxlen: 24
                          2001:df7:b180::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 443 (0x1bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EF547/serialNumber=A683632546F1A10784BC1A4FF6FA0BBE6CEC2D4E
        Validity
            Not Before: Oct 21 04:33:16 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6352210b-0cef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d8:90:93:fe:71:19:1b:49:68:e8:6c:ca:b7:
                    25:a8:7f:ab:7e:98:92:a0:5b:df:50:55:b1:67:96:
                    7b:98:8d:7c:c2:3c:46:a4:c6:73:3f:60:4f:60:f0:
                    1e:91:5b:d7:c6:86:bb:94:7f:72:0a:0d:85:7c:e4:
                    52:d8:eb:5e:74:67:46:8c:c8:42:aa:4c:0c:1d:69:
                    c3:f6:a1:7c:0d:90:46:ca:1d:35:b9:18:8f:fe:75:
                    ef:ff:76:30:23:69:0c:40:65:05:e4:8a:43:da:ac:
                    c3:34:ca:7e:50:1a:b4:d8:e6:f1:0b:37:00:68:c0:
                    76:12:fd:d3:ca:c3:96:46:d1:18:05:0d:e3:4e:a5:
                    53:bb:13:88:91:c4:39:52:f1:1f:2f:69:45:b7:42:
                    be:09:6d:e3:e0:bb:99:75:d2:fc:95:f2:c6:d4:ba:
                    bc:6a:46:36:df:ba:cd:b0:27:42:a5:f7:dd:1b:df:
                    90:27:46:25:49:14:4c:92:93:e2:4d:b3:e9:7b:1d:
                    2c:dc:a0:e5:a9:d2:9c:8d:40:54:f4:5a:d0:e1:93:
                    40:d6:43:3f:a3:e1:f9:42:3b:6f:0c:5a:1c:fa:57:
                    01:31:84:d2:c8:11:60:e9:e9:61:06:85:b8:ff:6f:
                    b7:40:86:68:5a:da:39:8a:9e:53:cc:95:96:b5:0d:
                    27:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:93:5D:70:0E:16:AB:7F:C7:01:B7:84:DF:A2:C6:D6:8F:AF:D1:69
            X509v3 Authority Key Identifier:
                keyid:A6:83:63:25:46:F1:A1:07:84:BC:1A:4F:F6:FA:0B:BE:6C:EC:2D:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EF547/626E109498C711EC86A00949C4F9AE02/poNjJUbxoQeEvBpP9voLvmzsLU4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poNjJUbxoQeEvBpP9voLvmzsLU4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF547/626E109498C711EC86A00949C4F9AE02/5EED356098D811ECA7B7A349C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.174.2.0/24
                IPv6:
                  2001:df7:b180::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:b2:31:a7:bb:fd:83:7c:cb:24:9f:e4:d4:89:63:4d:75:5c:
         8b:f0:bd:14:3e:8b:b7:79:e5:2e:3e:9c:41:f2:8f:7b:43:78:
         66:7f:ba:1b:7e:47:e4:b8:cb:94:46:20:2c:e0:a9:d9:a4:32:
         b0:91:a7:33:22:de:c4:b3:31:40:a3:d8:17:af:b2:75:6d:6d:
         50:b4:f5:53:61:f1:32:34:a1:e6:5a:d5:d2:a0:15:b7:b6:aa:
         06:b7:70:9e:1a:56:7c:17:d0:80:70:19:54:a5:c1:d1:d1:d4:
         da:7b:cc:6b:57:7a:fe:c3:84:9b:ea:0e:70:77:5a:dd:7f:2c:
         e7:5c:c0:00:d6:ba:96:93:66:f8:0a:cd:17:5b:15:d2:a2:85:
         bf:d1:55:10:12:22:f0:65:1a:4d:b9:e8:52:ec:cf:99:50:c8:
         0c:fe:4f:74:2c:d9:a3:c6:c3:93:74:e2:2e:c0:50:da:3e:0c:
         4d:55:26:0e:38:23:13:e5:41:24:bb:a9:8b:00:c8:92:a0:56:
         af:8b:07:96:3b:c4:96:63:6c:a4:78:17:55:5f:2c:a9:e0:d2:
         20:a2:f7:ac:55:e1:92:db:11:93:fc:cb:01:5e:cf:d8:7c:4a:
         47:45:86:0b:a7:0b:51:3a:e0:8b:59:8d:e8:98:4f:b3:8e:0e:
         3c:2e:63:8e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY1NDcxMTAvBgNVBAUTKEE2ODM2MzI1NDZGMUExMDc4NEJDMUE0RkY2RkEwQkJF
NkNFQzJENEUwHhcNMjIxMDIxMDQzMzE2WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUyMjEwYi0wY2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2tiQk/5xGRtJaOhsyrclqH+rfpiSoFvfUFWxZ5Z7mI18wjxGpMZzP2BPYPAe
kVvXxoa7lH9yCg2FfORS2OtedGdGjMhCqkwMHWnD9qF8DZBGyh01uRiP/nXv/3Yw
I2kMQGUF5IpD2qzDNMp+UBq02ObxCzcAaMB2Ev3TysOWRtEYBQ3jTqVTuxOIkcQ5
UvEfL2lFt0K+CW3j4LuZddL8lfLG1Lq8akY237rNsCdCpffdG9+QJ0YlSRRMkpPi
TbPpex0s3KDlqdKcjUBU9FrQ4ZNA1kM/o+H5QjtvDFoc+lcBMYTSyBFg6elhBoW4
/2+3QIZoWto5ip5TzJWWtQ0nTwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGKTXXAO
Fqt/xwG3hN+ixtaPr9FpMB8GA1UdIwQYMBaAFKaDYyVG8aEHhLwaT/b6C75s7C1O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjU0Ny82MjZFMTA5NDk4
QzcxMUVDODZBMDA5NDlDNEY5QUUwMi9wb05qSlVieG9RZUV2QnBQOXZvTHZtenNM
VTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvTmpKVWJ4b1FlRXZCcFA5dm9Mdm16c0xVNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY1NDcvNjI2RTEwOTQ5OEM3MTFFQzg2QTAwOTQ5QzRGOUFFMDIvNUVFRDM1NjA5
OEQ4MTFFQ0E3QjdBMzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnrgIwDwQCAAIwCQMHACABDfexgDANBgkqhkiG9w0BAQsF
AAOCAQEAgrIxp7v9g3zLJJ/k1IljTXVci/C9FD6Lt3nlLj6cQfKPe0N4Zn+6G35H
5LjLlEYgLOCp2aQysJGnMyLexLMxQKPYF6+ydW1tULT1U2HxMjSh5lrV0qAVt7aq
BrdwnhpWfBfQgHAZVKXB0dHU2nvMa1d6/sOEm+oOcHda3X8s51zAANa6lpNm+ArN
F1sV0qKFv9FVEBIi8GUaTbnoUuzPmVDIDP5PdCzZo8bDk3TiLsBQ2j4MTVUmDjgj
E+VBJLupiwDIkqBWr4sHljvElmNspHgXVV8sqeDSIKL3rFXhktsRk/zLAV7P2HxK
R0WGC6cLUTrgi1mN6JhPs44OPC5jjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org