Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/420D618A1E3F11ED946B8D34C4F9AE02.roa
File:                     420D618A1E3F11ED946B8D34C4F9AE02.roa (raw, json)
Hash identifier:          Sbp+OFVfXDtbPOEmey9MHpQ5QZdt6jTPjRd8uclGecU=
Subject key identifier:   E1:9A:53:B4:01:B4:25:E9:31:B1:76:C7:99:0B:22:48:CD:71:68:2C
Certificate issuer:       /CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
Certificate serial:       1260
Authority key identifier: D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/420D618A1E3F11ED946B8D34C4F9AE02.roa
Signing time:             Wed 17 Aug 2022 15:14:16 +0000
ROA not before:           Wed 17 Aug 2022 15:14:16 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     400618
IP address blocks:        103.116.72.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4704 (0x1260)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91427AF/serialNumber=D80FA9FA841255D5BDA72E52EC04FDFED7FE2D5B
        Validity
            Not Before: Aug 17 15:14:16 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62fd05c8-96b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:01:15:fc:70:8a:ab:8c:33:05:bf:43:eb:0b:
                    46:7e:68:7f:b4:87:bb:ae:27:cf:33:de:c1:6c:11:
                    28:8e:c4:e4:b7:65:93:a0:34:73:8e:34:7e:9a:6d:
                    7b:bf:37:e8:5b:46:d3:bc:ed:9f:b1:c3:9a:7b:73:
                    93:11:39:e1:d0:1e:fe:13:1b:e4:65:e7:f2:97:b7:
                    fe:7a:9b:41:83:8b:ca:43:f9:9e:1e:ab:ab:80:80:
                    54:62:5d:c2:6b:cd:f8:ea:87:1f:6e:2f:05:2e:ea:
                    e7:13:8c:e9:9b:fb:c2:87:b1:ee:1d:dc:e0:7c:ab:
                    98:45:06:6b:4a:4b:55:3d:db:56:84:f6:23:46:07:
                    ba:04:ba:e4:6f:47:96:f9:57:52:41:75:43:84:15:
                    af:99:ca:d2:24:44:d6:71:d4:68:86:7a:7f:98:8c:
                    52:5c:c9:43:25:41:87:48:e6:65:65:d8:59:f2:e3:
                    6d:38:eb:33:69:7f:36:73:ce:5c:cf:f7:67:da:73:
                    73:11:7f:0f:7a:a1:9d:87:90:1f:32:6d:62:05:61:
                    f7:da:f1:4e:1a:fb:4c:4f:bc:7b:fc:68:e5:9e:33:
                    e2:ca:70:f8:8b:5d:59:f1:9c:57:40:d6:9f:b5:d4:
                    78:8d:5e:ea:59:83:ea:cd:05:2d:13:6b:1d:a2:a3:
                    e4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:9A:53:B4:01:B4:25:E9:31:B1:76:C7:99:0B:22:48:CD:71:68:2C
            X509v3 Authority Key Identifier:
                keyid:D8:0F:A9:FA:84:12:55:D5:BD:A7:2E:52:EC:04:FD:FE:D7:FE:2D:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/2A-p-oQSVdW9py5S7AT9_tf-LVs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2A-p-oQSVdW9py5S7AT9_tf-LVs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427AF/579A8BC0686011E8AAB1251FC4F9AE02/420D618A1E3F11ED946B8D34C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:ea:b5:33:20:63:88:4f:fd:d7:6d:0b:52:61:60:8d:47:81:
         6e:cf:43:8f:2c:19:a8:42:de:1c:23:86:35:e2:f8:8e:b4:79:
         46:22:b2:ef:8c:c8:fa:aa:53:c2:53:88:29:b8:3e:ba:f1:10:
         e7:9d:e1:c1:40:35:02:0c:9c:65:33:b8:71:1e:e0:9c:e8:2d:
         8b:e4:fa:c6:a2:e3:38:ef:4f:72:d8:2e:48:07:c3:a9:1a:ea:
         7e:28:8f:55:ad:ca:63:4d:05:eb:23:2c:0a:12:86:f2:97:ab:
         e7:d1:79:19:50:b3:db:36:8c:70:9a:24:d9:99:6d:c0:e0:a4:
         26:53:c6:c3:20:63:db:bf:77:47:4e:35:0e:78:fb:aa:29:9a:
         1a:05:a5:78:2a:8d:e6:f7:90:8b:92:5a:61:91:b6:5c:83:92:
         6c:09:f5:e2:26:03:5a:4c:b4:69:86:ab:1e:e1:ab:21:41:aa:
         f3:d1:e9:fa:88:a9:fd:07:04:c4:f8:7e:eb:cf:3c:26:e0:c5:
         31:a9:ac:26:29:b8:a9:32:04:2f:de:61:67:75:03:0f:ed:c0:
         a6:5b:70:d3:fe:b4:6c:9f:de:80:41:7a:31:8f:81:79:5e:f6:
         80:c2:ef:d9:2c:66:ff:32:f1:f3:6d:ad:73:65:96:2f:11:3d:
         d7:64:ce:39
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3QUYxMTAvBgNVBAUTKEQ4MEZBOUZBODQxMjU1RDVCREE3MkU1MkVDMDRGREZF
RDdGRTJENUIwHhcNMjIwODE3MTUxNDE2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZkMDVjOC05NmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywEV/HCKq4wzBb9D6wtGfmh/tIe7rifPM97BbBEojsTkt2WToDRzjjR+mm17
vzfoW0bTvO2fscOae3OTETnh0B7+ExvkZefyl7f+eptBg4vKQ/meHqurgIBUYl3C
a8346ocfbi8FLurnE4zpm/vCh7HuHdzgfKuYRQZrSktVPdtWhPYjRge6BLrkb0eW
+VdSQXVDhBWvmcrSJETWcdRohnp/mIxSXMlDJUGHSOZlZdhZ8uNtOOszaX82c85c
z/dn2nNzEX8PeqGdh5AfMm1iBWH32vFOGvtMT7x7/GjlnjPiynD4i11Z8ZxXQNaf
tdR4jV7qWYPqzQUtE2sdoqPkxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOGaU7QB
tCXpMbF2x5kLIkjNcWgsMB8GA1UdIwQYMBaAFNgPqfqEElXVvacuUuwE/f7X/i1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdBRi81NzlBOEJDMDY4
NjAxMUU4QUFCMTI1MUZDNEY5QUUwMi8yQS1wLW9RU1ZkVzlweTVTN0FUOV90Zi1M
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJBLXAtb1FTVmRXOXB5NVM3QVQ5X3RmLUxWcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3QUYvNTc5QThCQzA2ODYwMTFFOEFBQjEyNTFGQzRGOUFFMDIvNDIwRDYxOEEx
RTNGMTFFRDk0NkI4RDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJndEgwDQYJKoZIhvcNAQELBQADggEBAKHqtTMgY4hP/ddt
C1JhYI1HgW7PQ48sGahC3hwjhjXi+I60eUYisu+MyPqqU8JTiCm4PrrxEOed4cFA
NQIMnGUzuHEe4JzoLYvk+sai4zjvT3LYLkgHw6ka6n4oj1WtymNNBesjLAoShvKX
q+fReRlQs9s2jHCaJNmZbcDgpCZTxsMgY9u/d0dONQ54+6opmhoFpXgqjeb3kIuS
WmGRtlyDkmwJ9eImA1pMtGmGqx7hqyFBqvPR6fqIqf0HBMT4fuvPPCbgxTGprCYp
uKkyBC/eYWd1Aw/twKZbcNP+tGyf3oBBejGPgXle9oDC79ksZv8y8fNtrXNlli8R
Pddkzjk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org