Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/A59598504AD411ED85A1F269C4F9AE02.roa
File:                     A59598504AD411ED85A1F269C4F9AE02.roa (raw, json)
Hash identifier:          D+LnFcl6vrqV/N5YQDErQT1T8u7lvMcyGX8ZhyA1jjk=
Subject key identifier:   EA:8D:13:E9:DA:CD:5B:A8:62:6E:D3:70:5E:FE:4B:70:C4:F9:0F:1D
Certificate issuer:       /CN=A91472E2/serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0
Certificate serial:       0107
Authority key identifier: C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/A59598504AD411ED85A1F269C4F9AE02.roa
Signing time:             Fri 19 May 2023 07:39:17 +0000
ROA not before:           Fri 19 May 2023 07:39:17 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     150137
IP address blocks:        103.90.12.0/23 maxlen: 23
                          103.191.181.0/24 maxlen: 24
                          2001:df1:940::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 263 (0x107)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91472E2/serialNumber=C65FFCFB2CFCD9BCD68DAEB0697D316CF35B23F0
        Validity
            Not Before: May 19 07:39:17 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=646727a4-2812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:0b:c7:d5:39:0a:ca:73:da:04:c7:ed:1f:f5:
                    72:ad:9a:f9:13:fd:b3:6b:3c:4a:d1:1f:6b:92:f6:
                    6b:d7:9b:9d:00:4e:74:ca:f6:88:53:a8:3b:8d:6e:
                    97:66:5c:4b:13:32:4a:76:b4:ab:a4:66:b2:93:cd:
                    57:54:4c:17:de:72:c2:81:9a:0a:2f:63:0e:94:3b:
                    f9:e0:df:0d:b7:44:7b:2e:40:8f:6a:2d:53:09:74:
                    e3:c3:d3:81:29:ca:59:f3:7d:22:55:af:a9:93:42:
                    ae:ad:74:e0:bc:97:a0:b8:e0:1d:c1:60:f0:7d:74:
                    90:7d:0c:e0:15:0d:26:7c:68:69:4f:b8:b1:b4:72:
                    ef:1b:04:74:06:1d:bf:45:3f:6a:12:4c:ed:40:d9:
                    dd:92:bd:a3:c4:48:ba:bf:1b:a6:6d:70:2f:e2:c6:
                    1d:7f:90:12:ca:2f:86:f9:ae:6d:4d:9b:71:d7:d3:
                    a3:7e:cd:c9:21:b8:97:2b:af:20:a0:08:f0:8a:ef:
                    08:39:00:6c:2c:f8:c6:70:f2:22:e9:d7:c7:e6:e1:
                    8a:a1:02:9c:7e:c8:f0:b9:0d:c3:ae:b3:a7:69:f1:
                    51:af:56:e0:4d:9c:04:8c:40:fd:8f:be:ba:5b:8d:
                    e4:fb:8c:be:f4:68:8d:ca:b8:8d:91:6e:6b:e8:da:
                    9d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:8D:13:E9:DA:CD:5B:A8:62:6E:D3:70:5E:FE:4B:70:C4:F9:0F:1D
            X509v3 Authority Key Identifier:
                keyid:C6:5F:FC:FB:2C:FC:D9:BC:D6:8D:AE:B0:69:7D:31:6C:F3:5B:23:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/xl_8-yz82bzWja6waX0xbPNbI_A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xl_8-yz82bzWja6waX0xbPNbI_A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91472E2/2F19535C0CB211ED95CEC95CC4F9AE02/A59598504AD411ED85A1F269C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.90.12.0/23
                  103.191.181.0/24
                IPv6:
                  2001:df1:940::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:3d:7b:32:b9:82:63:77:af:4f:29:6f:a1:39:c8:67:a6:e7:
         65:3e:d8:c0:dd:8e:c4:03:71:90:b1:13:b4:f6:1f:f6:83:e3:
         99:a6:ee:6a:ba:b6:f5:b4:3f:5f:46:60:15:f2:db:40:55:ec:
         62:43:03:e7:97:e9:fa:d4:8e:f9:41:9a:e0:55:b1:98:d2:3d:
         a2:be:6d:fa:20:76:e2:66:02:54:70:6f:72:26:ac:fa:4c:a9:
         30:e0:a3:3c:34:49:fb:53:62:ab:d4:d0:5b:f5:42:95:c7:91:
         f0:13:b7:7a:06:0b:b3:0b:9b:5f:f9:c8:9d:71:ba:fb:3c:3d:
         f8:6a:30:d0:9a:50:79:b0:cb:99:3a:dd:71:c1:89:75:34:75:
         7f:2a:b9:27:68:bc:6e:ca:97:44:f4:77:6c:79:6d:95:5e:21:
         53:08:46:fa:84:77:48:00:41:d2:a2:8b:b1:e2:5a:54:02:30:
         40:6a:9d:13:4a:59:6a:9b:d1:76:3c:cb:aa:25:d3:8a:43:99:
         e1:57:69:43:a8:42:df:db:ad:3f:bd:f4:0e:93:e4:54:e0:1b:
         6f:72:f9:22:dc:75:e8:73:83:4d:21:56:c9:8c:44:20:a5:ca:
         2f:88:5f:53:d0:a9:0b:52:10:19:8f:ce:fb:b6:b4:bc:03:78:
         ee:33:66:99
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDcyRTIxMTAvBgNVBAUTKEM2NUZGQ0ZCMkNGQ0Q5QkNENjhEQUVCMDY5N0QzMTZD
RjM1QjIzRjAwHhcNMjMwNTE5MDczOTE3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY3MjdhNC0yODEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+QvH1TkKynPaBMftH/VyrZr5E/2zazxK0R9rkvZr15udAE50yvaIU6g7jW6X
ZlxLEzJKdrSrpGayk81XVEwX3nLCgZoKL2MOlDv54N8Nt0R7LkCPai1TCXTjw9OB
KcpZ830iVa+pk0KurXTgvJeguOAdwWDwfXSQfQzgFQ0mfGhpT7ixtHLvGwR0Bh2/
RT9qEkztQNndkr2jxEi6vxumbXAv4sYdf5ASyi+G+a5tTZtx19Ojfs3JIbiXK68g
oAjwiu8IOQBsLPjGcPIi6dfH5uGKoQKcfsjwuQ3DrrOnafFRr1bgTZwEjED9j766
W43k+4y+9GiNyriNkW5r6NqdswIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFOqNE+na
zVuoYm7TcF7+S3DE+Q8dMB8GA1UdIwQYMBaAFMZf/Pss/Nm81o2usGl9MWzzWyPw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzJFMi8yRjE5NTM1QzBD
QjIxMUVEOTVDRUM5NUNDNEY5QUUwMi94bF84LXl6ODJieldqYTZ3YVgweGJQTmJJ
X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hsXzgteXo4MmJ6V2phNndhWDB4YlBOYklfQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDcyRTIvMkYxOTUzNUMwQ0IyMTFFRDk1Q0VDOTVDQzRGOUFFMDIvQTU5NTk4NTA0
QUQ0MTFFRDg1QTFGMjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnWgwDBABnv7UwDwQCAAIwCQMHACABDfEJQDANBgkqhkiG
9w0BAQsFAAOCAQEAjT17MrmCY3evTylvoTnIZ6bnZT7YwN2OxANxkLETtPYf9oPj
mabuarq29bQ/X0ZgFfLbQFXsYkMD55fp+tSO+UGa4FWxmNI9or5t+iB24mYCVHBv
cias+kypMOCjPDRJ+1Niq9TQW/VClceR8BO3egYLswubX/nInXG6+zw9+Gow0JpQ
ebDLmTrdccGJdTR1fyq5J2i8bsqXRPR3bHltlV4hUwhG+oR3SABB0qKLseJaVAIw
QGqdE0pZapvRdjzLqiXTikOZ4VdpQ6hC39utP730DpPkVOAbb3L5Itx16HODTSFW
yYxEIKXKL4hfU9CpC1IQGY/O+7a0vAN47jNmmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org