Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/8B72E46A874B11ED8870953DC4F9AE02.roa
File:                     8B72E46A874B11ED8870953DC4F9AE02.roa (raw, json)
Hash identifier:          r2SK7iSyJ6IIzK3t3Jb6ymsF0QVZcGlX5kMiU7ZI8G4=
Subject key identifier:   5C:F0:02:96:62:B0:FD:60:21:70:74:52:EC:78:BC:8C:AC:73:29:D2
Certificate issuer:       /CN=A914CBF3/serialNumber=E2449E312220131E2E76C42C7CCC6DD193510707
Certificate serial:       0A66
Authority key identifier: E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/8B72E46A874B11ED8870953DC4F9AE02.roa
Signing time:             Thu 12 Jan 2023 20:37:08 +0000
ROA not before:           Thu 12 Jan 2023 20:37:08 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     134382
IP address blocks:        103.126.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2662 (0xa66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914CBF3/serialNumber=E2449E312220131E2E76C42C7CCC6DD193510707
        Validity
            Not Before: Jan 12 20:37:08 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=63c06f74-be76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a3:07:8c:de:d5:86:39:36:86:c3:8d:14:5b:
                    14:2c:67:82:1a:63:73:50:0e:ca:04:f9:a3:b3:7f:
                    d9:a7:e7:48:cd:91:5b:60:d4:1b:4a:ae:d0:92:68:
                    60:95:53:2b:40:3f:71:60:42:d1:fc:5e:5d:74:50:
                    cd:7a:99:24:35:32:99:87:60:e0:8b:1f:95:d9:e5:
                    16:b6:40:be:39:07:6d:6b:09:93:35:a1:20:07:6e:
                    c5:bb:d6:06:7d:5f:01:5c:6f:69:2f:45:36:44:6b:
                    db:9d:d5:0b:72:02:d5:14:cc:0c:91:d4:0d:86:7e:
                    7b:71:f8:af:42:25:dc:ff:32:4a:08:67:bc:3e:72:
                    31:d7:8b:23:ae:54:89:b8:10:14:11:01:a6:87:53:
                    46:b3:57:fd:19:52:57:0f:5f:75:a5:f9:62:c0:0e:
                    ed:c6:e9:e4:33:0d:eb:3a:6e:fd:0c:1d:2c:48:0c:
                    0c:05:c1:93:e4:94:7f:ae:18:43:2c:9d:c7:c9:8d:
                    a2:9c:b0:e1:02:c8:22:5c:c4:d7:b2:f9:9e:be:de:
                    28:fc:56:b0:0b:64:df:e8:ca:2c:18:7d:58:a4:f5:
                    c6:f4:1b:08:e0:fb:04:b3:c8:e6:11:93:e6:68:b4:
                    d7:4d:bd:94:fc:db:07:eb:a9:c2:ab:11:43:3f:25:
                    a7:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:F0:02:96:62:B0:FD:60:21:70:74:52:EC:78:BC:8C:AC:73:29:D2
            X509v3 Authority Key Identifier:
                keyid:E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/8B72E46A874B11ED8870953DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.126.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:c3:31:bf:0c:d1:ec:bf:f1:c2:29:36:10:b4:2e:c8:c6:20:
         b5:cf:77:bd:c4:2f:df:5d:d7:29:d6:92:24:d1:7b:74:2a:e7:
         5f:36:48:67:61:73:ff:1b:8a:b1:18:f5:09:94:a4:8c:3f:92:
         52:40:3c:e2:e3:da:46:ad:a2:39:b0:7b:30:c4:e8:77:a1:13:
         f1:c3:24:8c:80:74:3d:d5:11:6a:aa:74:71:89:1f:a2:87:c4:
         ad:0d:b2:f2:fb:bf:33:4c:27:c9:fa:6d:e3:bd:00:36:ba:8d:
         66:40:7f:5b:fe:9a:f8:2d:26:a4:ca:46:90:b0:85:6e:85:b0:
         f3:f6:d3:cc:2c:c9:25:5c:30:62:c0:93:1c:0e:c6:59:07:45:
         e1:86:05:63:6d:51:d6:c0:61:18:d5:b4:b8:01:b0:b3:2b:9d:
         be:59:5e:44:53:1c:46:51:90:92:a0:79:7f:41:f9:dc:60:d6:
         03:fb:36:21:8e:ad:11:4a:5f:ed:9e:d1:c1:4e:13:7d:e4:78:
         07:4c:38:7e:62:0c:04:a7:d1:c3:a5:cf:b7:76:9d:26:e9:12:
         f8:40:b9:4c:ed:f4:b4:a0:17:eb:aa:d6:a1:ec:cc:47:80:bc:
         04:13:c9:35:b9:8e:39:5b:8a:9a:cd:1f:48:fe:cd:1f:f2:24:
         b4:d3:99:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENCRjMxMTAvBgNVBAUTKEUyNDQ5RTMxMjIyMDEzMUUyRTc2QzQyQzdDQ0M2REQx
OTM1MTA3MDcwHhcNMjMwMTEyMjAzNzA4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MwNmY3NC1iZTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKMHjN7Vhjk2hsONFFsULGeCGmNzUA7KBPmjs3/Zp+dIzZFbYNQbSq7Qkmhg
lVMrQD9xYELR/F5ddFDNepkkNTKZh2Dgix+V2eUWtkC+OQdtawmTNaEgB27Fu9YG
fV8BXG9pL0U2RGvbndULcgLVFMwMkdQNhn57cfivQiXc/zJKCGe8PnIx14sjrlSJ
uBAUEQGmh1NGs1f9GVJXD191pfliwA7txunkMw3rOm79DB0sSAwMBcGT5JR/rhhD
LJ3HyY2inLDhAsgiXMTXsvmevt4o/FawC2Tf6MosGH1YpPXG9BsI4PsEs8jmEZPm
aLTXTb2U/NsH66nCqxFDPyWnjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFzwApZi
sP1gIXB0Uux4vIyscynSMB8GA1UdIwQYMBaAFOJEnjEiIBMeLnbELHzMbdGTUQcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0JGMy8xQkM2RUIyMDEx
RTcxMUVBQjkwM0FBNzlDNEY5QUUwMi80a1NlTVNJZ0V4NHVkc1FzZk14dDBaTlJC
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRrU2VNU0lnRXg0dWRzUXNmTXh0MFpOUkJ3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENCRjMvMUJDNkVCMjAxMUU3MTFFQUI5MDNBQTc5QzRGOUFFMDIvOEI3MkU0NkE4
NzRCMTFFRDg4NzA5NTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnfhcwDQYJKoZIhvcNAQELBQADggEBAF/DMb8M0ey/8cIp
NhC0LsjGILXPd73EL99d1ynWkiTRe3Qq5182SGdhc/8birEY9QmUpIw/klJAPOLj
2katojmwezDE6HehE/HDJIyAdD3VEWqqdHGJH6KHxK0NsvL7vzNMJ8n6beO9ADa6
jWZAf1v+mvgtJqTKRpCwhW6FsPP208wsySVcMGLAkxwOxlkHReGGBWNtUdbAYRjV
tLgBsLMrnb5ZXkRTHEZRkJKgeX9B+dxg1gP7NiGOrRFKX+2e0cFOE33keAdMOH5i
DASn0cOlz7d2nSbpEvhAuUzt9LSgF+uq1qHszEeAvAQTyTW5jjlbiprNH0j+zR/y
JLTTmdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org