Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/4D4E109CB51411ECB8632A19C4F9AE02.roa
File:                     4D4E109CB51411ECB8632A19C4F9AE02.roa (raw, json)
Hash identifier:          i8ni58cZVd1RobINieUAgxHOvGLYogrkE7GxiU1CAoo=
Subject key identifier:   7A:E2:31:2A:14:03:07:59:CC:10:50:3D:82:CD:9C:45:E3:9C:43:88
Certificate issuer:       /CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
Certificate serial:       03BD
Authority key identifier: B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/4D4E109CB51411ECB8632A19C4F9AE02.roa
Signing time:             Tue 02 Aug 2022 13:50:24 +0000
ROA not before:           Tue 02 Aug 2022 13:50:24 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     23750
IP address blocks:        103.166.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 957 (0x3bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
        Validity
            Not Before: Aug  2 13:50:24 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=62e92ba0-5a39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:38:bc:18:5d:bc:b3:80:31:d3:4b:a2:f5:19:
                    63:f8:69:7b:67:f3:59:a0:80:8b:bb:d8:ab:7c:ea:
                    e1:51:6b:50:55:82:87:93:b0:c4:8d:4f:83:70:2b:
                    12:b1:fd:d8:7c:62:d8:de:a8:58:73:0f:ff:e3:9c:
                    39:e3:60:4a:c6:27:cd:4e:0c:b7:d7:ee:54:8b:7f:
                    c8:d4:8b:49:0f:76:5e:b8:0e:c8:81:93:9b:19:00:
                    5a:d9:af:08:5f:df:a3:3f:39:59:6d:1e:03:6c:fb:
                    ef:f1:81:f1:19:45:05:d7:94:65:45:8e:1d:5c:2c:
                    d9:f5:df:c8:b5:9d:31:c4:1b:25:04:88:9c:21:c6:
                    52:2f:06:cc:48:a9:4d:0d:f9:bb:6b:8e:a7:6b:27:
                    78:ef:ae:93:8a:fc:26:46:01:76:6b:59:c2:97:f9:
                    bf:de:26:4d:81:83:75:d0:6c:ff:56:f4:3e:ad:eb:
                    49:e4:e5:2b:e2:e1:57:b9:c2:17:52:5b:88:8b:db:
                    d2:eb:8e:92:10:ae:14:ae:31:4c:78:9d:66:66:be:
                    16:58:7a:6b:d8:5b:e1:49:e0:95:c5:78:59:53:e0:
                    c3:09:0f:c6:a4:50:d1:6b:e8:63:1e:cd:4e:9d:dd:
                    61:1c:20:2f:dd:9b:62:fd:90:c3:67:46:67:b2:d4:
                    4c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E2:31:2A:14:03:07:59:CC:10:50:3D:82:CD:9C:45:E3:9C:43:88
            X509v3 Authority Key Identifier:
                keyid:B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/4D4E109CB51411ECB8632A19C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:ca:d1:d4:d2:dd:0a:99:f9:bd:ee:19:ec:be:df:23:0a:a3:
         f0:ee:0d:11:a5:03:1e:ce:30:9a:c9:18:37:30:d6:c9:58:30:
         b8:26:59:fa:2c:1a:26:59:fc:33:41:cb:23:61:51:51:c5:d5:
         03:20:a6:17:a0:33:24:c9:2c:7d:23:01:97:0e:f6:a7:28:a2:
         77:0b:fb:a8:4b:56:0c:09:10:84:e2:26:92:0d:2b:66:c0:06:
         00:94:c9:d9:5c:0d:ff:0b:27:ec:69:ff:23:49:79:d2:08:01:
         9c:62:7d:7f:09:ab:e7:04:e5:24:6f:5d:7e:b4:51:5b:02:b6:
         82:f4:fe:e3:8f:82:c8:f0:48:5c:60:b9:05:63:79:24:01:76:
         95:9b:48:ae:02:48:15:00:8f:e3:0d:d4:8b:01:3e:70:32:0d:
         19:a1:bc:2f:ca:a6:e6:75:4b:e8:de:d2:e6:81:a7:7b:56:5c:
         be:62:0d:2f:04:79:a9:2a:cb:b7:f8:e3:1d:24:4c:06:0f:f8:
         fd:52:34:bd:ef:d2:05:4e:1f:a2:89:47:db:37:ff:13:de:f4:
         ec:2b:91:a9:89:d7:4d:fa:46:f3:7e:29:54:e9:24:9e:e1:0f:
         c5:ac:8f:d9:7a:c4:80:a2:2e:d5:5c:9c:fb:d5:f7:b7:9e:a1:
         db:52:ac:a6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzEwNjcxMTAvBgNVBAUTKEIyQzQ3QzJFM0Q0RkM3RURDOTlBRTIwRTQ2QjE3NEIx
MEEwMzc1RjYwHhcNMjIwODAyMTM1MDI0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU5MmJhMC01YTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoji8GF28s4Ax00ui9Rlj+Gl7Z/NZoICLu9irfOrhUWtQVYKHk7DEjU+DcCsS
sf3YfGLY3qhYcw//45w542BKxifNTgy31+5Ui3/I1ItJD3ZeuA7IgZObGQBa2a8I
X9+jPzlZbR4DbPvv8YHxGUUF15RlRY4dXCzZ9d/ItZ0xxBslBIicIcZSLwbMSKlN
Dfm7a46nayd4766TivwmRgF2a1nCl/m/3iZNgYN10Gz/VvQ+retJ5OUr4uFXucIX
UluIi9vS646SEK4UrjFMeJ1mZr4WWHpr2FvhSeCVxXhZU+DDCQ/GpFDRa+hjHs1O
nd1hHCAv3Zti/ZDDZ0ZnstRM/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHriMSoU
AwdZzBBQPYLNnEXjnEOIMB8GA1UdIwQYMBaAFLLEfC49T8ftyZriDkaxdLEKA3X2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTA2Ny84REQwMEY1NkE2
QUQxMUVCODI3RkMxMUNDNEY5QUUwMi9zc1I4TGoxUHgtM0ptdUlPUnJGMHNRb0Rk
ZlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NzUjhMajFQeC0zSm11SU9SckYwc1FvRGRmWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzEwNjcvOEREMDBGNTZBNkFEMTFFQjgyN0ZDMTFDQzRGOUFFMDIvNEQ0RTEwOUNC
NTE0MTFFQ0I4NjMyQTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpmcwDQYJKoZIhvcNAQELBQADggEBAHXK0dTS3QqZ+b3u
Gey+3yMKo/DuDRGlAx7OMJrJGDcw1slYMLgmWfosGiZZ/DNByyNhUVHF1QMgpheg
MyTJLH0jAZcO9qcooncL+6hLVgwJEITiJpINK2bABgCUydlcDf8LJ+xp/yNJedII
AZxifX8Jq+cE5SRvXX60UVsCtoL0/uOPgsjwSFxguQVjeSQBdpWbSK4CSBUAj+MN
1IsBPnAyDRmhvC/KpuZ1S+je0uaBp3tWXL5iDS8Eeakqy7f44x0kTAYP+P1SNL3v
0gVOH6KJR9s3/xPe9OwrkamJ1036RvN+KVTpJJ7hD8Wsj9l6xICiLtVcnPvV97ee
odtSrKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org