Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CD78364848CB11EE83A32623C4F9AE02.roa
File:                     CD78364848CB11EE83A32623C4F9AE02.roa (raw, json)
Hash identifier:          ZcHjzvbierTcXt93Lh57QqkybuMD8rVqWq9yhoKJTZc=
Subject key identifier:   F2:A9:2A:5A:CB:7C:FF:BA:71:EE:6B:98:4F:AC:86:D8:38:36:0A:95
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       04A9
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CD78364848CB11EE83A32623C4F9AE02.roa
Signing time:             Mon 04 Sep 2023 04:36:50 +0000
ROA not before:           Mon 04 Sep 2023 04:36:50 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     132335
IP address blocks:        43.255.157.0/24 maxlen: 24
                          103.231.59.0/24 maxlen: 24
                          103.240.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1193 (0x4a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Sep  4 04:36:50 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64f55ee2-ef7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:09:17:75:6f:a2:09:35:b5:29:9a:b0:41:58:
                    09:30:fa:11:10:5a:0d:14:cd:9d:e0:96:c4:db:14:
                    a9:f0:df:3e:84:cd:63:f3:b9:7b:80:04:12:d6:a6:
                    3e:4e:8c:17:e1:2c:6c:95:3b:2b:c0:08:ac:cf:74:
                    e3:a1:c2:e8:f6:5b:4a:8f:56:65:6b:75:7b:3c:9c:
                    27:79:1c:52:43:03:c2:1a:93:14:8c:fa:fa:3f:87:
                    39:d7:d5:d0:22:1d:e6:3e:af:50:2e:18:9f:62:76:
                    ce:30:79:fd:24:15:c2:b0:8b:36:1e:c8:24:1d:f5:
                    7a:66:8b:4e:b1:bd:8b:e3:0d:c3:b7:e7:ea:64:3f:
                    f9:03:ab:10:44:6d:c8:d6:84:08:32:34:ec:e7:87:
                    a8:b4:e2:95:fe:8a:14:08:46:81:bf:2b:92:bd:f5:
                    d6:7c:a0:ea:2e:d2:d2:5b:f5:01:c7:6b:aa:4e:f9:
                    b6:5f:d7:e4:09:1a:f9:04:af:e4:8b:4a:78:ac:8b:
                    59:2d:49:da:11:b7:2d:26:d7:74:5e:c3:bd:da:69:
                    44:e5:42:6c:36:32:e0:95:ae:2c:63:37:07:66:2a:
                    01:dd:89:53:91:f8:80:3e:ff:97:5d:50:0b:39:42:
                    d8:07:45:5e:8b:e0:85:4f:7f:35:c1:dc:c1:dc:86:
                    a8:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:A9:2A:5A:CB:7C:FF:BA:71:EE:6B:98:4F:AC:86:D8:38:36:0A:95
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/CD78364848CB11EE83A32623C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.157.0/24
                  103.231.59.0/24
                  103.240.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:b5:65:c9:48:ab:29:94:2e:77:9e:99:9d:7e:12:ad:c6:01:
         60:88:22:1b:18:06:dd:13:7e:dd:ce:97:47:e5:a5:15:73:9d:
         50:36:19:bd:58:da:60:fb:ea:f6:6b:06:75:2c:13:7a:76:4a:
         19:59:e9:cf:d2:3f:9f:6b:d3:e3:e3:28:15:cb:fd:b8:c6:88:
         f7:c8:a9:1f:de:11:cd:b0:a0:9a:43:0c:20:d8:33:6d:71:ce:
         47:56:d7:31:43:e5:f3:2f:8e:e5:7e:a0:3f:dd:b1:b9:6c:b5:
         bb:f5:2d:e8:c4:ff:5c:0c:6e:fc:ee:92:3e:ac:ab:67:39:11:
         39:86:3d:6f:42:bf:89:48:0c:36:00:9d:44:d1:49:49:f9:a9:
         95:94:86:38:06:41:e7:27:60:85:88:ab:4c:c8:63:a9:76:7c:
         47:a9:86:2c:29:f3:4a:20:4b:8c:86:ae:87:3e:4c:7d:f0:5e:
         98:4e:b0:4a:fe:13:dd:98:13:14:2a:9f:43:69:4d:d1:fe:1a:
         a2:e4:cc:da:ba:2f:bb:3b:1b:aa:95:fc:7c:2c:fa:78:0c:eb:
         54:4b:88:31:4c:28:08:81:0b:5c:b5:a2:66:ee:4a:cf:0f:7f:
         25:f5:70:5a:ab:f5:00:63:bb:e3:b5:e5:2b:54:2c:19:56:89:
         d0:0d:53:f8
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA0MDQzNjUwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY1NWVlMi1lZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7AkXdW+iCTW1KZqwQVgJMPoREFoNFM2d4JbE2xSp8N8+hM1j87l7gAQS1qY+
TowX4SxslTsrwAisz3TjocLo9ltKj1Zla3V7PJwneRxSQwPCGpMUjPr6P4c519XQ
Ih3mPq9QLhifYnbOMHn9JBXCsIs2HsgkHfV6ZotOsb2L4w3Dt+fqZD/5A6sQRG3I
1oQIMjTs54eotOKV/ooUCEaBvyuSvfXWfKDqLtLSW/UBx2uqTvm2X9fkCRr5BK/k
i0p4rItZLUnaEbctJtd0XsO92mlE5UJsNjLgla4sYzcHZioB3YlTkfiAPv+XXVAL
OULYB0Vei+CFT381wdzB3IaoswIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPKpKlrL
fP+6ce5rmE+shtg4NgqVMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQ0Q3ODM2NDg0
OENCMTFFRTgzQTMyNjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/50DBABn5zsDBABn8MUwDQYJKoZIhvcNAQELBQADggEB
AAy1ZclIqymULneemZ1+Eq3GAWCIIhsYBt0Tft3Ol0flpRVznVA2Gb1Y2mD76vZr
BnUsE3p2ShlZ6c/SP59r0+PjKBXL/bjGiPfIqR/eEc2woJpDDCDYM21xzkdW1zFD
5fMvjuV+oD/dsblstbv1LejE/1wMbvzukj6sq2c5ETmGPW9Cv4lIDDYAnUTRSUn5
qZWUhjgGQecnYIWIq0zIY6l2fEephiwp80ogS4yGroc+TH3wXphOsEr+E92YExQq
n0NpTdH+GqLkzNq6L7s7G6qV/Hws+ngM61RLiDFMKAiBC1y1ombuSs8PfyX1cFqr
9QBju+O15StULBlWidANU/g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org