Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/27B027D62F6F11EE88DB9130C4F9AE02.roa
File:                     27B027D62F6F11EE88DB9130C4F9AE02.roa (raw, json)
Hash identifier:          HBL4kn87V3byLVwopKlHvmcBRX/sX8yhQbSnzTZmKIw=
Subject key identifier:   65:31:5E:B6:41:BB:29:7F:88:0A:24:8A:2B:EB:0E:3C:C7:74:0E:98
Certificate issuer:       /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial:       0586
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/27B027D62F6F11EE88DB9130C4F9AE02.roa
Signing time:             Mon 31 Jul 2023 06:54:55 +0000
ROA not before:           Mon 31 Jul 2023 06:54:55 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     141731
IP address blocks:        103.203.177.0/24 maxlen: 24
                          103.203.178.0/24 maxlen: 24
                          223.29.214.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1414 (0x586)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
        Validity
            Not Before: Jul 31 06:54:55 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=64c75abf-2da7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:58:7f:19:43:d0:6c:21:e6:20:3f:de:d4:a0:
                    ba:a0:36:d4:df:de:bc:1e:c9:3c:f6:fe:08:c8:b7:
                    49:2a:d8:56:ca:18:d7:0b:2c:af:aa:11:6c:bb:42:
                    bf:d9:f7:d1:34:c8:d1:d4:7c:ca:5f:e2:64:f4:72:
                    6e:a8:1d:8d:d7:27:f7:2d:fe:14:0b:d9:73:6c:74:
                    1b:ac:a5:9f:be:5a:dd:1b:93:ef:47:51:ae:6e:45:
                    1a:17:46:37:d8:75:73:a1:88:e0:25:c1:56:29:44:
                    f4:78:94:58:ee:f0:d0:f4:d4:1a:03:c5:3e:5a:14:
                    6a:62:8b:8f:16:99:83:8f:45:52:b0:96:72:9d:a9:
                    50:25:a7:36:3f:95:2d:08:1a:01:2e:e2:8a:fa:8a:
                    a7:4e:4c:ff:a2:5d:6b:19:76:8f:37:a7:83:98:f9:
                    4b:ec:bb:d0:e4:0a:b9:a9:cd:5c:a8:d4:dd:a5:51:
                    00:cd:7f:e5:1f:19:ee:ee:0a:74:17:fd:ed:9c:8c:
                    66:8c:1d:52:e6:ba:c0:63:07:1c:6d:0c:76:14:95:
                    68:99:a5:bf:42:42:c7:69:78:52:8e:0c:90:1f:99:
                    68:a2:a6:68:a1:34:0f:32:58:46:0f:5c:bd:a2:23:
                    9b:b5:ba:2a:5f:78:7b:3e:f6:ce:13:c8:82:6e:82:
                    c4:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:31:5E:B6:41:BB:29:7F:88:0A:24:8A:2B:EB:0E:3C:C7:74:0E:98
            X509v3 Authority Key Identifier:
                keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/27B027D62F6F11EE88DB9130C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.203.177.0-103.203.178.255
                  223.29.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:41:20:a5:29:13:85:69:83:3f:ca:b5:8a:7d:c8:89:fe:e1:
         7a:77:4f:69:12:c8:6d:f3:86:3e:30:11:d4:f7:10:66:8a:9d:
         93:94:ba:ce:f9:2e:e6:42:b4:00:dd:40:ca:fb:5d:7e:88:94:
         54:fe:62:e7:ba:1d:9c:96:81:a9:00:93:e7:b3:0b:2d:e9:5d:
         de:a8:5c:43:28:d2:2b:02:23:77:3a:77:10:53:24:b7:d0:b8:
         02:6f:2f:25:14:a4:28:d2:d1:16:de:9e:0f:65:8e:a5:4f:ee:
         04:24:78:33:e2:99:f7:8c:71:3d:cc:0a:e6:06:00:2b:08:f5:
         84:f1:8f:1d:2c:ec:74:9d:a2:c2:f1:a5:f1:8c:7c:a7:97:f1:
         92:30:b7:8f:6f:84:81:1c:98:00:a1:c7:38:78:7c:e0:7c:59:
         f0:9b:eb:f9:df:41:2a:e2:49:34:21:ca:7d:d7:93:f8:a7:7c:
         75:90:da:df:e4:8f:49:a2:98:c3:cb:b1:66:7a:db:e6:03:b3:
         54:67:89:b5:bf:39:83:48:97:e7:6b:d8:cc:67:61:93:e0:a0:
         da:55:ba:7e:ad:82:a8:9b:47:45:24:96:72:5e:23:ab:8d:bf:
         9d:9a:93:4c:ab:c6:c7:ff:85:0e:1b:e6:81:fe:6f:b5:f1:bb:
         e3:25:de:16
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjMwNzMxMDY1NDU1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM3NWFiZi0yZGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnlh/GUPQbCHmID/e1KC6oDbU3968Hsk89v4IyLdJKthWyhjXCyyvqhFsu0K/
2ffRNMjR1HzKX+Jk9HJuqB2N1yf3Lf4UC9lzbHQbrKWfvlrdG5PvR1GubkUaF0Y3
2HVzoYjgJcFWKUT0eJRY7vDQ9NQaA8U+WhRqYouPFpmDj0VSsJZynalQJac2P5Ut
CBoBLuKK+oqnTkz/ol1rGXaPN6eDmPlL7LvQ5Aq5qc1cqNTdpVEAzX/lHxnu7gp0
F/3tnIxmjB1S5rrAYwccbQx2FJVomaW/QkLHaXhSjgyQH5looqZooTQPMlhGD1y9
oiObtboqX3h7PvbOE8iCboLE5QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFGUxXrZB
uyl/iAokiivrDjzHdA6YMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvMjdCMDI3RDYy
RjZGMTFFRTg4REI5MTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAGfLsQMEAGfLsgMEAN8d1jANBgkqhkiG9w0BAQsFAAOC
AQEAjkEgpSkThWmDP8q1in3Iif7hendPaRLIbfOGPjAR1PcQZoqdk5S6zvku5kK0
AN1AyvtdfoiUVP5i57odnJaBqQCT57MLLeld3qhcQyjSKwIjdzp3EFMkt9C4Am8v
JRSkKNLRFt6eD2WOpU/uBCR4M+KZ94xxPcwK5gYAKwj1hPGPHSzsdJ2iwvGl8Yx8
p5fxkjC3j2+EgRyYAKHHOHh84HxZ8Jvr+d9BKuJJNCHKfdeT+Kd8dZDa3+SPSaKY
w8uxZnrb5gOzVGeJtb85g0iX52vYzGdhk+Cg2lW6fq2CqJtHRSSWcl4jq42/nZqT
TKvGx/+FDhvmgf5vtfG74yXeFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org