Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/2F306928888C11EE9D5A0D37C4F9AE02.roa
File:                     2F306928888C11EE9D5A0D37C4F9AE02.roa (raw, json)
Hash identifier:          n6MqdhDvWqSTlmqi+xNT3r41S6gyTYgkrau99Dq8ltU=
Subject key identifier:   07:37:8A:A0:D0:7B:99:B3:D4:A3:24:46:BA:85:86:29:C2:42:99:91
Certificate issuer:       /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Certificate serial:       025E
Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/2F306928888C11EE9D5A0D37C4F9AE02.roa
Signing time:             Tue 21 Nov 2023 16:36:57 +0000
ROA not before:           Tue 21 Nov 2023 16:36:57 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     138655
IP address blocks:        103.159.78.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 606 (0x25e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
        Validity
            Not Before: Nov 21 16:36:57 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=655cdca8-6a93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:37:1e:7b:7f:67:6c:48:e8:d3:e7:ca:c3:c8:
                    40:91:48:9a:53:08:6d:66:34:2f:f6:19:0d:77:53:
                    b0:db:d0:31:72:ce:8f:5f:09:a9:4a:80:d3:41:53:
                    f0:12:3d:d9:3d:43:2e:28:c3:82:7d:12:01:fc:ef:
                    61:b2:33:9c:30:2e:0f:fb:d6:4e:8f:41:5e:91:35:
                    da:d5:b9:30:4a:3e:aa:d2:74:9a:09:a1:61:cb:19:
                    42:38:0d:9c:7b:47:63:3c:48:a0:06:7e:9a:d8:d9:
                    b4:90:38:87:82:50:95:01:ee:65:6b:d7:fa:bd:83:
                    67:ca:d1:cb:95:10:93:e8:75:bf:15:af:a1:a6:36:
                    20:2a:9e:c5:e9:1f:66:16:69:66:0d:ba:5f:35:cf:
                    ee:91:13:7f:30:3f:75:6a:7e:77:51:74:ff:79:14:
                    aa:a7:29:28:e8:5b:26:c7:de:b4:97:76:f4:60:83:
                    f9:ce:9b:6f:39:8f:0e:f5:a6:b8:49:2d:3b:2a:f9:
                    b1:89:a1:b0:34:c8:cf:1f:93:87:22:1e:95:cd:22:
                    c2:a7:1e:a5:ef:09:75:da:fb:12:5a:2c:6a:5c:1c:
                    ff:20:9a:45:f8:da:4e:95:e9:a4:e3:80:21:a0:a2:
                    68:fc:e6:bf:75:39:10:28:92:8a:63:2c:39:da:3a:
                    fd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:37:8A:A0:D0:7B:99:B3:D4:A3:24:46:BA:85:86:29:C2:42:99:91
            X509v3 Authority Key Identifier:
                keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/2F306928888C11EE9D5A0D37C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:72:4d:e4:f0:fb:20:70:a9:2e:75:a5:e1:81:3f:75:20:ad:
         d1:79:cc:6e:f5:5a:b0:3c:23:85:a8:6a:89:89:06:6b:c0:63:
         c0:a3:f4:8e:5f:0f:c5:60:46:ca:e1:f1:c1:81:11:1f:79:53:
         d0:4c:35:dd:3c:97:93:ab:d4:8e:2c:14:92:7b:0e:69:89:2f:
         c5:c4:87:7d:78:d7:ff:c0:9c:44:16:ba:c5:2f:18:f9:5a:cd:
         81:12:39:2e:e4:bd:c9:5b:b4:87:eb:aa:86:1c:af:9a:ca:09:
         21:71:a5:59:36:cd:44:38:5a:b4:18:7e:a2:73:cf:f7:2e:8e:
         db:4b:ae:6e:07:ed:6f:fc:ff:60:68:d2:4d:a9:ab:52:75:4b:
         c7:33:a6:40:50:1f:de:fc:b6:a9:7d:cf:a1:a8:f7:32:dc:39:
         7a:be:56:0b:97:68:f0:06:d5:db:1b:98:7d:a3:8d:20:df:85:
         b5:9d:39:0f:f1:46:bd:12:10:4c:04:8c:0c:86:b7:71:ab:b0:
         06:98:dd:27:54:1a:e5:63:7b:26:16:4c:63:0a:b1:45:b6:98:
         95:f4:28:7a:dc:19:61:50:e5:78:d6:0f:0b:3a:1c:24:3a:15:
         e7:38:02:1d:59:69:c3:06:38:6e:c9:fc:74:23:9e:07:40:36:
         fa:1c:c1:42
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB
REQ1RjM0QUMwHhcNMjMxMTIxMTYzNjU3WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjZGNhOC02YTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqTcee39nbEjo0+fKw8hAkUiaUwhtZjQv9hkNd1Ow29Axcs6PXwmpSoDTQVPw
Ej3ZPUMuKMOCfRIB/O9hsjOcMC4P+9ZOj0FekTXa1bkwSj6q0nSaCaFhyxlCOA2c
e0djPEigBn6a2Nm0kDiHglCVAe5la9f6vYNnytHLlRCT6HW/Fa+hpjYgKp7F6R9m
FmlmDbpfNc/ukRN/MD91an53UXT/eRSqpyko6Fsmx960l3b0YIP5zptvOY8O9aa4
SS07KvmxiaGwNMjPH5OHIh6VzSLCpx6l7wl12vsSWixqXBz/IJpF+NpOlemk44Ah
oKJo/Oa/dTkQKJKKYyw52jr9EQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAc3iqDQ
e5mz1KMkRrqFhinCQpmRMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF
MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO
S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFOEUvMDRGQkI4RjBBRTBGMTFFQ0EwMjA1NjY2QzRGOUFFMDIvMkYzMDY5Mjg4
ODhDMTFFRTlENUEwRDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn04wDQYJKoZIhvcNAQELBQADggEBAKByTeTw+yBwqS51
peGBP3UgrdF5zG71WrA8I4WoaomJBmvAY8Cj9I5fD8VgRsrh8cGBER95U9BMNd08
l5Or1I4sFJJ7DmmJL8XEh3141//AnEQWusUvGPlazYESOS7kvclbtIfrqoYcr5rK
CSFxpVk2zUQ4WrQYfqJzz/cujttLrm4H7W/8/2Bo0k2pq1J1S8czpkBQH978tql9
z6Go9zLcOXq+VguXaPAG1dsbmH2jjSDfhbWdOQ/xRr0SEEwEjAyGt3GrsAaY3SdU
GuVjeyYWTGMKsUW2mJX0KHrcGWFQ5XjWDws6HCQ6Fec4Ah1ZacMGOG7J/HQjngdA
NvocwUI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org