Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/D7EF0FA039DA11EBBDA17458C4F9AE02.roa
File:                     D7EF0FA039DA11EBBDA17458C4F9AE02.roa (raw, json)
Hash identifier:          z/XFbwY2xJPBEnfvmbEqTthx2/ZqNgyN2IW0u6uRwpk=
Subject key identifier:   60:19:08:A0:AC:46:EF:FD:CB:3A:D4:09:20:C7:E5:B9:24:61:26:B5
Certificate issuer:       /CN=A9123193/serialNumber=0BBCFDE768675B994F2A23114C351412201555B8
Certificate serial:       035E
Authority key identifier: 0B:BC:FD:E7:68:67:5B:99:4F:2A:23:11:4C:35:14:12:20:15:55:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C7z952hnW5lPKiMRTDUUEiAVVbg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/D7EF0FA039DA11EBBDA17458C4F9AE02.roa
Signing time:             Tue 15 Feb 2022 13:10:33 +0000
ROA not before:           Tue 15 Feb 2022 13:10:33 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     141457
IP address blocks:        103.159.236.0/23 maxlen: 23
                          2406:ddc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 862 (0x35e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123193/serialNumber=0BBCFDE768675B994F2A23114C351412201555B8
        Validity
            Not Before: Feb 15 13:10:33 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=620ba649-19e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d0:c4:e3:e0:b3:52:8a:7c:e3:f4:0f:fc:3c:
                    d6:b2:d6:df:bd:a8:30:33:ed:ae:11:de:38:8d:ac:
                    a1:bc:4c:8a:d2:49:6d:aa:43:77:74:bd:6d:07:0a:
                    23:df:08:82:c0:26:9a:8b:45:bd:14:53:4a:e1:72:
                    72:c2:2b:63:f1:bf:50:69:2a:c5:91:19:6e:cd:9f:
                    f6:bb:1e:cb:ed:3e:f3:aa:75:42:51:51:71:5e:70:
                    6e:10:e7:95:8a:c7:53:f6:7c:6d:5c:1f:8c:d6:9a:
                    39:24:d2:e7:75:dc:41:6f:a1:47:ab:19:b6:cc:94:
                    b2:59:83:62:fd:8f:82:e1:0e:48:f7:f2:45:2f:56:
                    9a:52:eb:bb:e9:33:57:de:52:31:99:8c:83:98:99:
                    f9:2f:e1:99:fc:f8:04:36:79:05:2d:3a:cf:9d:47:
                    c8:43:d1:6b:fe:ce:d0:4b:11:95:aa:f4:ee:a8:06:
                    20:ab:c6:dc:b3:d1:23:77:0b:07:25:07:50:b5:a8:
                    a8:ec:b1:ff:68:82:ca:d7:08:a0:4a:7a:59:7c:11:
                    38:87:7b:e0:e2:dc:59:2a:a2:3f:b5:b2:cb:55:74:
                    64:67:f2:4c:c1:58:24:95:19:e7:e3:fb:7d:94:58:
                    d0:93:de:3e:69:1f:a9:da:6f:0b:46:70:94:72:5d:
                    03:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:19:08:A0:AC:46:EF:FD:CB:3A:D4:09:20:C7:E5:B9:24:61:26:B5
            X509v3 Authority Key Identifier:
                keyid:0B:BC:FD:E7:68:67:5B:99:4F:2A:23:11:4C:35:14:12:20:15:55:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/C7z952hnW5lPKiMRTDUUEiAVVbg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C7z952hnW5lPKiMRTDUUEiAVVbg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123193/CA8A4B3C39D911EBA781FA57C4F9AE02/D7EF0FA039DA11EBBDA17458C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.236.0/23
                IPv6:
                  2406:ddc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:5c:13:b5:b6:90:e9:97:f1:5b:fa:6b:36:7e:0d:93:ea:a7:
         31:b4:97:18:c2:7e:aa:73:bb:79:fc:4c:25:c1:d1:49:68:5e:
         4a:fc:03:52:49:27:fe:3b:cd:c4:e2:71:2b:3b:e0:bd:2d:c8:
         e0:0f:b0:c1:9d:7b:0a:9c:ee:7d:fa:a6:d6:a5:f9:a7:60:25:
         51:90:ae:69:14:40:36:01:a4:e2:fb:3d:41:5b:9c:21:5b:82:
         b1:85:44:03:bb:86:5e:15:d0:49:33:5d:8c:a3:a0:6d:e1:f7:
         31:b8:50:ea:32:2f:5e:f1:d4:a6:b6:68:18:10:64:46:86:dc:
         07:f8:32:14:56:ae:9c:f2:a7:36:ef:b6:00:ad:4c:8d:a5:02:
         be:c1:a4:8c:9c:c9:ec:6c:87:ac:73:8d:96:83:41:1d:52:9f:
         51:2d:0a:cb:04:c0:4d:22:e6:8c:5e:36:ee:90:9e:14:3e:b1:
         a1:1e:7e:ea:e0:95:33:cc:4d:01:b2:27:3d:fe:3a:b4:b6:a0:
         3c:0e:a6:4f:1a:65:71:0e:91:cf:29:29:1b:78:8b:ce:ef:89:
         f3:d0:aa:bd:e0:67:63:ac:14:3a:5b:18:61:97:68:4b:3d:25:
         00:83:0a:21:d5:db:d8:47:9a:21:05:d4:1d:a9:59:7c:81:58:
         b7:c1:f4:b8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjMxOTMxMTAvBgNVBAUTKDBCQkNGREU3Njg2NzVCOTk0RjJBMjMxMTRDMzUxNDEy
MjAxNTU1QjgwHhcNMjIwMjE1MTMxMDMzWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBiYTY0OS0xOWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1NDE4+CzUop84/QP/DzWstbfvagwM+2uEd44jayhvEyK0kltqkN3dL1tBwoj
3wiCwCaai0W9FFNK4XJywitj8b9QaSrFkRluzZ/2ux7L7T7zqnVCUVFxXnBuEOeV
isdT9nxtXB+M1po5JNLnddxBb6FHqxm2zJSyWYNi/Y+C4Q5I9/JFL1aaUuu76TNX
3lIxmYyDmJn5L+GZ/PgENnkFLTrPnUfIQ9Fr/s7QSxGVqvTuqAYgq8bcs9EjdwsH
JQdQtaio7LH/aILK1wigSnpZfBE4h3vg4txZKqI/tbLLVXRkZ/JMwVgklRnn4/t9
lFjQk94+aR+p2m8LRnCUcl0DAQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGAZCKCs
Ru/9yzrUCSDH5bkkYSa1MB8GA1UdIwQYMBaAFAu8/edoZ1uZTyojEUw1FBIgFVW4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzE5My9DQThBNEIzQzM5
RDkxMUVCQTc4MUZBNTdDNEY5QUUwMi9DN3o5NTJoblc1bFBLaU1SVERVVUVpQVZW
YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0M3ejk1MmhuVzVsUEtpTVJURFVVRWlBVlZiZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjMxOTMvQ0E4QTRCM0MzOUQ5MTFFQkE3ODFGQTU3QzRGOUFFMDIvRDdFRjBGQTAz
OURBMTFFQkJEQTE3NDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnn+wwDQQCAAIwBwMFACQG3cAwDQYJKoZIhvcNAQELBQAD
ggEBAHVcE7W2kOmX8Vv6azZ+DZPqpzG0lxjCfqpzu3n8TCXB0UloXkr8A1JJJ/47
zcTicSs74L0tyOAPsMGdewqc7n36ptal+adgJVGQrmkUQDYBpOL7PUFbnCFbgrGF
RAO7hl4V0EkzXYyjoG3h9zG4UOoyL17x1Ka2aBgQZEaG3Af4MhRWrpzypzbvtgCt
TI2lAr7BpIycyexsh6xzjZaDQR1Sn1EtCssEwE0i5oxeNu6QnhQ+saEefurglTPM
TQGyJz3+OrS2oDwOpk8aZXEOkc8pKRt4i87vifPQqr3gZ2OsFDpbGGGXaEs9JQCD
CiHV29hHmiEF1B2pWXyBWLfB9Lg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org