Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
File:                     3266B17E04DF11ED8F71CB2BC4F9AE02.roa (raw, json)
Hash identifier:          8NLl5lZdTfBf2oM2njIv2P5FSheRgIPtHPQqrXu6FaU=
Subject key identifier:   6D:8D:05:3C:1E:26:C8:DC:F9:5B:BB:95:91:D0:7B:6C:CF:26:44:26
Certificate issuer:       /CN=A9136592/serialNumber=8ECF9FAE43F7D1CD6E1202834C0F41ACC1BE1C38
Certificate serial:       18
Authority key identifier: 8E:CF:9F:AE:43:F7:D1:CD:6E:12:02:83:4C:0F:41:AC:C1:BE:1C:38
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/js-frkP30c1uEgKDTA9BrMG-HDg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
Signing time:             Mon 18 Jul 2022 07:54:31 +0000
ROA not before:           Mon 18 Jul 2022 07:54:31 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     133542
IP address blocks:        103.190.228.0/23 maxlen: 23
                          103.190.228.0/24 maxlen: 24
                          103.190.229.0/24 maxlen: 24
                          2001:df0:f340::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24 (0x18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9136592/serialNumber=8ECF9FAE43F7D1CD6E1202834C0F41ACC1BE1C38
        Validity
            Not Before: Jul 18 07:54:31 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62d511b7-35ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1c:ef:10:4b:a2:0f:8f:9b:01:8b:1b:b3:94:
                    5a:80:4b:4c:af:42:58:32:a2:00:35:c6:70:f6:b1:
                    a5:ef:62:e5:c0:c9:3d:4f:6c:17:52:f1:45:e5:be:
                    0d:fa:78:28:69:f2:c6:38:ca:df:60:bb:29:23:01:
                    43:7b:6b:a4:22:b9:b8:6d:85:8e:6c:bb:4e:6f:cf:
                    16:59:b3:20:33:74:9a:0d:91:24:d5:37:2b:86:bf:
                    f8:14:e2:31:59:f3:83:d2:e2:2e:df:47:cb:8a:63:
                    f4:43:dd:cd:6d:24:4c:eb:d7:ed:4d:0c:c4:80:51:
                    8e:3b:5a:4c:77:57:dd:37:db:5b:a0:91:a3:2f:3e:
                    f7:12:cc:5a:5f:c2:7c:6d:dc:83:d9:6f:cd:f7:6c:
                    fe:b5:3b:e9:af:63:a0:33:d1:1c:9c:88:02:b8:39:
                    6c:ae:b9:c4:2c:81:dc:d5:e3:69:9a:ab:55:7a:4b:
                    a1:ef:66:03:c0:34:c2:93:b5:b3:b2:df:fc:74:41:
                    b7:5e:54:a7:3d:54:57:e6:75:81:f7:e0:ef:1f:b6:
                    54:87:d6:27:d4:6f:70:de:5b:73:f7:5e:0d:34:86:
                    20:ea:32:86:ca:c4:84:64:09:a0:e1:ce:e8:01:fa:
                    d4:09:b4:14:64:ea:56:4f:42:62:ea:f5:0c:3d:d8:
                    cc:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:8D:05:3C:1E:26:C8:DC:F9:5B:BB:95:91:D0:7B:6C:CF:26:44:26
            X509v3 Authority Key Identifier:
                keyid:8E:CF:9F:AE:43:F7:D1:CD:6E:12:02:83:4C:0F:41:AC:C1:BE:1C:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/js-frkP30c1uEgKDTA9BrMG-HDg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/js-frkP30c1uEgKDTA9BrMG-HDg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.228.0/23
                IPv6:
                  2001:df0:f340::/48

    Signature Algorithm: sha256WithRSAEncryption
         2b:e5:4e:e2:aa:b2:d7:47:12:09:ea:89:69:ad:6c:4d:06:bf:
         e1:11:06:d1:72:f0:99:ad:fd:ee:c6:4c:d5:72:19:80:49:f8:
         69:d3:c8:c8:d6:8b:cb:09:67:f3:6e:39:1a:52:30:26:27:28:
         9d:c7:49:f4:f4:d5:5e:7e:b4:ba:15:7a:6a:ef:6e:8d:42:16:
         11:28:2f:ca:73:c9:5c:16:e3:3d:da:f8:db:c8:0e:45:a4:64:
         7c:5f:14:95:3a:fd:f4:ea:56:26:1a:47:9a:ad:3a:89:d3:60:
         1b:5d:d6:58:23:8c:67:39:b4:fa:ba:d5:e8:74:77:98:11:5a:
         62:79:3e:b5:cc:f2:9e:d4:8a:b3:d0:b0:1e:b9:c8:e1:43:0c:
         6f:99:53:f0:31:27:cf:48:a3:5f:64:d8:58:e2:09:9c:b5:34:
         ba:54:b4:5f:21:0c:4d:3a:f3:80:3b:67:00:e4:da:a7:e9:65:
         ab:ea:36:5b:f8:0e:c0:e3:54:2e:f1:4d:bb:39:17:4a:9f:74:
         9c:9e:ef:7b:01:e3:fe:40:6b:5d:55:e1:e1:3d:72:81:78:30:
         66:07:a6:5d:a8:26:ea:21:c3:de:ce:65:d0:17:17:97:9a:26:
         76:87:6f:5d:f4:2d:47:93:18:63:e1:24:89:e2:b6:c8:f2:4b:
         d0:39:6c:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
NjU5MjExMC8GA1UEBRMoOEVDRjlGQUU0M0Y3RDFDRDZFMTIwMjgzNEMwRjQxQUND
MUJFMUMzODAeFw0yMjA3MTgwNzU0MzFaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZDUxMWI3LTM1Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzHO8QS6IPj5sBixuzlFqAS0yvQlgyogA1xnD2saXvYuXAyT1PbBdS8UXlvg36
eChp8sY4yt9guykjAUN7a6QiubhthY5su05vzxZZsyAzdJoNkSTVNyuGv/gU4jFZ
84PS4i7fR8uKY/RD3c1tJEzr1+1NDMSAUY47Wkx3V90321ugkaMvPvcSzFpfwnxt
3IPZb833bP61O+mvY6Az0RyciAK4OWyuucQsgdzV42maq1V6S6HvZgPANMKTtbOy
3/x0QbdeVKc9VFfmdYH34O8ftlSH1ifUb3DeW3P3Xg00hiDqMobKxIRkCaDhzugB
+tQJtBRk6lZPQmLq9Qw92MwJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUbY0FPB4m
yNz5W7uVkdB7bM8mRCYwHwYDVR0jBBgwFoAUjs+frkP30c1uEgKDTA9BrMG+HDgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NTkyL0Q5MTUzMUI2RkVD
ODExRUNBN0NEOTM2OUM0RjlBRTAyL2pzLWZya1AzMGMxdUVnS0RUQTlCck1HLUhE
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanMtZnJrUDMwYzF1RWdLRFRBOUJyTUctSERnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NjU5Mi9EOTE1MzFCNkZFQzgxMUVDQTdDRDkzNjlDNEY5QUUwMi8zMjY2QjE3RTA0
REYxMUVEOEY3MUNCMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe+5DAPBAIAAjAJAwcAIAEN8PNAMA0GCSqGSIb3DQEBCwUA
A4IBAQAr5U7iqrLXRxIJ6olprWxNBr/hEQbRcvCZrf3uxkzVchmASfhp08jI1ovL
CWfzbjkaUjAmJyidx0n09NVefrS6FXpq726NQhYRKC/Kc8lcFuM92vjbyA5FpGR8
XxSVOv306lYmGkearTqJ02AbXdZYI4xnObT6utXodHeYEVpieT61zPKe1Iqz0LAe
ucjhQwxvmVPwMSfPSKNfZNhY4gmctTS6VLRfIQxNOvOAO2cA5Nqn6WWr6jZb+A7A
41Qu8U27ORdKn3Scnu97AeP+QGtdVeHhPXKBeDBmB6ZdqCbqIcPezmXQFxeXmiZ2
h29d9C1Hkxhj4SSJ4rbI8kvQOWyY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org