Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B90D4D2657C711EBADDE5750C4F9AE02.roa
File:                     B90D4D2657C711EBADDE5750C4F9AE02.roa (raw, json)
Hash identifier:          aeU9OdwJ96VWXpWB07c5UzSHcqHVpzrHSgk4aEIdcyU=
Subject key identifier:   21:A7:B6:A0:89:54:79:CF:D0:E3:2A:7C:FB:55:F2:61:05:49:3F:49
Certificate issuer:       /CN=A913345B/serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
Certificate serial:       06AD
Authority key identifier: 84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B90D4D2657C711EBADDE5750C4F9AE02.roa
Signing time:             Tue 08 Feb 2022 09:47:11 +0000
ROA not before:           Tue 08 Feb 2022 09:47:11 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     206150
IP address blocks:        103.149.40.0/23 maxlen: 24
                          2001:df3:f80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1709 (0x6ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913345B/serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
        Validity
            Not Before: Feb  8 09:47:11 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=62023c1f-5d1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d4:4f:44:b5:84:c6:c8:cd:a9:7a:89:fe:55:
                    4d:08:04:ec:b8:b0:ed:3a:49:23:6e:d2:92:50:2d:
                    20:91:fe:6d:2f:d7:ad:bc:00:91:30:d7:71:54:5c:
                    43:16:79:71:db:19:51:ca:4e:3a:15:0d:e3:1f:f7:
                    9c:28:d8:1a:f8:d9:9b:58:44:15:cc:e5:e7:90:0f:
                    b1:85:a2:bf:62:c5:7a:64:bd:f8:85:25:0c:8f:66:
                    49:31:cc:dc:f7:4e:e9:08:29:2d:c8:bf:be:23:cc:
                    6c:e7:d8:6f:00:ec:cd:53:1e:05:1a:2a:bc:8f:ca:
                    60:05:30:9b:64:b2:29:f0:93:bd:9d:92:f0:20:ba:
                    a1:fb:d3:14:5b:c8:b4:f6:86:3b:4e:b9:bc:fd:7b:
                    11:96:45:33:42:1f:b5:d1:81:30:c4:df:e3:b5:ce:
                    bb:bb:13:c3:50:08:25:55:f9:ba:9f:82:3e:62:97:
                    ab:a5:bc:a2:08:0c:c8:3f:11:6c:fd:50:22:a8:42:
                    dc:f8:da:4e:d6:bd:71:89:90:ad:8b:33:8b:0e:e6:
                    e4:12:1a:b8:cb:e1:14:f6:8e:48:8d:13:d7:fb:15:
                    54:10:a9:15:2b:50:68:4d:ca:54:bc:77:70:05:1e:
                    10:87:44:f5:af:ea:7b:db:7b:ac:c1:b5:b6:c1:9e:
                    7e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A7:B6:A0:89:54:79:CF:D0:E3:2A:7C:FB:55:F2:61:05:49:3F:49
            X509v3 Authority Key Identifier:
                keyid:84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B90D4D2657C711EBADDE5750C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.149.40.0/23
                IPv6:
                  2001:df3:f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         c4:fc:41:50:8b:cc:db:b3:ff:d8:44:1c:ed:0d:73:7e:11:91:
         b4:89:36:90:70:18:1c:1a:2e:75:0e:2c:f2:c7:a4:40:31:a5:
         6d:24:9f:76:1a:f6:9f:9d:7e:fc:99:1a:db:53:1e:cf:44:13:
         40:bd:0b:59:3b:58:dd:df:f4:42:28:6a:b2:e5:33:a2:b4:ef:
         d2:50:52:ed:92:a1:88:27:99:0d:ce:54:a1:c0:21:b3:f1:0a:
         d2:46:75:4a:8c:d3:cf:6d:54:da:4e:78:e1:97:3f:aa:41:ee:
         db:a7:5b:6c:99:83:a2:a1:70:5b:bc:85:86:26:90:c0:f8:55:
         73:8d:c6:08:65:43:98:58:79:dc:e3:72:01:ae:33:c7:82:c3:
         30:13:08:7f:93:d1:9c:5a:8a:98:02:6f:19:03:98:f7:9b:df:
         e3:ed:29:2f:f1:88:13:6b:88:88:e1:8b:0e:d5:96:e4:17:66:
         97:8e:41:95:ed:b9:31:53:b1:b5:d5:93:0d:f8:03:3b:4f:97:
         8a:65:88:49:89:c4:c0:89:e1:7e:e4:1b:02:ea:a7:29:cb:17:
         6f:5c:0e:d1:6f:67:c7:f6:ea:24:3e:3a:3f:f7:6f:ce:71:65:
         38:55:3c:f2:d4:e2:1c:41:ae:d1:64:da:78:5a:a0:f2:77:cb:
         dd:9c:13:98
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM0NUIxMTAvBgNVBAUTKDg0NkFDODQ3REFDNkIwNDIwOUM3MkFDRjQ2NEVCRUVB
MTY1MjIwNTIwHhcNMjIwMjA4MDk0NzExWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAyM2MxZi01ZDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArdRPRLWExsjNqXqJ/lVNCATsuLDtOkkjbtKSUC0gkf5tL9etvACRMNdxVFxD
Fnlx2xlRyk46FQ3jH/ecKNga+NmbWEQVzOXnkA+xhaK/YsV6ZL34hSUMj2ZJMczc
907pCCktyL++I8xs59hvAOzNUx4FGiq8j8pgBTCbZLIp8JO9nZLwILqh+9MUW8i0
9oY7Trm8/XsRlkUzQh+10YEwxN/jtc67uxPDUAglVfm6n4I+YperpbyiCAzIPxFs
/VAiqELc+NpO1r1xiZCtizOLDubkEhq4y+EU9o5IjRPX+xVUEKkVK1BoTcpUvHdw
BR4Qh0T1r+p723uswbW2wZ5+HQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCGntqCJ
VHnP0OMqfPtV8mEFST9JMB8GA1UdIwQYMBaAFIRqyEfaxrBCCccqz0ZOvuoWUiBS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ1Qi8yOEQ4MkM4MjVG
NkUxMUVBOTI0QjlCODBDNEY5QUUwMi9oR3JJUjlyR3NFSUp4eXJQUms2LTZoWlNJ
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hHcklSOXJHc0VJSnh5clBSazYtNmhaU0lGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM0NUIvMjhEODJDODI1RjZFMTFFQTkyNEI5QjgwQzRGOUFFMDIvQjkwRDREMjY1
N0M3MTFFQkFEREU1NzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlSgwDwQCAAIwCQMHACABDfMPgDANBgkqhkiG9w0BAQsF
AAOCAQEAxPxBUIvM27P/2EQc7Q1zfhGRtIk2kHAYHBoudQ4s8sekQDGlbSSfdhr2
n51+/Jka21Mez0QTQL0LWTtY3d/0QihqsuUzorTv0lBS7ZKhiCeZDc5UocAhs/EK
0kZ1SozTz21U2k544Zc/qkHu26dbbJmDoqFwW7yFhiaQwPhVc43GCGVDmFh53ONy
Aa4zx4LDMBMIf5PRnFqKmAJvGQOY95vf4+0pL/GIE2uIiOGLDtWW5Bdml45Ble25
MVOxtdWTDfgDO0+XimWISYnEwInhfuQbAuqnKcsXb1wO0W9nx/bqJD46P/dvznFl
OFU88tTiHEGu0WTaeFqg8nfL3ZwTmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org