Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/F8C09442FAD511EDBF5E232DC4F9AE02.roa
File:                     F8C09442FAD511EDBF5E232DC4F9AE02.roa (raw, json)
Hash identifier:          2j/4vvuMhvgcseg6wghw7t5QWn9t+BsopkPRuNUtSvk=
Subject key identifier:   03:E1:BC:C8:69:95:51:66:4C:BE:8D:A8:4F:08:44:B9:E9:FC:8E:33
Certificate issuer:       /CN=A9126259/serialNumber=9752DD1A15F5EC61D97691CB5ECCEBECBD3A6137
Certificate serial:       0606
Authority key identifier: 97:52:DD:1A:15:F5:EC:61:D9:76:91:CB:5E:CC:EB:EC:BD:3A:61:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1LdGhX17GHZdpHLXszr7L06YTc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/F8C09442FAD511EDBF5E232DC4F9AE02.roa
Signing time:             Thu 25 May 2023 08:27:23 +0000
ROA not before:           Thu 25 May 2023 08:27:23 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     56081
IP address blocks:        103.204.28.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1542 (0x606)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9126259/serialNumber=9752DD1A15F5EC61D97691CB5ECCEBECBD3A6137
        Validity
            Not Before: May 25 08:27:23 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=646f1beb-3ee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:69:9f:61:77:6b:eb:94:68:77:23:e6:23:b4:
                    c9:8f:5d:1d:cd:fb:8a:24:71:09:3b:2e:ce:3e:b6:
                    ca:d7:0b:7c:d6:55:05:19:31:8f:3f:53:ae:bc:34:
                    05:5b:be:db:a3:0a:f6:25:03:c1:3d:2a:3c:51:50:
                    c6:ca:d8:d5:55:41:2b:7a:54:10:48:fe:4a:ec:10:
                    6c:69:d5:98:eb:1d:ff:5c:5c:18:16:53:50:80:bd:
                    c9:29:fb:30:b9:71:5e:5c:e2:a9:84:b3:4f:e6:bf:
                    35:e9:e3:3d:d8:6f:63:9d:4e:29:f9:68:d9:5e:d5:
                    78:fa:14:05:b5:4f:4d:96:ee:13:c8:80:6d:52:ba:
                    50:4e:6a:42:7f:a6:9d:c2:55:da:de:53:4a:6e:c5:
                    fd:e1:47:d9:e2:e2:df:04:d9:7a:93:e9:e5:e6:8f:
                    0c:73:1f:2c:3a:99:b6:00:f9:3e:13:18:d7:6d:4d:
                    86:0d:df:a7:f6:24:9e:32:99:da:13:dd:d3:22:32:
                    d7:4c:93:38:7e:e6:04:0a:9c:e8:c0:63:d8:c4:5c:
                    16:bf:da:dc:8a:2c:28:cc:0d:14:c8:29:6d:6e:fc:
                    01:84:87:70:37:12:b4:e3:00:10:ae:b3:39:71:30:
                    b3:b1:13:25:3c:0d:3d:76:36:b9:14:19:fe:0d:ed:
                    44:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:E1:BC:C8:69:95:51:66:4C:BE:8D:A8:4F:08:44:B9:E9:FC:8E:33
            X509v3 Authority Key Identifier:
                keyid:97:52:DD:1A:15:F5:EC:61:D9:76:91:CB:5E:CC:EB:EC:BD:3A:61:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/l1LdGhX17GHZdpHLXszr7L06YTc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1LdGhX17GHZdpHLXszr7L06YTc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/F8C09442FAD511EDBF5E232DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.204.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:13:42:0a:7a:81:9f:1a:6a:3e:76:4e:d1:9d:dc:90:ed:e3:
         dc:01:1a:ec:29:ae:67:d1:c4:88:76:cb:4d:57:1b:76:52:1f:
         3d:eb:f4:1e:c4:56:0c:65:47:c2:71:db:3a:9e:16:c6:0b:e4:
         0f:6f:13:ee:05:a6:81:3e:0f:d6:f8:0c:6f:f2:d7:4b:da:ed:
         73:fe:c6:f9:ac:05:c9:0e:ff:68:9a:8f:1f:8f:48:04:36:f2:
         0e:9c:43:39:87:84:c6:d8:8d:78:f2:44:41:be:ac:18:6a:09:
         49:f3:72:a8:a3:bf:14:cf:b3:c7:b4:22:a1:46:19:d3:01:79:
         bd:36:72:d8:8f:f4:1d:c3:53:53:96:89:94:9c:f5:a6:7c:98:
         23:5e:20:18:2e:c9:31:8a:c3:74:03:10:6e:e6:a6:b4:93:54:
         d8:71:f0:08:58:36:2e:8a:1a:52:9e:ad:65:87:d5:e1:ef:18:
         02:5e:3d:f5:57:ec:a0:b4:5b:96:8d:91:42:58:ce:69:a9:96:
         a0:18:97:71:bf:33:13:03:06:f9:37:fd:40:c8:94:a7:e4:2d:
         08:bc:e5:f3:e0:a3:23:00:08:6c:be:87:51:21:1b:32:b1:ce:
         0b:45:f0:f0:a8:c6:af:4d:53:87:42:85:0e:81:ec:14:d3:90:
         de:a9:89:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyNTkxMTAvBgNVBAUTKDk3NTJERDFBMTVGNUVDNjFEOTc2OTFDQjVFQ0NFQkVD
QkQzQTYxMzcwHhcNMjMwNTI1MDgyNzIzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZmMWJlYi0zZWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2mfYXdr65RodyPmI7TJj10dzfuKJHEJOy7OPrbK1wt81lUFGTGPP1OuvDQF
W77bowr2JQPBPSo8UVDGytjVVUErelQQSP5K7BBsadWY6x3/XFwYFlNQgL3JKfsw
uXFeXOKphLNP5r816eM92G9jnU4p+WjZXtV4+hQFtU9Nlu4TyIBtUrpQTmpCf6ad
wlXa3lNKbsX94UfZ4uLfBNl6k+nl5o8Mcx8sOpm2APk+ExjXbU2GDd+n9iSeMpna
E93TIjLXTJM4fuYECpzowGPYxFwWv9rciiwozA0UyCltbvwBhIdwNxK04wAQrrM5
cTCzsRMlPA09dja5FBn+De1EtQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAPhvMhp
lVFmTL6NqE8IRLnp/I4zMB8GA1UdIwQYMBaAFJdS3RoV9exh2XaRy17M6+y9OmE3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjI1OS82OTEyOEM0QTE1
QzQxMUVCQTMyNkRENjlDNEY5QUUwMi9sMUxkR2hYMTdHSFpkcEhMWHN6cjdMMDZZ
VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2wxTGRHaFgxN0dIWmRwSExYc3pyN0wwNllUYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyNTkvNjkxMjhDNEExNUM0MTFFQkEzMjZERDY5QzRGOUFFMDIvRjhDMDk0NDJG
QUQ1MTFFREJGNUUyMzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnzBwwDQYJKoZIhvcNAQELBQADggEBAEETQgp6gZ8aaj52
TtGd3JDt49wBGuwprmfRxIh2y01XG3ZSHz3r9B7EVgxlR8Jx2zqeFsYL5A9vE+4F
poE+D9b4DG/y10va7XP+xvmsBckO/2iajx+PSAQ28g6cQzmHhMbYjXjyREG+rBhq
CUnzcqijvxTPs8e0IqFGGdMBeb02ctiP9B3DU1OWiZSc9aZ8mCNeIBguyTGKw3QD
EG7mprSTVNhx8AhYNi6KGlKerWWH1eHvGAJePfVX7KC0W5aNkUJYzmmplqAYl3G/
MxMDBvk3/UDIlKfkLQi85fPgoyMACGy+h1EhGzKxzgtF8PCoxq9NU4dChQ6B7BTT
kN6piZg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org