Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/8799A884E27611ED8DDED647C4F9AE02.roa
File:                     8799A884E27611ED8DDED647C4F9AE02.roa (raw, json)
Hash identifier:          LnQ7NJnCcWy+vfOGmeX0HymeS2wf2O3PqgIOP9coyD4=
Subject key identifier:   3C:91:EF:00:31:5F:C7:40:15:FD:5E:E0:7B:86:0E:14:40:02:C2:1E
Certificate issuer:       /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial:       0344
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/8799A884E27611ED8DDED647C4F9AE02.roa
Signing time:             Mon 24 Apr 2023 08:03:43 +0000
ROA not before:           Mon 24 Apr 2023 08:03:43 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     212219
IP address blocks:        103.101.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 836 (0x344)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
        Validity
            Not Before: Apr 24 08:03:43 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=644637df-83ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8b:57:92:fc:28:87:04:12:df:af:ed:45:c2:
                    c8:4a:38:bd:f6:9b:60:64:14:0d:1d:4f:9b:1d:cb:
                    e1:b3:ec:fd:33:f3:c3:fa:55:c2:44:8d:c2:80:c5:
                    6e:6a:02:03:8c:12:0e:e2:36:8a:d1:11:43:fa:24:
                    4d:18:f9:35:34:38:2c:f7:be:8f:f2:35:38:38:50:
                    ea:e6:b7:69:ad:8d:6e:4d:4b:11:80:6b:fd:0c:59:
                    01:18:73:d4:da:32:cf:ea:ad:ce:95:4a:d5:af:18:
                    73:84:14:a9:e1:2b:6b:92:68:49:6a:86:33:41:5d:
                    22:5c:7f:f6:04:9e:c4:6b:2b:cd:53:50:c6:77:80:
                    e1:d2:81:65:b2:67:54:9b:f1:1c:df:6d:35:7c:b0:
                    5e:97:41:bc:5d:3e:03:c7:db:db:46:44:53:a8:fe:
                    99:81:b6:a9:90:86:cf:f4:e4:e0:7a:d2:94:0f:2e:
                    66:63:b1:31:f7:c5:cb:56:4c:b7:6c:12:b6:cc:84:
                    9b:ef:57:ce:09:38:c5:74:cc:9c:06:2b:78:92:82:
                    a7:d1:ca:f5:c9:c6:a4:d3:38:46:18:60:ab:de:1e:
                    34:d3:b3:62:70:7c:ca:1f:ae:41:0f:1e:4d:7a:6e:
                    5e:2b:6b:0c:4d:d1:36:ff:9a:7d:1c:f2:6e:c3:42:
                    c1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:91:EF:00:31:5F:C7:40:15:FD:5E:E0:7B:86:0E:14:40:02:C2:1E
            X509v3 Authority Key Identifier:
                keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/8799A884E27611ED8DDED647C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:ee:de:5e:a8:9c:e6:f3:b3:88:36:f7:a8:ef:3b:a2:ff:73:
         7b:dc:76:c1:1a:4d:5e:c3:51:7d:4b:f5:85:5a:bc:82:f9:86:
         46:06:13:1a:8e:c0:f7:7a:f2:09:56:22:66:f1:58:e0:71:3a:
         8b:37:79:b3:43:72:62:40:ff:16:c7:c4:f1:fd:75:7e:07:50:
         f3:8a:4f:80:c7:e2:e3:c0:20:77:ac:46:a3:2e:eb:65:aa:b3:
         a8:ba:f6:46:1a:95:07:a5:38:2d:40:88:c4:ef:14:c6:fc:4c:
         b6:6b:d4:a6:5b:12:a7:05:08:3a:81:9f:fc:39:f1:91:e9:a8:
         3b:af:c8:b1:68:cf:6a:eb:48:50:3a:60:19:c7:85:f3:ec:d9:
         d8:6d:bc:66:40:4e:46:eb:08:77:6f:78:d9:a1:47:31:36:db:
         91:99:f3:8c:57:61:6f:83:d8:f9:91:fa:08:7e:d8:8e:c4:85:
         ad:c9:ab:e3:3b:cc:e1:ec:3a:fd:49:ff:85:81:1a:d8:aa:6d:
         53:19:f1:69:2e:4c:78:0f:0a:ac:71:aa:e7:66:74:f2:46:c4:
         93:49:07:85:6c:27:eb:e5:ee:80:99:9d:f3:60:c5:a8:f3:be:
         12:46:80:b0:1d:d3:fb:9c:87:76:c5:eb:d4:76:a2:5c:c8:ab:
         9e:83:61:a0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwNDI0MDgwMzQzWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ2MzdkZi04M2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvItXkvwohwQS36/tRcLISji99ptgZBQNHU+bHcvhs+z9M/PD+lXCRI3CgMVu
agIDjBIO4jaK0RFD+iRNGPk1NDgs976P8jU4OFDq5rdprY1uTUsRgGv9DFkBGHPU
2jLP6q3OlUrVrxhzhBSp4StrkmhJaoYzQV0iXH/2BJ7EayvNU1DGd4Dh0oFlsmdU
m/Ec3201fLBel0G8XT4Dx9vbRkRTqP6ZgbapkIbP9OTgetKUDy5mY7Ex98XLVky3
bBK2zISb71fOCTjFdMycBit4koKn0cr1ycak0zhGGGCr3h4007NicHzKH65BDx5N
em5eK2sMTdE2/5p9HPJuw0LBPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDyR7wAx
X8dAFf1e4HuGDhRAAsIeMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvODc5OUE4ODRF
Mjc2MTFFRDhEREVENjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZVcwDQYJKoZIhvcNAQELBQADggEBANbu3l6onObzs4g2
96jvO6L/c3vcdsEaTV7DUX1L9YVavIL5hkYGExqOwPd68glWImbxWOBxOos3ebND
cmJA/xbHxPH9dX4HUPOKT4DH4uPAIHesRqMu62Wqs6i69kYalQelOC1AiMTvFMb8
TLZr1KZbEqcFCDqBn/w58ZHpqDuvyLFoz2rrSFA6YBnHhfPs2dhtvGZATkbrCHdv
eNmhRzE225GZ84xXYW+D2PmR+gh+2I7Eha3Jq+M7zOHsOv1J/4WBGtiqbVMZ8Wku
THgPCqxxqudmdPJGxJNJB4VsJ+vl7oCZnfNgxajzvhJGgLAd0/uch3bF69R2olzI
q56DYaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org