Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/BD66C626BBC711EC92440077C4F9AE02.roa
File:                     BD66C626BBC711EC92440077C4F9AE02.roa (raw, json)
Hash identifier:          OYd7Y5EpwAY4dUPoCG0ogPUj/oixQMsaip/ZYQGNVOI=
Subject key identifier:   07:38:86:74:E3:4E:37:E4:A4:A6:9A:88:15:F5:A7:1A:94:CE:D9:F4
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       0256
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/BD66C626BBC711EC92440077C4F9AE02.roa
Signing time:             Thu 14 Apr 2022 07:51:49 +0000
ROA not before:           Thu 14 Apr 2022 07:51:49 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     64021
IP address blocks:        103.234.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 598 (0x256)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Apr 14 07:51:49 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=6257d295-d8d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5f:c2:ff:98:fa:7a:97:7c:b0:5f:5f:bd:83:
                    28:16:83:6c:3c:9f:6d:98:30:95:e6:62:b4:a5:20:
                    11:44:76:19:11:18:94:04:1a:a3:cb:a6:2c:e3:ec:
                    aa:42:08:2a:0c:3f:13:4e:b0:ed:49:a9:55:97:22:
                    6f:33:95:29:12:89:58:61:aa:a1:db:a2:45:5a:91:
                    dd:ee:64:5d:da:e3:c0:e1:e0:e3:a9:cb:bc:67:a0:
                    7b:68:96:8a:ed:8f:f0:77:00:61:ff:ca:99:9c:c6:
                    1c:a7:04:3c:03:24:68:00:ed:45:80:7d:15:6c:43:
                    0f:54:8d:ef:28:45:2d:52:da:43:52:49:a6:4b:45:
                    39:55:e5:c8:ac:3d:3d:92:bd:7a:53:1e:a9:bd:3e:
                    5b:ea:7b:09:b5:65:e9:cd:31:d3:69:76:8e:a3:f1:
                    db:f5:33:e0:55:3d:4d:aa:f3:fb:6a:6e:78:aa:8d:
                    a1:7f:7d:08:29:cb:1b:40:6f:00:2c:88:5f:88:eb:
                    a2:2a:9f:c5:f8:0e:09:90:27:de:6a:76:b1:f4:4f:
                    33:cb:5c:4a:cf:95:0c:0e:70:25:ab:22:61:02:61:
                    0f:b6:67:6e:bf:be:81:10:92:a5:ff:f9:fe:9a:f0:
                    2d:73:24:88:c6:db:28:75:c2:4c:c0:ff:bd:cd:d8:
                    40:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:38:86:74:E3:4E:37:E4:A4:A6:9A:88:15:F5:A7:1A:94:CE:D9:F4
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/BD66C626BBC711EC92440077C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.234.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:e2:c3:18:2d:a1:fb:57:64:c4:71:8b:4b:b5:16:1f:4e:51:
         10:fc:7e:72:1a:75:df:83:c8:a3:c1:06:b6:4b:29:a1:df:27:
         65:ab:3e:fe:a2:04:5d:9a:9c:07:35:da:88:fb:f8:21:10:6f:
         5a:d1:7d:67:a7:3a:8b:43:b1:76:66:eb:70:3d:b1:68:3c:9b:
         15:e4:88:d6:31:6f:c5:f2:8b:5f:ac:38:55:3a:50:73:0b:f4:
         d1:32:7b:e3:61:b0:08:28:45:ea:3d:ad:f0:0e:ad:b3:b2:f3:
         c1:2d:48:ef:d4:3f:4b:6a:a6:dd:a0:a6:d9:f7:a0:bf:7c:84:
         35:3f:5f:22:df:82:9f:21:be:6a:a1:ac:50:fa:e4:a6:c0:da:
         e3:6a:36:db:66:64:7b:69:fa:0a:64:65:2c:f4:46:1f:50:22:
         50:9c:0b:1a:98:1c:22:b1:56:05:88:ab:09:d0:65:e0:43:05:
         61:1f:df:be:45:6b:ed:46:16:b5:61:df:4f:6c:03:48:42:cc:
         02:a2:f8:f1:f2:08:25:d8:7a:c7:59:f1:cc:6c:bb:a7:f8:cc:
         8b:bc:f3:8c:d3:c8:55:23:4c:89:72:40:0c:ca:8e:cf:fe:34:
         64:2d:cc:b9:5b:39:57:29:d3:3e:e6:b4:14:5f:ee:ae:0c:16:
         2a:5a:d6:8a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjIwNDE0MDc1MTQ5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU3ZDI5NS1kOGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwV/C/5j6epd8sF9fvYMoFoNsPJ9tmDCV5mK0pSARRHYZERiUBBqjy6Ys4+yq
QggqDD8TTrDtSalVlyJvM5UpEolYYaqh26JFWpHd7mRd2uPA4eDjqcu8Z6B7aJaK
7Y/wdwBh/8qZnMYcpwQ8AyRoAO1FgH0VbEMPVI3vKEUtUtpDUkmmS0U5VeXIrD09
kr16Ux6pvT5b6nsJtWXpzTHTaXaOo/Hb9TPgVT1NqvP7am54qo2hf30IKcsbQG8A
LIhfiOuiKp/F+A4JkCfeanax9E8zy1xKz5UMDnAlqyJhAmEPtmduv76BEJKl//n+
mvAtcySIxtsodcJMwP+9zdhAUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAc4hnTj
TjfkpKaaiBX1pxqUztn0MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQkQ2NkM2MjZC
QkM3MTFFQzkyNDQwMDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn6jcwDQYJKoZIhvcNAQELBQADggEBABziwxgtoftXZMRx
i0u1Fh9OURD8fnIadd+DyKPBBrZLKaHfJ2WrPv6iBF2anAc12oj7+CEQb1rRfWen
OotDsXZm63A9sWg8mxXkiNYxb8Xyi1+sOFU6UHML9NEye+NhsAgoReo9rfAOrbOy
88EtSO/UP0tqpt2gptn3oL98hDU/XyLfgp8hvmqhrFD65KbA2uNqNttmZHtp+gpk
ZSz0Rh9QIlCcCxqYHCKxVgWIqwnQZeBDBWEf375Fa+1GFrVh309sA0hCzAKi+PHy
CCXYesdZ8cxsu6f4zIu884zTyFUjTIlyQAzKjs/+NGQtzLlbOVcp0z7mtBRf7q4M
Fipa1oo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org