Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9159234/6A8E00EAEF8A11EBA2921764C4F9AE02/154BE43E227611EC99BE986DC4F9AE02.roa
File:                     154BE43E227611EC99BE986DC4F9AE02.roa (raw, json)
Hash identifier:          RSou0syhaJ/MbGIWwMhuHjCBLBfFjSXD2yEfQxc9iVM=
Subject key identifier:   95:9C:11:7A:5E:3D:AF:C6:70:C8:C1:F5:52:06:D4:A5:9E:4C:4D:8D
Certificate issuer:       /CN=A9159234/serialNumber=C3DEC7FDDD45C9517260864FA9EEBCFE7B8BCF57
Certificate serial:       0320
Authority key identifier: C3:DE:C7:FD:DD:45:C9:51:72:60:86:4F:A9:EE:BC:FE:7B:8B:CF:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w97H_d1FyVFyYIZPqe68_nuLz1c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9159234/6A8E00EAEF8A11EBA2921764C4F9AE02/154BE43E227611EC99BE986DC4F9AE02.roa
Signing time:             Fri 26 Aug 2022 02:41:50 +0000
ROA not before:           Fri 26 Aug 2022 02:41:50 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     212477
IP address blocks:        103.170.154.0/24 maxlen: 24
                          103.170.155.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 800 (0x320)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9159234/serialNumber=C3DEC7FDDD45C9517260864FA9EEBCFE7B8BCF57
        Validity
            Not Before: Aug 26 02:41:50 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=630832ee-24de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:68:05:dd:5b:36:81:a2:b3:1f:db:cb:fb:3e:
                    3f:0b:3c:dd:df:f3:1a:9c:97:cf:6d:56:aa:32:ce:
                    13:6f:d7:e8:91:5b:35:33:98:ae:f2:d3:b3:af:76:
                    9b:4b:9a:e1:06:53:e6:a1:c5:bc:04:8c:c7:ca:de:
                    bc:5e:c1:7e:c6:72:97:71:c2:7c:91:0a:83:0d:11:
                    09:7e:b5:87:f7:fc:33:a8:2d:a2:2f:4a:45:40:9d:
                    bf:eb:e4:1d:76:48:7b:84:ab:19:2b:98:6e:99:50:
                    5e:31:46:49:73:41:bb:ab:70:9c:ff:69:fa:1f:1d:
                    ce:05:63:8d:18:b3:a7:f4:38:28:fb:fa:e5:b9:77:
                    7e:50:a8:90:e9:ff:92:9d:b3:18:a7:a8:8c:27:1c:
                    09:b5:06:be:87:3d:d2:a7:e7:f7:0f:63:39:e2:88:
                    c5:fd:4e:79:7e:de:40:0c:b2:19:44:cc:b3:f2:3e:
                    f0:a2:ed:74:0b:80:4a:21:5c:08:7b:fe:06:20:43:
                    33:38:a5:b9:aa:29:70:ce:a8:ec:02:cd:f2:05:2c:
                    36:72:51:d9:33:17:da:23:c7:c1:a9:8d:7d:cf:96:
                    9f:95:d5:27:61:61:3d:15:2f:77:63:36:b4:78:3c:
                    34:62:f5:c1:c5:e6:f6:b0:64:aa:b0:3d:d3:aa:36:
                    59:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:9C:11:7A:5E:3D:AF:C6:70:C8:C1:F5:52:06:D4:A5:9E:4C:4D:8D
            X509v3 Authority Key Identifier:
                keyid:C3:DE:C7:FD:DD:45:C9:51:72:60:86:4F:A9:EE:BC:FE:7B:8B:CF:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9159234/6A8E00EAEF8A11EBA2921764C4F9AE02/w97H_d1FyVFyYIZPqe68_nuLz1c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w97H_d1FyVFyYIZPqe68_nuLz1c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159234/6A8E00EAEF8A11EBA2921764C4F9AE02/154BE43E227611EC99BE986DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.170.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:45:50:da:73:de:62:b1:a2:5f:d7:73:93:14:0e:c6:ff:2b:
         27:8f:fe:82:e1:66:65:58:f1:d9:ad:bd:89:62:b1:fb:30:16:
         2b:8f:2f:e5:75:c3:3c:5b:f0:c0:07:52:9b:af:35:dc:85:88:
         8b:24:94:7a:e7:0b:7a:fe:29:00:68:70:27:be:c7:75:31:1d:
         5d:ff:9c:c1:1c:1e:0b:3b:de:8b:93:11:d2:df:db:3e:2f:45:
         33:0d:6f:f2:b0:51:14:37:d0:24:ea:de:d5:69:36:a7:d1:52:
         7d:62:ab:42:1e:18:bf:51:6c:1d:20:ce:83:e8:ab:c4:86:b5:
         0c:be:e9:72:f7:97:14:ec:50:4d:8e:48:03:9c:f9:fa:8e:00:
         01:54:68:94:e5:86:b5:4b:c5:3f:0f:da:2b:21:38:85:79:56:
         1a:07:f3:f2:ba:42:98:d6:09:ac:a8:94:73:0b:6c:ec:0f:55:
         f0:a9:33:a1:88:6c:86:11:84:6b:0c:ff:9a:de:ee:97:08:fb:
         a6:9a:06:02:36:17:97:49:22:d5:91:c6:59:88:2a:ca:42:78:
         04:89:96:46:e4:fa:d3:51:9e:f1:90:75:1b:b6:bf:b7:4e:9f:
         38:22:95:ca:c3:e1:71:38:cd:28:4f:6f:e4:a3:5b:3e:0a:00:
         56:74:9e:be
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkyMzQxMTAvBgNVBAUTKEMzREVDN0ZEREQ0NUM5NTE3MjYwODY0RkE5RUVCQ0ZF
N0I4QkNGNTcwHhcNMjIwODI2MDI0MTUwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4MzJlZS0yNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA02gF3Vs2gaKzH9vL+z4/Czzd3/ManJfPbVaqMs4Tb9fokVs1M5iu8tOzr3ab
S5rhBlPmocW8BIzHyt68XsF+xnKXccJ8kQqDDREJfrWH9/wzqC2iL0pFQJ2/6+Qd
dkh7hKsZK5humVBeMUZJc0G7q3Cc/2n6Hx3OBWONGLOn9Dgo+/rluXd+UKiQ6f+S
nbMYp6iMJxwJtQa+hz3Sp+f3D2M54ojF/U55ft5ADLIZRMyz8j7wou10C4BKIVwI
e/4GIEMzOKW5qilwzqjsAs3yBSw2clHZMxfaI8fBqY19z5afldUnYWE9FS93Yza0
eDw0YvXBxeb2sGSqsD3TqjZZYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJWcEXpe
Pa/GcMjB9VIG1KWeTE2NMB8GA1UdIwQYMBaAFMPex/3dRclRcmCGT6nuvP57i89X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTIzNC82QThFMDBFQUVG
OEExMUVCQTI5MjE3NjRDNEY5QUUwMi93OTdIX2QxRnlWRnlZSVpQcWU2OF9udUx6
MWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3c5N0hfZDFGeVZGeVlJWlBxZTY4X251THoxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkyMzQvNkE4RTAwRUFFRjhBMTFFQkEyOTIxNzY0QzRGOUFFMDIvMTU0QkU0M0Uy
Mjc2MTFFQzk5QkU5ODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnqpowDQYJKoZIhvcNAQELBQADggEBAEtFUNpz3mKxol/X
c5MUDsb/KyeP/oLhZmVY8dmtvYlisfswFiuPL+V1wzxb8MAHUpuvNdyFiIsklHrn
C3r+KQBocCe+x3UxHV3/nMEcHgs73ouTEdLf2z4vRTMNb/KwURQ30CTq3tVpNqfR
Un1iq0IeGL9RbB0gzoPoq8SGtQy+6XL3lxTsUE2OSAOc+fqOAAFUaJTlhrVLxT8P
2ishOIV5VhoH8/K6QpjWCayolHMLbOwPVfCpM6GIbIYRhGsM/5re7pcI+6aaBgI2
F5dJItWRxlmIKspCeASJlkbk+tNRnvGQdRu2v7dOnzgilcrD4XE4zShPb+SjWz4K
AFZ0nr4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org