Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/42C1784EF94C11EDBB552547C4F9AE02.roa
File:                     42C1784EF94C11EDBB552547C4F9AE02.roa (raw, json)
Hash identifier:          4oErdjxMtK30UEcQMoD4J2/eOPkmnARe2WjzRhhJte0=
Subject key identifier:   42:1B:6F:6D:93:F9:5E:77:66:2B:A2:EB:69:4D:2D:F0:17:0B:54:99
Certificate issuer:       /CN=A91403E9/serialNumber=92FEFE8AE829F0A5A501B57506FAE4E5C11A1D97
Certificate serial:       37
Authority key identifier: 92:FE:FE:8A:E8:29:F0:A5:A5:01:B5:75:06:FA:E4:E5:C1:1A:1D:97
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kv7-iugp8KWlAbV1Bvrk5cEaHZc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/42C1784EF94C11EDBB552547C4F9AE02.roa
Signing time:             Tue 23 May 2023 09:29:05 +0000
ROA not before:           Tue 23 May 2023 09:29:05 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     150745
IP address blocks:        103.81.29.0/24 maxlen: 24
                          2001:df1:e940::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55 (0x37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91403E9/serialNumber=92FEFE8AE829F0A5A501B57506FAE4E5C11A1D97
        Validity
            Not Before: May 23 09:29:05 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=646c8761-e8fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:a7:bf:30:ca:8e:58:32:60:4a:a5:a8:eb:93:
                    35:d6:da:96:70:29:08:fc:c0:58:a7:c7:59:c2:67:
                    af:0e:33:f2:37:74:40:8d:77:62:8b:7c:e7:b6:e0:
                    90:f1:55:33:d5:d4:23:65:e8:5b:a1:37:45:57:2d:
                    5c:87:ec:d2:46:9b:42:52:04:17:9e:48:e2:93:56:
                    83:ad:c3:7f:23:49:7e:30:5e:fb:cf:f8:14:32:08:
                    9a:de:c3:25:b8:48:ce:5f:cc:26:a9:79:02:67:de:
                    c0:fa:2b:3e:82:b6:17:70:ef:d3:60:1e:84:99:bf:
                    94:4c:48:8f:8c:f7:29:50:73:b9:5e:be:58:39:7e:
                    cb:81:3e:08:86:3c:74:23:72:f7:72:8a:e8:87:7e:
                    9d:84:8b:df:75:2c:50:19:62:2a:2e:fe:18:d7:65:
                    42:a8:a8:e8:af:6b:37:12:00:b9:b9:bd:dc:cb:fa:
                    c4:be:08:0e:de:6d:8a:39:18:28:b5:89:0d:c5:70:
                    7f:fc:a2:e9:5b:6d:49:95:4e:00:88:cf:e0:63:da:
                    30:c1:27:f7:c9:0c:10:ad:94:aa:1d:3b:10:a3:f9:
                    25:64:c2:47:22:45:37:40:b7:2b:61:0e:93:97:49:
                    b6:84:89:45:a2:a1:5d:5e:55:39:d2:b0:34:70:4c:
                    69:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:1B:6F:6D:93:F9:5E:77:66:2B:A2:EB:69:4D:2D:F0:17:0B:54:99
            X509v3 Authority Key Identifier:
                keyid:92:FE:FE:8A:E8:29:F0:A5:A5:01:B5:75:06:FA:E4:E5:C1:1A:1D:97

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/kv7-iugp8KWlAbV1Bvrk5cEaHZc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kv7-iugp8KWlAbV1Bvrk5cEaHZc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/42C1784EF94C11EDBB552547C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.81.29.0/24
                IPv6:
                  2001:df1:e940::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:bf:25:16:82:99:74:99:0d:c0:04:29:ee:14:dd:1b:7f:b1:
         bf:cd:db:1b:09:b3:43:59:52:89:d4:07:01:1f:cc:74:87:ad:
         c4:17:ae:56:b4:eb:c3:14:c4:37:a6:b6:45:b9:90:20:68:f1:
         90:18:2c:bf:0d:5d:36:02:0a:49:37:78:08:cf:91:6f:88:06:
         7a:6e:b9:40:a7:16:15:4d:88:22:0c:c6:7f:b2:93:19:a2:cb:
         87:4f:47:f4:3b:02:70:d9:bb:97:3a:2f:5f:0d:d1:1d:3d:a8:
         0a:b5:2a:17:bb:11:5a:86:b8:f6:14:68:3b:1e:5b:63:e4:e1:
         e7:69:cb:9e:44:2e:34:c3:77:19:c9:a2:25:73:3f:67:5a:67:
         4b:6e:57:a6:37:10:c3:b5:70:aa:e8:8a:df:32:45:43:74:9c:
         72:76:db:5e:b8:95:6d:f6:d1:c8:19:4b:c2:e7:4b:45:c2:8e:
         fd:8a:f1:e1:87:95:e8:6f:e4:ef:e0:b0:4f:a9:b1:b7:68:21:
         05:86:ff:e4:54:a9:54:92:45:04:c2:23:4c:b2:b6:cd:b6:a4:
         9e:af:be:83:a1:ed:9b:b8:35:36:6b:5c:8e:ed:ac:24:a7:47:
         83:93:b4:83:a2:0e:30:b9:8c:91:06:ea:f2:6d:6c:42:f5:bc:
         24:9e:46:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MDNFOTExMC8GA1UEBRMoOTJGRUZFOEFFODI5RjBBNUE1MDFCNTc1MDZGQUU0RTVD
MTFBMUQ5NzAeFw0yMzA1MjMwOTI5MDVaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NmM4NzYxLWU4ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0p78wyo5YMmBKpajrkzXW2pZwKQj8wFinx1nCZ68OM/I3dECNd2KLfOe24JDx
VTPV1CNl6FuhN0VXLVyH7NJGm0JSBBeeSOKTVoOtw38jSX4wXvvP+BQyCJrewyW4
SM5fzCapeQJn3sD6Kz6Cthdw79NgHoSZv5RMSI+M9ylQc7levlg5fsuBPgiGPHQj
cvdyiuiHfp2Ei991LFAZYiou/hjXZUKoqOivazcSALm5vdzL+sS+CA7ebYo5GCi1
iQ3FcH/8oulbbUmVTgCIz+Bj2jDBJ/fJDBCtlKodOxCj+SVkwkciRTdAtythDpOX
SbaEiUWioV1eVTnSsDRwTGkbAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUQhtvbZP5
XndmK6LraU0t8BcLVJkwHwYDVR0jBBgwFoAUkv7+iugp8KWlAbV1Bvrk5cEaHZcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQwM0U5LzE3NjEzMjM0QUMz
QTExRUQ5NzQwQjY1NUM0RjlBRTAyL2t2Ny1pdWdwOEtXbEFiVjFCdnJrNWNFYUha
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva3Y3LWl1Z3A4S1dsQWJWMUJ2cms1Y0VhSFpjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MDNFOS8xNzYxMzIzNEFDM0ExMUVEOTc0MEI2NTVDNEY5QUUwMi80MkMxNzg0RUY5
NEMxMUVEQkI1NTI1NDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGdRHTAPBAIAAjAJAwcAIAEN8elAMA0GCSqGSIb3DQEBCwUA
A4IBAQBQvyUWgpl0mQ3ABCnuFN0bf7G/zdsbCbNDWVKJ1AcBH8x0h63EF65WtOvD
FMQ3prZFuZAgaPGQGCy/DV02AgpJN3gIz5FviAZ6brlApxYVTYgiDMZ/spMZosuH
T0f0OwJw2buXOi9fDdEdPagKtSoXuxFahrj2FGg7Hltj5OHnacueRC40w3cZyaIl
cz9nWmdLblemNxDDtXCq6IrfMkVDdJxydtteuJVt9tHIGUvC50tFwo79ivHhh5Xo
b+Tv4LBPqbG3aCEFhv/kVKlUkkUEwiNMsrbNtqSer76Doe2buDU2a1yO7awkp0eD
k7SDog4wuYyRBurybWxC9bwknkZh
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org