Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/AC311BA6BCA111EC83E0EC3FC4F9AE02.roa
File:                     AC311BA6BCA111EC83E0EC3FC4F9AE02.roa (raw, json)
Hash identifier:          kjJv55//MBMiaAkXHspuMJNLQxe4kHhl7Z43PYN/c68=
Subject key identifier:   D9:6F:12:7F:E7:10:9A:9D:13:BB:C7:94:20:2D:5F:61:A0:9E:55:16
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       03CE
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/AC311BA6BCA111EC83E0EC3FC4F9AE02.roa
Signing time:             Tue 11 Oct 2022 02:32:44 +0000
ROA not before:           Tue 11 Oct 2022 02:32:44 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     141376
IP address blocks:        103.234.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 974 (0x3ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Oct 11 02:32:44 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6344d5cc-4f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:85:45:5e:39:04:6c:a3:f4:fe:86:f1:c7:12:
                    a5:c6:7f:ff:c3:dc:be:02:96:7d:7b:18:e0:09:7f:
                    d9:7d:32:6c:13:18:86:22:bb:2b:ce:37:60:59:fc:
                    7f:a7:1c:ad:a7:dd:90:79:3d:e3:7e:a9:55:fd:f7:
                    3d:9c:fb:91:af:c7:b9:84:9b:21:6f:50:4a:37:65:
                    93:44:ae:f9:ce:0c:ab:8e:8f:9e:d2:cd:e5:93:ef:
                    ca:50:d3:05:e7:ab:4e:9a:dd:ed:ba:d2:06:d3:6e:
                    f5:4f:0c:47:6f:09:66:15:1e:5d:21:9d:42:2e:c7:
                    ff:4f:20:06:2e:35:de:df:da:bc:7a:54:5e:c0:54:
                    c3:ec:c0:f1:8f:a0:28:c2:b1:0d:64:f0:cc:83:1a:
                    ed:bf:88:49:dc:45:5e:9e:0a:2f:a4:b3:28:86:45:
                    26:49:d5:fc:ef:65:66:35:a2:76:02:32:1e:cd:e6:
                    ef:1e:b0:43:77:ff:42:ce:98:cc:7f:48:b0:06:de:
                    e5:97:8c:d0:57:67:23:71:54:c5:ea:b8:0b:67:c9:
                    a9:75:af:03:d7:13:74:d2:7c:ff:da:86:bd:41:de:
                    af:1a:21:29:58:5a:5d:56:c6:8a:68:79:b0:6c:89:
                    78:f2:6e:cf:11:aa:d5:f3:30:9d:17:76:5d:88:1a:
                    23:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:6F:12:7F:E7:10:9A:9D:13:BB:C7:94:20:2D:5F:61:A0:9E:55:16
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/AC311BA6BCA111EC83E0EC3FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.234.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:06:5f:99:c8:20:09:c6:8d:13:80:f2:50:77:75:bb:2d:a8:
         9f:84:b0:9b:d8:0e:e5:ef:2e:1a:a6:3f:28:2f:ef:cf:19:de:
         34:eb:96:41:83:34:fd:ed:21:19:2a:dd:af:dd:d0:e7:ea:d6:
         91:d8:62:8f:41:0a:d8:ff:20:b5:58:e9:28:70:ea:a7:79:3b:
         b3:88:88:aa:16:ad:72:88:ef:6c:cc:7e:2e:1f:c2:27:a3:c5:
         b4:5a:ec:e6:12:40:e3:31:52:aa:4e:1c:f5:73:ca:f9:4e:ba:
         1e:87:28:be:dd:8d:c6:39:d5:8a:91:87:a5:39:45:0c:5a:1e:
         8c:51:91:b6:da:69:38:b8:7e:73:0d:57:df:6c:42:69:53:a0:
         59:3e:a5:9f:58:df:46:e0:b7:ab:cd:68:fa:8c:54:d7:85:6d:
         d6:c3:7d:00:b5:04:e9:57:f0:be:16:f2:4d:0b:28:f6:e7:87:
         5a:55:5b:4e:63:09:1a:8e:cf:f8:a0:99:c6:18:a1:03:4f:fb:
         a6:b5:3e:7a:58:8a:a3:88:92:76:fc:19:7a:12:9a:fa:22:f2:
         21:b0:20:7f:c4:20:d5:35:ed:9b:d9:19:9b:9a:3c:74:4c:95:
         b5:c5:c9:7e:89:54:22:61:dd:90:2c:6f:ad:8d:6b:47:c2:9c:
         96:02:25:c2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjIxMDExMDIzMjQ0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ0ZDVjYy00ZjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn4VFXjkEbKP0/obxxxKlxn//w9y+ApZ9exjgCX/ZfTJsExiGIrsrzjdgWfx/
pxytp92QeT3jfqlV/fc9nPuRr8e5hJshb1BKN2WTRK75zgyrjo+e0s3lk+/KUNMF
56tOmt3tutIG0271TwxHbwlmFR5dIZ1CLsf/TyAGLjXe39q8elRewFTD7MDxj6Ao
wrENZPDMgxrtv4hJ3EVengovpLMohkUmSdX872VmNaJ2AjIezebvHrBDd/9CzpjM
f0iwBt7ll4zQV2cjcVTF6rgLZ8mpda8D1xN00nz/2oa9Qd6vGiEpWFpdVsaKaHmw
bIl48m7PEarV8zCdF3ZdiBoj7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNlvEn/n
EJqdE7vHlCAtX2GgnlUWMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQUMzMTFCQTZC
Q0ExMTFFQzgzRTBFQzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn6jcwDQYJKoZIhvcNAQELBQADggEBAAYGX5nIIAnGjROA
8lB3dbstqJ+EsJvYDuXvLhqmPygv788Z3jTrlkGDNP3tIRkq3a/d0Ofq1pHYYo9B
Ctj/ILVY6Shw6qd5O7OIiKoWrXKI72zMfi4fwiejxbRa7OYSQOMxUqpOHPVzyvlO
uh6HKL7djcY51YqRh6U5RQxaHoxRkbbaaTi4fnMNV99sQmlToFk+pZ9Y30bgt6vN
aPqMVNeFbdbDfQC1BOlX8L4W8k0LKPbnh1pVW05jCRqOz/igmcYYoQNP+6a1PnpY
iqOIknb8GXoSmvoi8iGwIH/EINU17ZvZGZuaPHRMlbXFyX6JVCJh3ZAsb62Na0fC
nJYCJcI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org