Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DB2375C4139611EEAA8C626DC4F9AE02.roa
File:                     DB2375C4139611EEAA8C626DC4F9AE02.roa (raw, json)
Hash identifier:          tlHChoyI2FGrKYd6Z8A+597Ura4dDkecb5IVgdGeb1w=
Subject key identifier:   2D:A6:A5:EF:BD:44:B4:40:27:36:7A:E0:6B:8B:DE:91:4B:94:F6:92
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       03FE
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DB2375C4139611EEAA8C626DC4F9AE02.roa
Signing time:             Mon 26 Jun 2023 18:28:33 +0000
ROA not before:           Mon 26 Jun 2023 18:28:33 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     200482
IP address blocks:        43.247.134.0/24 maxlen: 24
                          43.247.135.0/24 maxlen: 24
                          103.231.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1022 (0x3fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Jun 26 18:28:33 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6499d8d0-fcf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b6:c9:1f:1e:db:81:35:b3:01:a4:d4:9f:70:
                    04:e6:1e:5f:c4:52:77:06:80:9f:9d:25:ba:66:bd:
                    c0:ac:56:dc:81:b4:54:d3:67:1d:e3:94:ee:ab:44:
                    74:7d:aa:3b:03:9f:8a:f9:b3:ea:b9:b0:77:0e:40:
                    27:6e:7a:4f:06:17:4a:cb:85:b2:15:0d:7b:55:64:
                    17:52:d6:51:24:82:ca:bb:1d:39:e1:c5:a2:ab:a3:
                    07:60:d4:29:bb:35:87:ab:ad:db:cc:af:7c:81:2c:
                    8d:52:1b:7e:cb:4b:79:61:25:d8:7f:04:7e:20:49:
                    6f:bb:6b:a1:6a:44:31:54:56:66:5b:d8:54:ec:8f:
                    75:e3:df:65:f3:74:8b:50:6a:4e:ca:e3:94:11:4f:
                    10:9e:a8:46:66:a3:a7:89:81:0a:47:3a:69:58:9d:
                    55:02:b7:cd:82:28:bd:66:0c:f4:6c:0e:f1:66:7c:
                    44:bf:9d:ba:56:57:a9:d3:6d:f7:f8:58:ba:fe:47:
                    d4:61:d0:d0:10:5e:d4:f1:ff:72:40:d6:47:b1:e6:
                    74:4d:37:21:f6:c0:56:fd:8a:e5:57:33:c0:63:dd:
                    10:0d:bd:d9:25:d2:79:15:5b:95:76:a0:97:82:0b:
                    41:70:f2:2d:53:12:91:90:cb:4f:16:20:1b:85:70:
                    ce:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A6:A5:EF:BD:44:B4:40:27:36:7A:E0:6B:8B:DE:91:4B:94:F6:92
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DB2375C4139611EEAA8C626DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.134.0/23
                  103.231.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:89:04:76:40:2b:b8:79:22:ce:9f:16:d8:81:77:89:d5:c6:
         32:92:21:b5:57:db:7e:4f:9a:79:d5:9d:99:7b:ce:aa:fc:d7:
         0a:77:cc:4d:be:66:58:07:0a:39:6f:cf:19:0b:d4:af:4b:57:
         59:a2:64:ec:f1:53:c0:a2:a2:45:02:a1:be:58:8f:79:ab:24:
         10:cf:02:7f:69:79:ef:b8:ea:fb:3f:e4:e3:e1:50:e8:9c:8c:
         46:7e:5c:0b:34:25:07:73:64:7d:01:d2:50:48:12:10:bc:f8:
         df:4e:d5:4e:f1:a0:a2:dc:74:02:7f:f7:75:48:5a:9e:03:13:
         d4:7b:f4:55:cb:b2:a3:c9:49:d1:56:67:9b:63:47:43:18:f3:
         2a:80:f5:b9:81:16:00:d9:a5:b0:0c:a4:ee:04:52:a2:db:22:
         4b:e8:9e:8c:05:e7:1f:ee:b6:16:b3:ba:59:16:76:f1:f5:9b:
         12:f5:84:ed:eb:34:5b:45:ff:0f:4d:a9:ac:2e:98:04:b7:00:
         6a:12:64:ed:93:88:34:5b:73:ab:bb:fa:c1:57:3d:41:e0:69:
         d6:d3:2d:46:83:b6:09:1d:7b:e6:95:42:09:8f:4b:7b:63:63:
         84:16:7d:a3:fa:20:b4:9b:9c:93:db:13:d8:71:76:bd:1c:bc:
         b4:7e:85:27
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNjI2MTgyODMzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk5ZDhkMC1mY2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubbJHx7bgTWzAaTUn3AE5h5fxFJ3BoCfnSW6Zr3ArFbcgbRU02cd45Tuq0R0
fao7A5+K+bPqubB3DkAnbnpPBhdKy4WyFQ17VWQXUtZRJILKux054cWiq6MHYNQp
uzWHq63bzK98gSyNUht+y0t5YSXYfwR+IElvu2uhakQxVFZmW9hU7I91499l83SL
UGpOyuOUEU8QnqhGZqOniYEKRzppWJ1VArfNgii9Zgz0bA7xZnxEv526Vlep0233
+Fi6/kfUYdDQEF7U8f9yQNZHseZ0TTch9sBW/YrlVzPAY90QDb3ZJdJ5FVuVdqCX
ggtBcPItUxKRkMtPFiAbhXDOfQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC2mpe+9
RLRAJzZ64GuL3pFLlPaSMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvREIyMzc1QzQx
Mzk2MTFFRUFBOEM2MjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr94YDBABn5zswDQYJKoZIhvcNAQELBQADggEBAIiJBHZA
K7h5Is6fFtiBd4nVxjKSIbVX235PmnnVnZl7zqr81wp3zE2+ZlgHCjlvzxkL1K9L
V1miZOzxU8CiokUCob5Yj3mrJBDPAn9pee+46vs/5OPhUOicjEZ+XAs0JQdzZH0B
0lBIEhC8+N9O1U7xoKLcdAJ/93VIWp4DE9R79FXLsqPJSdFWZ5tjR0MY8yqA9bmB
FgDZpbAMpO4EUqLbIkvonowF5x/uthazulkWdvH1mxL1hO3rNFtF/w9NqawumAS3
AGoSZO2TiDRbc6u7+sFXPUHgadbTLUaDtgkde+aVQgmPS3tjY4QWfaP6ILSbnJPb
E9hxdr0cvLR+hSc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org