Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/161BEB260A6D11EEA48F3036C4F9AE02.roa
File:                     161BEB260A6D11EEA48F3036C4F9AE02.roa (raw, json)
Hash identifier:          wojf76mllmv0H/FXsBnscbObP9Rhld78bKD0j7xLLXk=
Subject key identifier:   FA:C5:B2:FD:3C:FB:2A:0E:6C:B8:02:EA:C4:70:1F:26:BA:13:35:F5
Certificate issuer:       /CN=A9123193/serialNumber=0BBCFDE768675B994F2A23114C351412201555B8
Certificate serial:       05AC
Authority key identifier: 0B:BC:FD:E7:68:67:5B:99:4F:2A:23:11:4C:35:14:12:20:15:55:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C7z952hnW5lPKiMRTDUUEiAVVbg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/161BEB260A6D11EEA48F3036C4F9AE02.roa
Signing time:             Wed 14 Jun 2023 04:36:53 +0000
ROA not before:           Wed 14 Jun 2023 04:36:53 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     64098
IP address blocks:        103.159.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1452 (0x5ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123193/serialNumber=0BBCFDE768675B994F2A23114C351412201555B8
        Validity
            Not Before: Jun 14 04:36:53 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=648943e5-6fcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:bf:7b:81:6e:ea:6e:06:f1:a3:a1:ec:fe:d4:
                    29:b5:3d:7a:94:83:f0:60:88:cf:6e:1a:51:8f:56:
                    16:8d:d6:ea:a7:f6:2d:c3:32:14:b4:0f:7c:44:37:
                    b7:59:99:ce:41:04:a4:c9:70:1a:43:9a:8f:85:fe:
                    0a:ae:32:71:0d:60:01:82:cc:a5:ef:ed:f5:e4:09:
                    c3:0c:de:21:65:62:3a:61:4e:9c:9b:26:c6:6b:d7:
                    cc:14:9a:5d:75:cf:35:95:c0:f2:21:f9:ff:f5:49:
                    fb:97:ac:60:c5:9f:9e:ea:68:a6:7d:e2:fc:4a:02:
                    b5:5c:96:88:de:f1:01:9c:b9:54:bc:83:3d:b4:49:
                    08:12:d0:51:d2:5c:36:c4:81:70:1e:76:3b:96:49:
                    19:a4:bf:20:f9:89:8e:d4:7d:a7:f9:91:ef:94:79:
                    aa:cd:4c:2c:40:a6:e9:e7:65:b0:e0:3f:8a:f0:12:
                    5e:5e:38:ec:7f:8e:46:44:44:05:4e:68:dd:e4:04:
                    c9:2d:26:f4:ee:4a:bc:d2:bd:44:85:ab:e3:f0:89:
                    63:96:ef:6b:34:61:71:38:3a:f8:fe:57:9f:43:42:
                    dc:5b:35:7a:06:eb:dd:7d:c2:e3:9f:93:70:37:e2:
                    cc:a2:10:58:eb:c1:93:3c:70:06:c3:df:e6:2a:58:
                    f9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:C5:B2:FD:3C:FB:2A:0E:6C:B8:02:EA:C4:70:1F:26:BA:13:35:F5
            X509v3 Authority Key Identifier:
                keyid:0B:BC:FD:E7:68:67:5B:99:4F:2A:23:11:4C:35:14:12:20:15:55:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/C7z952hnW5lPKiMRTDUUEiAVVbg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C7z952hnW5lPKiMRTDUUEiAVVbg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/161BEB260A6D11EEA48F3036C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:bb:3f:fe:35:fe:0f:97:c1:70:9c:a6:0e:4f:52:77:69:f2:
         24:36:e1:9d:f4:ea:ed:ab:42:a3:3c:b3:7a:d8:34:b6:40:99:
         bb:dc:b2:33:09:22:cf:9d:3c:5d:51:80:b3:d9:b9:1e:a5:a1:
         d9:ad:27:e1:9b:f0:61:c0:ec:09:9e:45:5b:22:d0:98:20:f8:
         57:2c:48:94:59:4f:35:63:34:f6:de:a4:b5:59:ba:a1:75:38:
         84:f3:46:e9:49:55:22:ed:46:1c:2b:f5:c1:ac:61:05:b8:c4:
         a9:0d:18:ef:6d:02:64:98:ab:b4:67:ff:a3:e2:0d:a4:7c:c8:
         12:ed:b6:5a:65:52:61:8e:75:67:63:0d:d7:55:31:72:c8:38:
         b0:7c:be:66:65:ce:a3:e7:e2:17:87:78:66:f7:fa:08:f3:08:
         53:61:71:ef:c5:93:d7:a7:96:5b:6f:ae:ad:d7:67:5e:47:86:
         d3:f9:d5:9f:ac:1b:c1:e7:7a:d9:bf:11:a4:3b:60:37:ef:4b:
         02:31:e4:8d:96:b2:a6:9c:ab:02:db:7d:70:71:d3:b2:78:13:
         fd:d2:f9:b0:a3:96:19:d9:2d:e3:59:9a:fb:c7:22:0f:40:0d:
         2f:44:1c:f4:42:89:b9:7a:eb:c6:9c:c1:72:f1:80:95:72:07:
         2c:82:df:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjMxOTMxMTAvBgNVBAUTKDBCQkNGREU3Njg2NzVCOTk0RjJBMjMxMTRDMzUxNDEy
MjAxNTU1QjgwHhcNMjMwNjE0MDQzNjUzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg5NDNlNS02ZmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu797gW7qbgbxo6Hs/tQptT16lIPwYIjPbhpRj1YWjdbqp/YtwzIUtA98RDe3
WZnOQQSkyXAaQ5qPhf4KrjJxDWABgsyl7+315AnDDN4hZWI6YU6cmybGa9fMFJpd
dc81lcDyIfn/9Un7l6xgxZ+e6mimfeL8SgK1XJaI3vEBnLlUvIM9tEkIEtBR0lw2
xIFwHnY7lkkZpL8g+YmO1H2n+ZHvlHmqzUwsQKbp52Ww4D+K8BJeXjjsf45GREQF
Tmjd5ATJLSb07kq80r1Ehavj8Iljlu9rNGFxODr4/lefQ0LcWzV6BuvdfcLjn5Nw
N+LMohBY68GTPHAGw9/mKlj55wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPrFsv08
+yoObLgC6sRwHya6EzX1MB8GA1UdIwQYMBaAFAu8/edoZ1uZTyojEUw1FBIgFVW4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzE5My9DQThBNEIzQzM5
RDkxMUVCQTc4MUZBNTdDNEY5QUUwMi9DN3o5NTJoblc1bFBLaU1SVERVVUVpQVZW
YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M3ejk1MmhuVzVsUEtpTVJURFVVRWlBVlZiZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjMxOTMvQ0E4QTRCM0MzOUQ5MTFFQkE3ODFGQTU3QzRGOUFFMDIvMTYxQkVCMjYw
QTZEMTFFRUE0OEYzMDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn+0wDQYJKoZIhvcNAQELBQADggEBAIm7P/41/g+XwXCc
pg5PUndp8iQ24Z306u2rQqM8s3rYNLZAmbvcsjMJIs+dPF1RgLPZuR6lodmtJ+Gb
8GHA7AmeRVsi0Jgg+FcsSJRZTzVjNPbepLVZuqF1OITzRulJVSLtRhwr9cGsYQW4
xKkNGO9tAmSYq7Rn/6PiDaR8yBLttlplUmGOdWdjDddVMXLIOLB8vmZlzqPn4heH
eGb3+gjzCFNhce/Fk9enlltvrq3XZ15HhtP51Z+sG8Hnetm/EaQ7YDfvSwIx5I2W
sqacqwLbfXBx07J4E/3S+bCjlhnZLeNZmvvHIg9ADS9EHPRCibl668acwXLxgJVy
ByyC30s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org