Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
File:                     79D4312E657B11EDAE8AE90EC4F9AE02.roa (raw, json)
Hash identifier:          SPwuW0ojFyWqE378gaA4iVrlxVuFMxlEpFAjl6pbX+w=
Subject key identifier:   C5:34:4C:FA:0C:9B:73:E6:71:3A:91:03:8E:35:15:AA:51:67:32:02
Certificate issuer:       /CN=A911D971/serialNumber=764D1CE6727D31BD8F39662E2004C4689DA6B7E5
Certificate serial:       C9
Authority key identifier: 76:4D:1C:E6:72:7D:31:BD:8F:39:66:2E:20:04:C4:68:9D:A6:B7:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
Signing time:             Fri 03 Nov 2023 04:55:01 +0000
ROA not before:           Fri 03 Nov 2023 04:55:01 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     140077
IP address blocks:        103.24.16.0/24 maxlen: 24
                          103.24.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 201 (0xc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911D971/serialNumber=764D1CE6727D31BD8F39662E2004C4689DA6B7E5
        Validity
            Not Before: Nov  3 04:55:01 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=65447d24-c6ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:53:fd:c8:25:65:5e:ff:04:96:60:28:0d:df:
                    59:18:fb:84:e4:2f:95:6c:e3:82:9d:49:1d:e7:55:
                    a4:09:9d:66:72:34:d4:76:98:09:93:2a:11:ea:53:
                    72:4d:6c:bf:76:64:8e:b9:34:6a:4a:33:d5:4c:27:
                    44:28:13:2f:a1:1a:65:bc:2a:c6:30:89:5d:10:55:
                    26:0d:d4:11:aa:81:7e:92:db:b3:86:38:0d:30:f6:
                    2d:b3:0a:31:d3:fb:56:a1:8a:0b:37:38:3c:8e:0a:
                    6b:92:20:c9:9d:4e:52:e4:72:37:d1:b4:72:6e:2e:
                    c2:15:6b:06:a0:6f:50:3f:6f:33:d8:b2:7a:94:ca:
                    74:b2:9f:3c:d9:76:e3:c1:71:4d:d5:0b:ca:57:b8:
                    2c:80:7f:ac:cc:89:81:c5:e0:cd:ca:5b:de:23:cf:
                    3b:56:ec:3a:9d:51:5d:3d:09:dc:70:4d:d7:60:84:
                    6e:74:04:0b:aa:6c:ed:15:0b:62:f2:bf:59:9f:01:
                    61:c4:f6:46:a6:30:34:19:69:c7:a4:7f:c9:af:d2:
                    85:18:d9:6a:d9:fc:48:a7:1c:ff:aa:f2:12:a1:2a:
                    30:7f:5e:da:63:08:57:17:fb:56:3e:92:5f:fe:c9:
                    7a:5c:5d:97:79:45:88:5b:c2:48:61:52:d2:f2:8d:
                    3e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:34:4C:FA:0C:9B:73:E6:71:3A:91:03:8E:35:15:AA:51:67:32:02
            X509v3 Authority Key Identifier:
                keyid:76:4D:1C:E6:72:7D:31:BD:8F:39:66:2E:20:04:C4:68:9D:A6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dk0c5nJ9Mb2POWYuIATEaJ2mt-U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D971/DE25B86856A411EDA8C00C3EC4F9AE02/79D4312E657B11EDAE8AE90EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         44:ce:a0:af:aa:7f:4d:03:a0:2b:54:73:e8:2e:42:61:09:2c:
         05:94:7e:e7:84:78:0d:96:18:87:4e:84:2d:47:42:4c:8c:f6:
         ac:54:ba:c2:a3:5e:36:cb:7e:64:48:bd:57:1a:d4:29:1d:db:
         80:37:31:c1:70:01:90:35:5d:79:68:4b:b4:9c:d9:3c:c1:61:
         8d:a4:81:88:ab:67:85:cb:d1:79:69:07:4f:46:c2:ce:f6:fe:
         60:9d:36:0f:e4:eb:b4:62:2d:3e:cd:95:25:7b:69:f6:2c:74:
         5e:e3:3c:08:14:a7:d7:dc:cb:40:08:d3:06:31:d5:5c:dd:23:
         32:6b:d8:38:1a:78:57:be:9e:4c:bb:c4:98:de:99:e2:ec:bb:
         d5:36:f7:40:0e:47:83:97:d0:63:ed:b9:6d:e9:27:6c:58:3e:
         68:9d:da:f6:b9:2d:49:74:e9:9f:f2:56:4d:fd:9d:e4:d7:41:
         6c:68:bc:34:11:0e:e5:21:79:83:5c:70:4d:5c:b6:27:a1:4f:
         13:21:7b:06:d2:50:86:4e:4c:cc:10:1d:23:11:b9:14:8f:a5:
         41:90:b1:9b:38:47:8c:67:14:9a:54:fd:be:48:a9:c8:5f:0e:
         c1:e0:1e:39:17:b2:7e:1b:34:e1:f4:64:a1:c4:53:af:ac:48:
         4e:64:4d:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ5NzExMTAvBgNVBAUTKDc2NEQxQ0U2NzI3RDMxQkQ4RjM5NjYyRTIwMDRDNDY4
OURBNkI3RTUwHhcNMjMxMTAzMDQ1NTAxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0N2QyNC1jNmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2VP9yCVlXv8ElmAoDd9ZGPuE5C+VbOOCnUkd51WkCZ1mcjTUdpgJkyoR6lNy
TWy/dmSOuTRqSjPVTCdEKBMvoRplvCrGMIldEFUmDdQRqoF+ktuzhjgNMPYtswox
0/tWoYoLNzg8jgprkiDJnU5S5HI30bRybi7CFWsGoG9QP28z2LJ6lMp0sp882Xbj
wXFN1QvKV7gsgH+szImBxeDNylveI887Vuw6nVFdPQnccE3XYIRudAQLqmztFQti
8r9ZnwFhxPZGpjA0GWnHpH/Jr9KFGNlq2fxIpxz/qvISoSowf17aYwhXF/tWPpJf
/sl6XF2XeUWIW8JIYVLS8o0+bwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMU0TPoM
m3PmcTqRA441FapRZzICMB8GA1UdIwQYMBaAFHZNHOZyfTG9jzlmLiAExGidprfl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDk3MS9ERTI1Qjg2ODU2
QTQxMUVEQThDMDBDM0VDNEY5QUUwMi9kazBjNW5KOU1iMlBPV1l1SUFURWFKMm10
LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RrMGM1bko5TWIyUE9XWXVJQVRFYUoybXQtVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ5NzEvREUyNUI4Njg1NkE0MTFFREE4QzAwQzNFQzRGOUFFMDIvNzlENDMxMkU2
NTdCMTFFREFFOEFFOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnGBAwDQYJKoZIhvcNAQELBQADggEBAETOoK+qf00DoCtU
c+guQmEJLAWUfueEeA2WGIdOhC1HQkyM9qxUusKjXjbLfmRIvVca1Ckd24A3McFw
AZA1XXloS7Sc2TzBYY2kgYirZ4XL0XlpB09Gws72/mCdNg/k67RiLT7NlSV7afYs
dF7jPAgUp9fcy0AI0wYx1VzdIzJr2DgaeFe+nky7xJjemeLsu9U290AOR4OX0GPt
uW3pJ2xYPmid2va5LUl06Z/yVk39neTXQWxovDQRDuUheYNccE1ctiehTxMhewbS
UIZOTMwQHSMRuRSPpUGQsZs4R4xnFJpU/b5IqchfDsHgHjkXsn4bNOH0ZKHEU6+s
SE5kTTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org