Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913258C/B4C45FE0548D11EA86C9DD7EC4F9AE02/BD58E3F8E16A11ECB2629D1AC4F9AE02.roa
File:                     BD58E3F8E16A11ECB2629D1AC4F9AE02.roa (raw, json)
Hash identifier:          cX3KNk5KAjholdRF9iA56fiFRrGeGZuMn0Dak3X7qdY=
Subject key identifier:   BB:0C:0E:57:BF:E8:96:4D:C3:88:BB:09:0B:85:D7:4B:C0:60:84:38
Certificate issuer:       /CN=A913258C/serialNumber=A68CFA311EBB1F10320EA207753030E7F3A28F72
Certificate serial:       07CC
Authority key identifier: A6:8C:FA:31:1E:BB:1F:10:32:0E:A2:07:75:30:30:E7:F3:A2:8F:72
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poz6MR67HxAyDqIHdTAw5_Oij3I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913258C/B4C45FE0548D11EA86C9DD7EC4F9AE02/BD58E3F8E16A11ECB2629D1AC4F9AE02.roa
Signing time:             Wed 01 Jun 2022 05:21:50 +0000
ROA not before:           Wed 01 Jun 2022 05:21:50 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     134578
IP address blocks:        103.148.150.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1996 (0x7cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913258C/serialNumber=A68CFA311EBB1F10320EA207753030E7F3A28F72
        Validity
            Not Before: Jun  1 05:21:50 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=6296f76e-6801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:5f:0b:58:f2:b4:4a:99:96:0e:77:2a:07:
                    ce:52:ff:aa:40:74:fd:b5:26:9c:7a:aa:9d:fa:e9:
                    e3:e7:67:27:ee:82:f4:cb:98:95:55:b0:cc:e6:e6:
                    fe:be:ef:8e:59:dc:3b:b9:63:f0:d1:05:24:52:a6:
                    7b:ef:1b:b8:02:22:9c:3f:1c:fe:eb:96:d4:25:39:
                    93:1f:74:eb:8b:be:57:b6:c8:35:fa:3f:7c:c6:cb:
                    3d:87:87:53:7b:b4:2d:75:41:d9:86:79:b1:94:a1:
                    dc:90:b6:64:19:81:6a:92:89:0a:b0:54:30:d6:5f:
                    07:32:05:8f:27:e2:bb:8f:53:12:ee:29:87:71:d7:
                    fd:c1:6c:fc:e9:94:25:b6:5d:a6:e0:09:24:79:ab:
                    a2:a9:6e:af:1b:1e:f9:84:5e:85:ca:6b:88:fd:33:
                    70:23:54:24:ba:88:18:0d:00:92:47:0d:11:8f:21:
                    6a:4f:5b:37:54:6f:ba:0d:af:47:b5:f3:f2:ca:50:
                    48:e8:d3:4c:d7:ed:cf:56:fb:1d:79:f6:9c:bd:57:
                    be:97:3b:35:cd:cf:fb:66:60:a8:41:7f:b9:54:9e:
                    8d:69:a0:11:a2:fd:29:18:c8:ad:24:83:20:a6:28:
                    f0:d5:17:95:c6:ed:81:a1:38:fd:a3:b1:5c:d2:97:
                    fd:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0C:0E:57:BF:E8:96:4D:C3:88:BB:09:0B:85:D7:4B:C0:60:84:38
            X509v3 Authority Key Identifier:
                keyid:A6:8C:FA:31:1E:BB:1F:10:32:0E:A2:07:75:30:30:E7:F3:A2:8F:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913258C/B4C45FE0548D11EA86C9DD7EC4F9AE02/poz6MR67HxAyDqIHdTAw5_Oij3I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poz6MR67HxAyDqIHdTAw5_Oij3I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913258C/B4C45FE0548D11EA86C9DD7EC4F9AE02/BD58E3F8E16A11ECB2629D1AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:bc:81:b7:bc:81:7d:78:7d:b7:a9:05:e9:b8:43:ca:01:8a:
         4a:3c:43:86:bb:e3:d1:37:62:89:67:86:8e:a1:99:ab:37:b2:
         3a:f8:95:b4:42:99:e1:dd:ed:dc:d3:44:e5:ce:ca:85:cf:1e:
         67:47:38:fc:02:24:04:29:a8:8d:28:e0:1c:83:8f:43:96:f9:
         f4:29:fd:6c:23:06:fe:6b:a1:7a:a2:6d:c8:a5:4e:b4:38:ff:
         9b:c5:b3:d1:f2:50:ae:3d:c0:d7:35:1b:34:94:10:5c:d9:48:
         4d:e0:6c:2a:bd:49:9e:81:2b:32:7c:65:2b:ef:3f:13:fa:17:
         ef:71:f2:a4:3c:6e:49:03:d2:5f:0a:03:3a:9a:2e:7a:cb:ee:
         d4:35:88:12:0d:2e:1c:a2:d9:dc:ca:e3:1a:77:96:90:0f:31:
         23:66:8b:03:54:3d:04:0f:c8:6c:55:ea:30:47:8d:82:45:1b:
         95:a9:22:75:1c:d2:e1:2e:2b:37:40:fd:15:72:81:b3:e4:46:
         20:42:ae:2c:90:07:52:bd:33:14:59:01:ed:dd:18:45:f3:f6:
         71:c2:23:fc:8a:4a:ce:fd:cd:39:ec:cc:79:c5:79:e9:d4:c3:
         df:15:b1:9d:77:28:77:62:c5:d1:00:87:4f:a5:72:10:07:bf:
         ea:a2:2f:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI1OEMxMTAvBgNVBAUTKEE2OENGQTMxMUVCQjFGMTAzMjBFQTIwNzc1MzAzMEU3
RjNBMjhGNzIwHhcNMjIwNjAxMDUyMTUwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk2Zjc2ZS02ODAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxI1fC1jytEqZlg53KgfOUv+qQHT9tSaceqqd+unj52cn7oL0y5iVVbDM5ub+
vu+OWdw7uWPw0QUkUqZ77xu4AiKcPxz+65bUJTmTH3Tri75Xtsg1+j98xss9h4dT
e7QtdUHZhnmxlKHckLZkGYFqkokKsFQw1l8HMgWPJ+K7j1MS7imHcdf9wWz86ZQl
tl2m4AkkeauiqW6vGx75hF6FymuI/TNwI1QkuogYDQCSRw0RjyFqT1s3VG+6Da9H
tfPyylBI6NNM1+3PVvsdefacvVe+lzs1zc/7ZmCoQX+5VJ6NaaARov0pGMitJIMg
pijw1ReVxu2BoTj9o7Fc0pf9MwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLsMDle/
6JZNw4i7CQuF10vAYIQ4MB8GA1UdIwQYMBaAFKaM+jEeux8QMg6iB3UwMOfzoo9y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjU4Qy9CNEM0NUZFMDU0
OEQxMUVBODZDOUREN0VDNEY5QUUwMi9wb3o2TVI2N0h4QXlEcUlIZFRBdzVfT2lq
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvejZNUjY3SHhBeURxSUhkVEF3NV9PaWozSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI1OEMvQjRDNDVGRTA1NDhEMTFFQTg2QzlERDdFQzRGOUFFMDIvQkQ1OEUzRjhF
MTZBMTFFQ0IyNjI5RDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlJYwDQYJKoZIhvcNAQELBQADggEBAEu8gbe8gX14fbep
Bem4Q8oBiko8Q4a749E3Yolnho6hmas3sjr4lbRCmeHd7dzTROXOyoXPHmdHOPwC
JAQpqI0o4ByDj0OW+fQp/WwjBv5roXqibcilTrQ4/5vFs9HyUK49wNc1GzSUEFzZ
SE3gbCq9SZ6BKzJ8ZSvvPxP6F+9x8qQ8bkkD0l8KAzqaLnrL7tQ1iBINLhyi2dzK
4xp3lpAPMSNmiwNUPQQPyGxV6jBHjYJFG5WpInUc0uEuKzdA/RVygbPkRiBCriyQ
B1K9MxRZAe3dGEXz9nHCI/yKSs79zTnszHnFeenUw98VsZ13KHdixdEAh0+lchAH
v+qiL7k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org