Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/2C95D590318C11EB81323A61C4F9AE02.roa
File:                     2C95D590318C11EB81323A61C4F9AE02.roa (raw, json)
Hash identifier:          JVIQX4A0OAKwB6MQ0CeSb2dxp1vdwGxKAyVBfVTpPew=
Subject key identifier:   8D:23:20:23:4F:86:7D:26:79:AB:A5:21:CF:26:28:C1:90:FE:6D:04
Certificate issuer:       /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
Certificate serial:       16A2
Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/2C95D590318C11EB81323A61C4F9AE02.roa
Signing time:             Wed 07 Sep 2022 17:34:05 +0000
ROA not before:           Wed 07 Sep 2022 17:34:05 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     58689
IP address blocks:        103.99.250.0/24 maxlen: 24
                          103.99.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5794 (0x16a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52
        Validity
            Not Before: Sep  7 17:34:05 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6318d60c-50c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ad:54:e6:e9:d4:04:8a:21:2d:83:a2:a2:5c:
                    90:0f:c7:5a:33:6c:0f:0c:5a:4e:14:a9:76:bc:6f:
                    7e:4c:44:48:33:cc:15:44:fb:65:49:7a:79:7b:c4:
                    4c:0c:c7:ca:8e:c3:8a:aa:76:c4:9e:a8:c4:d2:65:
                    aa:9c:2a:cc:e3:4a:48:ce:b5:ce:35:f2:e3:ea:02:
                    8e:c0:56:d9:dd:21:15:cb:84:f2:df:b5:9a:ec:c1:
                    20:b0:ac:09:42:8d:3f:e4:cf:3a:39:bd:01:d4:8b:
                    09:ef:c8:c5:6d:63:f5:1a:1b:e7:6d:25:56:79:ad:
                    f2:58:91:36:24:73:ed:df:cc:42:54:f1:ea:b7:bd:
                    28:62:00:bf:95:5f:24:36:fb:a0:a3:e6:cb:0c:01:
                    87:f6:05:c3:dd:6c:10:68:49:2b:85:81:e4:4d:67:
                    09:59:62:a1:16:e3:30:ef:b2:d1:dc:fd:c2:30:a6:
                    4f:33:2d:5f:4a:a9:3c:7d:98:42:1a:8a:cd:2c:e1:
                    a1:44:2c:cd:2e:8b:8b:31:a1:8f:b5:57:23:54:90:
                    a5:aa:71:24:74:ef:f7:af:90:3e:43:a6:f3:0a:ff:
                    b8:fa:aa:a8:86:08:94:5a:8b:7a:c3:5d:9a:7a:d4:
                    50:a8:d3:ee:94:08:9f:f4:7a:7e:76:e6:c1:57:86:
                    c2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:23:20:23:4F:86:7D:26:79:AB:A5:21:CF:26:28:C1:90:FE:6D:04
            X509v3 Authority Key Identifier:
                keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/2C95D590318C11EB81323A61C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.99.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:3a:d4:66:aa:64:5b:4e:dc:19:5e:d6:cf:1a:eb:9a:0f:0b:
         ec:2f:18:d2:17:9d:3f:9e:70:ae:55:64:d1:96:73:98:da:c1:
         70:7b:9a:e3:75:cb:82:ac:39:f0:50:4f:c1:c5:0b:e6:84:3a:
         ec:5f:32:f0:3f:89:e5:ed:22:9c:89:e3:24:f9:69:95:fb:1f:
         df:73:d4:99:22:7f:a1:5a:68:7f:27:21:2b:de:f2:85:28:32:
         37:55:7c:1e:0a:cb:1a:63:34:ec:51:83:20:f9:37:22:48:09:
         fc:67:24:09:5e:f2:d8:e6:d6:5e:14:d5:10:f9:93:aa:4a:4c:
         3f:84:ed:c8:9e:58:d2:2c:74:78:fb:1f:35:33:53:06:8e:fb:
         df:f3:dc:e1:a3:1b:31:25:26:27:14:9c:a8:d1:be:38:4a:da:
         fa:fa:1d:75:8a:d8:36:a3:1c:e7:1e:07:de:62:41:ad:96:4d:
         fb:09:d0:07:98:8b:d7:8a:84:4b:e1:f4:4e:9a:bf:07:be:8e:
         27:72:3b:17:2f:74:4f:8d:7a:bb:3d:52:29:59:d5:59:c2:47:
         6f:e2:26:e2:cc:57:71:e1:85:df:9c:13:01:b0:c5:31:b8:ae:
         e5:ed:c9:65:9e:e5:a8:e9:9a:ca:6e:c7:aa:76:1e:9b:1d:cd:
         27:37:d4:94
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF
NTdGNTFDNTIwHhcNMjIwOTA3MTczNDA1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE4ZDYwYy01MGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv61U5unUBIohLYOiolyQD8daM2wPDFpOFKl2vG9+TERIM8wVRPtlSXp5e8RM
DMfKjsOKqnbEnqjE0mWqnCrM40pIzrXONfLj6gKOwFbZ3SEVy4Ty37Wa7MEgsKwJ
Qo0/5M86Ob0B1IsJ78jFbWP1GhvnbSVWea3yWJE2JHPt38xCVPHqt70oYgC/lV8k
Nvugo+bLDAGH9gXD3WwQaEkrhYHkTWcJWWKhFuMw77LR3P3CMKZPMy1fSqk8fZhC
GorNLOGhRCzNLouLMaGPtVcjVJClqnEkdO/3r5A+Q6bzCv+4+qqohgiUWot6w12a
etRQqNPulAif9Hp+dubBV4bCowIDAQABo4IClTCCApEwHQYDVR0OBBYEFI0jICNP
hn0meaulIc8mKMGQ/m0EMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB
NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvMkM5NUQ1OTAz
MThDMTFFQjgxMzIzQTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnY/owDQYJKoZIhvcNAQELBQADggEBAAg61GaqZFtO3Ble
1s8a65oPC+wvGNIXnT+ecK5VZNGWc5jawXB7muN1y4KsOfBQT8HFC+aEOuxfMvA/
ieXtIpyJ4yT5aZX7H99z1Jkif6FaaH8nISve8oUoMjdVfB4KyxpjNOxRgyD5NyJI
CfxnJAle8tjm1l4U1RD5k6pKTD+E7cieWNIsdHj7HzUzUwaO+9/z3OGjGzElJicU
nKjRvjhK2vr6HXWK2DajHOceB95iQa2WTfsJ0AeYi9eKhEvh9E6avwe+jidyOxcv
dE+Ners9UilZ1VnCR2/iJuLMV3Hhhd+cEwGwxTG4ruXtyWWe5ajpmspux6p2Hpsd
zSc31JQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org