Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
File:                     00EF5E6EDF9A11EA919D0586C4F9AE02.roa (raw, json)
Hash identifier:          KizCT9Kl88pSQUOyw+yeMAFEV2j+0g7tzOkiw3pkLsg=
Subject key identifier:   08:36:07:26:42:02:53:72:81:69:2C:8B:60:0A:75:15:1E:CA:DC:AE
Certificate issuer:       /CN=A91F1C8C/serialNumber=13BDA64C6F1B5A2C33394736354E9E8E6BCAE256
Certificate serial:       05EE
Authority key identifier: 13:BD:A6:4C:6F:1B:5A:2C:33:39:47:36:35:4E:9E:8E:6B:CA:E2:56
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E72mTG8bWiwzOUc2NU6ejmvK4lY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
Signing time:             Thu 15 Sep 2022 11:00:43 +0000
ROA not before:           Thu 15 Sep 2022 11:00:43 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     140992
IP address blocks:        103.154.160.0/23 maxlen: 24
                          2001:df4:9080::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1518 (0x5ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F1C8C/serialNumber=13BDA64C6F1B5A2C33394736354E9E8E6BCAE256
        Validity
            Not Before: Sep 15 11:00:43 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=632305db-fa8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5e:a5:1a:1a:22:da:8c:ab:9b:ed:95:3c:e3:
                    20:1b:c9:0b:c3:e4:3b:bd:f1:b9:df:68:41:03:6c:
                    85:1e:1d:22:b7:f4:e7:21:d5:1c:47:70:bd:f1:b8:
                    e5:ee:3e:32:53:74:00:fb:78:3b:33:70:c9:41:cf:
                    ea:cc:a4:76:2c:c8:7d:78:6c:f8:7b:fa:87:1c:2a:
                    a5:aa:a9:eb:c3:b2:a7:48:f9:cb:df:bf:4e:41:e5:
                    7f:a1:1b:56:e8:af:9f:bf:f5:7f:d2:6e:52:2a:40:
                    98:7e:c2:d6:00:49:5f:4b:f0:28:e1:5b:5a:aa:30:
                    27:a6:f7:7c:f4:32:2a:ad:08:d8:8d:a7:5f:25:8c:
                    0c:38:65:55:fe:cc:5b:1f:7a:1e:96:ac:ae:0a:09:
                    66:15:ad:91:e1:57:03:44:c4:2c:f3:d3:b2:6e:df:
                    65:3f:77:d9:59:ee:90:4f:87:6c:76:eb:13:ba:03:
                    20:d7:50:35:3d:94:36:62:c3:b6:11:a8:f6:6f:8d:
                    1c:58:0e:49:1e:0d:c7:28:0d:8a:f1:71:9f:63:1b:
                    1b:fb:ec:e1:41:4e:bd:ba:94:a9:5e:b1:92:f5:2f:
                    d6:85:a9:7b:86:95:71:0c:43:e2:4d:13:d0:48:bf:
                    bb:17:60:5c:15:86:b7:ba:34:04:c0:68:67:d9:ce:
                    8e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:36:07:26:42:02:53:72:81:69:2C:8B:60:0A:75:15:1E:CA:DC:AE
            X509v3 Authority Key Identifier:
                keyid:13:BD:A6:4C:6F:1B:5A:2C:33:39:47:36:35:4E:9E:8E:6B:CA:E2:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/E72mTG8bWiwzOUc2NU6ejmvK4lY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E72mTG8bWiwzOUc2NU6ejmvK4lY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.154.160.0/23
                IPv6:
                  2001:df4:9080::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:fb:a4:12:39:d3:c6:24:7a:cc:52:d6:6f:84:05:4c:dd:2e:
         0f:57:79:b7:3b:54:ff:a7:5e:bd:26:02:c4:58:fb:d0:3f:3e:
         0e:3a:ad:0a:26:81:85:99:75:95:d3:90:ee:51:2b:d0:bf:8f:
         5f:07:d3:46:70:b3:43:ee:51:98:44:d9:ad:2d:80:7f:14:18:
         e7:e0:75:2b:6c:cc:d0:73:06:43:3e:54:11:f5:80:49:3e:2f:
         92:4d:6c:99:e0:64:93:ea:dd:d9:47:0d:da:f0:62:f9:f7:66:
         cf:e7:5c:ff:4c:0b:48:21:c6:6f:72:ab:07:aa:08:64:04:8c:
         45:c7:04:ce:1f:b7:61:e8:0e:73:95:d5:68:ee:57:30:60:0c:
         1e:dc:7d:63:da:c0:4d:2a:7c:5a:55:80:ca:19:27:ea:48:7c:
         33:9c:3e:7a:3b:73:73:f9:40:d4:73:7e:68:d1:a7:f7:ef:22:
         b1:fa:5d:1b:6d:3b:44:23:ec:3f:2b:26:7a:ef:89:04:af:18:
         e0:0a:6b:f2:52:79:5b:b7:d0:2e:c1:7a:fe:c2:d6:67:9d:17:
         43:14:10:27:61:7f:7d:70:48:5a:7d:e2:0c:ae:fc:9a:26:eb:
         fe:02:b7:c1:55:81:f7:77:91:63:36:8c:86:5d:91:20:b1:61:
         f4:b1:98:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjFDOEMxMTAvBgNVBAUTKDEzQkRBNjRDNkYxQjVBMkMzMzM5NDczNjM1NEU5RThF
NkJDQUUyNTYwHhcNMjIwOTE1MTEwMDQzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIzMDVkYi1mYThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV6lGhoi2oyrm+2VPOMgG8kLw+Q7vfG532hBA2yFHh0it/TnIdUcR3C98bjl
7j4yU3QA+3g7M3DJQc/qzKR2LMh9eGz4e/qHHCqlqqnrw7KnSPnL379OQeV/oRtW
6K+fv/V/0m5SKkCYfsLWAElfS/Ao4VtaqjAnpvd89DIqrQjYjadfJYwMOGVV/sxb
H3oelqyuCglmFa2R4VcDRMQs89Oybt9lP3fZWe6QT4dsdusTugMg11A1PZQ2YsO2
Eaj2b40cWA5JHg3HKA2K8XGfYxsb++zhQU69upSpXrGS9S/Whal7hpVxDEPiTRPQ
SL+7F2BcFYa3ujQEwGhn2c6OQwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAg2ByZC
AlNygWksi2AKdRUeytyuMB8GA1UdIwQYMBaAFBO9pkxvG1osMzlHNjVOno5ryuJW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUM4Qy8yM0U1RDVERURG
OTkxMUVBOUY4NUQ5ODJDNEY5QUUwMi9FNzJtVEc4Yldpd3pPVWMyTlU2ZWptdks0
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U3Mm1URzhiV2l3ek9VYzJOVTZlam12SzRsWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjFDOEMvMjNFNUQ1REVERjk5MTFFQTlGODVEOTgyQzRGOUFFMDIvMDBFRjVFNkVE
RjlBMTFFQTkxOUQwNTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmqAwDwQCAAIwCQMHACABDfSQgDANBgkqhkiG9w0BAQsF
AAOCAQEASfukEjnTxiR6zFLWb4QFTN0uD1d5tztU/6devSYCxFj70D8+DjqtCiaB
hZl1ldOQ7lEr0L+PXwfTRnCzQ+5RmETZrS2AfxQY5+B1K2zM0HMGQz5UEfWAST4v
kk1smeBkk+rd2UcN2vBi+fdmz+dc/0wLSCHGb3KrB6oIZASMRccEzh+3YegOc5XV
aO5XMGAMHtx9Y9rATSp8WlWAyhkn6kh8M5w+ejtzc/lA1HN+aNGn9+8isfpdG207
RCPsPysmeu+JBK8Y4Apr8lJ5W7fQLsF6/sLWZ50XQxQQJ2F/fXBIWn3iDK78mibr
/gK3wVWB93eRYzaMhl2RILFh9LGYkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org