Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C01D066826A211EEA1E6AE4CC4F9AE02.roa
File:                     C01D066826A211EEA1E6AE4CC4F9AE02.roa (raw, json)
Hash identifier:          sIt5L1SohfhzEvN3SNJneIXZAVitxGQR5wbguKDXfgY=
Subject key identifier:   5A:C3:AB:CC:C9:AA:9E:A7:B8:D6:CA:03:73:54:EC:F2:1C:4F:47:FD
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0416
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C01D066826A211EEA1E6AE4CC4F9AE02.roa
Signing time:             Thu 20 Jul 2023 02:11:35 +0000
ROA not before:           Thu 20 Jul 2023 02:11:35 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        103.231.56.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1046 (0x416)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Jul 20 02:11:35 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64b897d6-4ff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:d9:7a:ab:09:74:9c:2c:43:ed:e5:c2:87:ba:
                    8d:f0:20:1a:36:0a:58:13:3c:44:2b:16:9a:e3:b0:
                    02:f5:10:1d:6f:a8:88:e5:a4:f2:6c:e8:15:af:60:
                    b4:00:82:36:d9:5e:88:25:89:25:ff:18:32:0c:63:
                    f4:63:67:d0:90:ac:f3:b7:10:02:ab:0f:7a:8e:c1:
                    8c:55:7a:ad:fd:3f:eb:b9:1a:d4:1c:83:bf:93:84:
                    fa:35:5d:39:e3:f8:a6:3f:6b:1e:60:fb:3d:8b:f9:
                    47:f2:2a:3e:f8:f0:93:66:f6:bd:0d:78:e5:b6:13:
                    b9:7b:0d:86:f3:2b:99:10:71:80:ed:ce:38:26:a6:
                    49:7d:93:44:71:da:72:1e:9b:46:c9:db:d6:6c:0e:
                    3d:b6:38:09:b3:c0:27:c1:c8:df:05:ab:7f:b4:68:
                    4e:8a:6b:93:4b:59:08:9a:3d:81:f0:f3:dc:16:a9:
                    20:cf:48:d2:ca:54:55:70:d6:ea:b4:f6:29:d7:10:
                    f0:36:cb:6a:12:84:b6:3b:f0:82:af:73:03:05:86:
                    47:07:02:7b:1b:74:34:7e:58:5c:07:95:d8:08:81:
                    8c:e7:ad:32:59:7d:28:a2:56:50:7d:ac:d4:27:ae:
                    a5:cb:08:e0:13:11:10:4c:bc:1e:ca:85:25:24:da:
                    09:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:C3:AB:CC:C9:AA:9E:A7:B8:D6:CA:03:73:54:EC:F2:1C:4F:47:FD
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C01D066826A211EEA1E6AE4CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:82:8e:c9:24:cc:aa:ea:34:ce:05:f0:95:02:3f:ec:13:77:
         36:c6:13:8e:8d:5c:6c:3d:52:7b:b2:6e:94:6e:b9:e7:2c:8e:
         18:b1:2c:13:00:d1:f1:6b:b8:53:ea:5a:32:43:63:53:0b:85:
         72:44:c4:ba:d5:df:d6:05:df:6c:27:43:9d:ad:63:f0:a1:9b:
         46:3e:e5:ce:30:2f:87:8f:9e:d0:6e:60:c9:97:e6:79:c1:4e:
         0d:8c:4c:42:c1:03:53:c6:a8:8e:fe:d5:1e:7f:79:a2:87:7f:
         2b:56:d3:49:ec:6f:1c:c5:9d:52:19:88:ce:24:47:f9:52:c2:
         dc:2a:82:cd:c7:69:c1:57:b0:8e:a9:9e:b4:b3:ab:f7:b7:2e:
         6a:17:fd:01:2c:10:34:c5:b6:b7:ca:61:e4:e4:85:2e:23:16:
         1f:62:7b:e0:6b:8f:b7:cb:82:22:11:f6:5b:dc:7e:bf:78:48:
         55:c5:30:93:02:11:22:53:3f:01:2b:98:e6:ee:ba:5a:b6:df:
         4b:5b:20:92:13:d9:61:cc:09:87:19:f6:9d:74:0c:6f:5c:99:
         7a:01:7f:7f:6f:1a:6d:10:38:33:9e:a9:1e:a8:75:5f:c1:f1:
         69:65:e3:77:1d:df:79:6d:3c:ea:87:8d:0c:5e:5c:a4:c6:02:
         2b:23:c7:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNzIwMDIxMTM1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI4OTdkNi00ZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9tl6qwl0nCxD7eXCh7qN8CAaNgpYEzxEKxaa47AC9RAdb6iI5aTybOgVr2C0
AII22V6IJYkl/xgyDGP0Y2fQkKzztxACqw96jsGMVXqt/T/ruRrUHIO/k4T6NV05
4/imP2seYPs9i/lH8io++PCTZva9DXjlthO5ew2G8yuZEHGA7c44JqZJfZNEcdpy
HptGydvWbA49tjgJs8AnwcjfBat/tGhOimuTS1kImj2B8PPcFqkgz0jSylRVcNbq
tPYp1xDwNstqEoS2O/CCr3MDBYZHBwJ7G3Q0flhcB5XYCIGM560yWX0oolZQfazU
J66lywjgExEQTLweyoUlJNoJ3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFFrDq8zJ
qp6nuNbKA3NU7PIcT0f9MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQzAxRDA2Njgy
NkEyMTFFRUExRTZBRTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5zgwDQYJKoZIhvcNAQELBQADggEBAJuCjskkzKrqNM4F
8JUCP+wTdzbGE46NXGw9UnuybpRuuecsjhixLBMA0fFruFPqWjJDY1MLhXJExLrV
39YF32wnQ52tY/Chm0Y+5c4wL4ePntBuYMmX5nnBTg2MTELBA1PGqI7+1R5/eaKH
fytW00nsbxzFnVIZiM4kR/lSwtwqgs3HacFXsI6pnrSzq/e3LmoX/QEsEDTFtrfK
YeTkhS4jFh9ie+Brj7fLgiIR9lvcfr94SFXFMJMCESJTPwErmObuulq230tbIJIT
2WHMCYcZ9p10DG9cmXoBf39vGm0QODOeqR6odV/B8Wll43cd33ltPOqHjQxeXKTG
Aisjx9Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org