Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
File:                     798E8CF45F9611EDA8B4CE5CC4F9AE02.roa (raw, json)
Hash identifier:          d8YT7si4V/Th/bQqTKrN8dxu1LcrH/nXpC1TY0nwRkE=
Subject key identifier:   36:5C:B0:6B:AD:EF:E8:45:08:A3:08:DC:CC:63:C2:5F:6A:07:D8:D2
Certificate issuer:       /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial:       0318
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
Signing time:             Tue 31 Jan 2023 16:52:22 +0000
ROA not before:           Tue 31 Jan 2023 16:52:22 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     30938
IP address blocks:        103.101.85.0/24 maxlen: 24
                          103.101.86.0/24 maxlen: 24
                          103.101.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 792 (0x318)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
        Validity
            Not Before: Jan 31 16:52:22 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63d94746-3389
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:92:48:83:42:5f:6e:2d:75:50:71:49:73:f3:
                    79:ff:e0:0f:f4:b4:0e:6a:29:ca:38:1f:28:36:f0:
                    a5:ac:55:02:22:ae:51:ea:0d:58:c3:d0:5e:2e:23:
                    59:bf:9d:62:c4:80:8a:c8:ba:17:31:ea:1d:80:c0:
                    09:e6:d3:7a:52:48:a0:d1:76:c3:f7:5a:1a:36:47:
                    93:b6:4c:eb:7d:11:74:d8:47:8a:6a:37:69:11:99:
                    a8:1c:bc:cf:f8:b5:2a:77:f7:ca:de:0a:2b:f2:bd:
                    dc:ba:e9:aa:a3:c0:eb:2c:42:38:9f:87:c4:49:11:
                    ba:19:c3:96:77:64:ed:05:23:34:76:55:2c:98:fc:
                    c3:63:dc:68:1f:68:69:76:15:a1:4e:13:6d:37:17:
                    e8:3d:06:ea:e6:4f:23:8a:c9:73:0b:36:fb:e4:55:
                    5b:42:5f:ce:c2:d0:f2:61:3f:34:0d:fa:89:e7:64:
                    c4:44:49:a4:7d:aa:a3:1d:a1:ae:08:3b:c3:d4:cb:
                    f6:dd:ef:b1:4f:b6:aa:11:02:cb:70:41:fd:31:81:
                    f3:5f:df:1e:1b:0b:65:c5:3f:d6:3e:56:a9:44:f4:
                    8f:6d:f9:0e:65:83:3f:72:ee:d4:00:aa:ef:69:37:
                    a3:5f:39:5b:3c:fe:74:5d:8a:e9:f3:fe:e9:c6:19:
                    ab:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:5C:B0:6B:AD:EF:E8:45:08:A3:08:DC:CC:63:C2:5F:6A:07:D8:D2
            X509v3 Authority Key Identifier:
                keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/798E8CF45F9611EDA8B4CE5CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.85.0-103.101.87.255

    Signature Algorithm: sha256WithRSAEncryption
         8c:a0:01:99:ce:65:4c:35:06:c0:20:70:f4:7d:58:99:b1:5b:
         a6:ad:9e:7b:ee:f6:37:a2:83:fd:b6:98:96:77:89:07:62:f1:
         12:46:88:f7:cb:7d:67:f1:57:b9:2b:8f:8b:90:45:88:d5:55:
         7c:7e:5f:e0:bd:4a:fb:24:3a:a8:91:f0:ec:57:6a:15:dd:92:
         15:8a:2d:01:8f:e9:f9:b7:52:bb:61:bb:b6:b6:d3:b8:c5:f7:
         a3:f4:8d:41:7b:d4:e1:35:f5:58:eb:8f:b2:27:f8:86:27:8b:
         f2:e2:1d:da:c1:a9:7c:6e:9d:37:84:d9:2d:5a:08:1d:87:5e:
         8d:bb:42:59:f2:bc:05:52:1b:44:25:78:cb:44:e6:63:27:5a:
         a3:6c:3a:29:b0:2b:4e:1d:8a:df:70:99:72:83:b5:60:17:96:
         99:2b:4a:54:19:4c:a0:4d:43:34:04:40:4a:82:46:19:a7:e5:
         3e:1b:c9:00:06:f5:2c:7a:4e:89:4c:be:40:90:84:2b:68:97:
         0f:24:f6:61:93:85:b9:ff:06:38:23:f4:ab:c0:d9:8f:3a:d0:
         b3:b4:c4:4e:e6:8f:ea:4d:2c:d9:e2:d7:21:7f:86:95:47:39:
         19:bc:ae:71:94:9b:43:de:68:6d:3f:6b:be:aa:7f:44:1b:49:
         24:09:44:6c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwMTMxMTY1MjIyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q5NDc0Ni0zMzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArJJIg0Jfbi11UHFJc/N5/+AP9LQOainKOB8oNvClrFUCIq5R6g1Yw9BeLiNZ
v51ixICKyLoXMeodgMAJ5tN6Ukig0XbD91oaNkeTtkzrfRF02EeKajdpEZmoHLzP
+LUqd/fK3gor8r3cuumqo8DrLEI4n4fESRG6GcOWd2TtBSM0dlUsmPzDY9xoH2hp
dhWhThNtNxfoPQbq5k8jislzCzb75FVbQl/OwtDyYT80DfqJ52TEREmkfaqjHaGu
CDvD1Mv23e+xT7aqEQLLcEH9MYHzX98eGwtlxT/WPlapRPSPbfkOZYM/cu7UAKrv
aTejXzlbPP50XYrp8/7pxhmrOwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDZcsGut
7+hFCKMI3Mxjwl9qB9jSMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvNzk4RThDRjQ1
Rjk2MTFFREE4QjRDRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdlVQMEA2dlUDANBgkqhkiG9w0BAQsFAAOCAQEAjKAB
mc5lTDUGwCBw9H1YmbFbpq2ee+72N6KD/baYlneJB2LxEkaI98t9Z/FXuSuPi5BF
iNVVfH5f4L1K+yQ6qJHw7FdqFd2SFYotAY/p+bdSu2G7trbTuMX3o/SNQXvU4TX1
WOuPsif4hieL8uId2sGpfG6dN4TZLVoIHYdejbtCWfK8BVIbRCV4y0TmYydao2w6
KbArTh2K33CZcoO1YBeWmStKVBlMoE1DNARASoJGGaflPhvJAAb1LHpOiUy+QJCE
K2iXDyT2YZOFuf8GOCP0q8DZjzrQs7TETuaP6k0s2eLXIX+GlUc5GbyucZSbQ95o
bT9rvqp/RBtJJAlEbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org