Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9121071/2F0F7A4886B611EDAA3B2B33C4F9AE02/78CE7DAA86BB11ED84035A2FC4F9AE02.roa
File:                     78CE7DAA86BB11ED84035A2FC4F9AE02.roa (raw, json)
Hash identifier:          YsABmKa4ZVUFkdCest3dzb3FAJDl69pwQBZ3cg9uUOo=
Subject key identifier:   38:1F:52:13:71:E1:86:A3:53:A0:AD:D9:E5:00:41:DD:66:53:7F:98
Certificate issuer:       /CN=A9121071/serialNumber=94C2F46A32D10775E1649BA250F697FF47AC063D
Certificate serial:       04
Authority key identifier: 94:C2:F4:6A:32:D1:07:75:E1:64:9B:A2:50:F6:97:FF:47:AC:06:3D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lML0ajLRB3XhZJuiUPaX_0esBj0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9121071/2F0F7A4886B611EDAA3B2B33C4F9AE02/78CE7DAA86BB11ED84035A2FC4F9AE02.roa
Signing time:             Wed 28 Dec 2022 20:45:32 +0000
ROA not before:           Wed 28 Dec 2022 20:45:32 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     150697
IP address blocks:        103.59.216.0/23 maxlen: 23
                          103.59.216.0/24 maxlen: 24
                          103.59.217.0/24 maxlen: 24
                          2001:df1:bac0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9121071/serialNumber=94C2F46A32D10775E1649BA250F697FF47AC063D
        Validity
            Not Before: Dec 28 20:45:32 2022 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63acaaec-cd5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:10:13:56:19:d6:ea:7c:59:76:1b:fc:dc:87:
                    bd:b1:21:a0:86:09:d5:4c:47:35:96:d3:74:c9:ce:
                    61:d8:6a:4c:ac:30:33:e9:4b:af:8d:13:f2:a3:cb:
                    db:e3:da:82:9f:81:5b:1e:46:92:74:6b:c2:87:eb:
                    40:26:bf:54:ba:e0:e9:12:40:6a:dc:81:0e:d7:fc:
                    e0:bf:3c:02:bf:66:6f:6d:ac:e3:26:e4:e1:48:77:
                    92:b6:71:67:2b:24:25:a3:c3:78:47:c5:8c:bf:c8:
                    1c:eb:21:99:f2:ed:63:ad:ca:90:2b:c6:88:a1:5d:
                    5a:5a:2c:b0:55:10:a0:f7:e3:e8:75:c2:41:b7:61:
                    1f:19:69:95:88:05:08:36:ca:e3:a2:9d:10:d7:0f:
                    e8:69:44:07:dc:36:1d:bd:0b:a5:9d:ee:38:f8:07:
                    60:4d:53:fc:c1:96:41:2c:95:5b:df:7a:14:2b:69:
                    c9:6b:41:0e:a1:ee:93:93:b9:bd:a1:c0:91:c4:6b:
                    46:9f:1d:17:9e:2d:21:61:7e:01:b4:d5:7c:74:71:
                    51:da:26:5c:b6:ec:c7:a9:6b:d7:78:da:3b:e6:de:
                    14:bb:78:71:bc:50:eb:a9:43:24:25:12:bb:d9:90:
                    b0:37:b1:43:8f:d8:3f:ab:d7:1f:7b:39:1b:b5:cc:
                    20:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:1F:52:13:71:E1:86:A3:53:A0:AD:D9:E5:00:41:DD:66:53:7F:98
            X509v3 Authority Key Identifier:
                keyid:94:C2:F4:6A:32:D1:07:75:E1:64:9B:A2:50:F6:97:FF:47:AC:06:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9121071/2F0F7A4886B611EDAA3B2B33C4F9AE02/lML0ajLRB3XhZJuiUPaX_0esBj0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lML0ajLRB3XhZJuiUPaX_0esBj0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121071/2F0F7A4886B611EDAA3B2B33C4F9AE02/78CE7DAA86BB11ED84035A2FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.59.216.0/23
                IPv6:
                  2001:df1:bac0::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:e7:c1:2d:a1:fc:77:98:43:b5:85:81:cd:c9:e5:f7:95:29:
         04:75:c4:05:79:bd:55:a3:5b:99:09:db:19:a1:a2:b8:fd:10:
         a0:d2:50:4b:a9:b4:5a:95:26:08:f3:73:74:10:40:49:d8:b1:
         ad:cf:5f:73:78:c5:85:49:b7:b0:c9:98:9f:ca:32:cc:d9:df:
         41:7a:e9:14:e2:36:8b:2e:22:18:42:b7:09:26:17:b5:bf:1e:
         62:ee:72:27:81:8d:b7:1f:23:35:50:a1:c0:f3:e6:c8:42:12:
         cc:b6:4a:58:ee:0c:bd:8f:ad:f9:d3:7a:8b:cb:a8:46:47:81:
         fc:ca:c6:30:68:51:b1:e5:cf:00:7b:23:fe:1b:6a:fa:f4:9c:
         f1:2e:e3:79:3f:2f:68:c5:d8:d4:d9:57:1b:17:87:67:0e:23:
         00:4f:58:22:b1:bf:04:7b:63:88:8e:99:a1:cc:8a:ce:88:05:
         72:e3:66:3f:9a:20:1d:a2:29:ac:9e:02:63:41:59:ce:8b:d5:
         b4:41:df:e4:10:e3:09:ff:32:fd:0d:ba:56:5b:9b:22:03:51:
         34:db:68:05:f4:eb:9b:20:a8:29:13:21:01:66:7b:5a:7b:01:
         78:e4:45:11:18:94:14:73:0c:5c:f2:42:2a:85:9a:a6:0c:e1:
         11:5a:ee:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MTA3MTExMC8GA1UEBRMoOTRDMkY0NkEzMkQxMDc3NUUxNjQ5QkEyNTBGNjk3RkY0
N0FDMDYzRDAeFw0yMjEyMjgyMDQ1MzJaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWNhYWVjLWNkNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUEBNWGdbqfFl2G/zch72xIaCGCdVMRzWW03TJzmHYakysMDPpS6+NE/Kjy9vj
2oKfgVseRpJ0a8KH60Amv1S64OkSQGrcgQ7X/OC/PAK/Zm9trOMm5OFId5K2cWcr
JCWjw3hHxYy/yBzrIZny7WOtypArxoihXVpaLLBVEKD34+h1wkG3YR8ZaZWIBQg2
yuOinRDXD+hpRAfcNh29C6Wd7jj4B2BNU/zBlkEslVvfehQraclrQQ6h7pOTub2h
wJHEa0afHReeLSFhfgG01Xx0cVHaJly27Mepa9d42jvm3hS7eHG8UOupQyQlErvZ
kLA3sUOP2D+r1x97ORu1zCAHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUOB9SE3Hh
hqNToK3Z5QBB3WZTf5gwHwYDVR0jBBgwFoAUlML0ajLRB3XhZJuiUPaX/0esBj0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxMDcxLzJGMEY3QTQ4ODZC
NjExRURBQTNCMkIzM0M0RjlBRTAyL2xNTDBhakxSQjNYaFpKdWlVUGFYXzBlc0Jq
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbE1MMGFqTFJCM1hoWkp1aVVQYVhfMGVzQmowLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MTA3MS8yRjBGN0E0ODg2QjYxMUVEQUEzQjJCMzNDNEY5QUUwMi83OENFN0RBQTg2
QkIxMUVEODQwMzVBMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWc72DAPBAIAAjAJAwcAIAEN8brAMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ58Etofx3mEO1hYHNyeX3lSkEdcQFeb1Vo1uZCdsZoaK4/RCg0lBLqbRa
lSYI83N0EEBJ2LGtz19zeMWFSbewyZifyjLM2d9BeukU4jaLLiIYQrcJJhe1vx5i
7nIngY23HyM1UKHA8+bIQhLMtkpY7gy9j63503qLy6hGR4H8ysYwaFGx5c8AeyP+
G2r69JzxLuN5Py9oxdjU2VcbF4dnDiMAT1gisb8Ee2OIjpmhzIrOiAVy42Y/miAd
oimsngJjQVnOi9W0Qd/kEOMJ/zL9DbpWW5siA1E022gF9OubIKgpEyEBZntaewF4
5EURGJQUcwxc8kIqhZqmDOERWu4t
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org