Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/23CF8C0889B511EC866E770DC4F9AE02.roa
File:                     23CF8C0889B511EC866E770DC4F9AE02.roa (raw, json)
Hash identifier:          61A5aTuGxsuevH7TP0kWtPVTMPFwMmtZgRbkTiwRhgA=
Subject key identifier:   C5:9A:6F:19:74:3D:03:A2:5C:64:C4:2A:44:15:29:F8:1A:DD:F9:09
Certificate issuer:       /CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
Certificate serial:       0217
Authority key identifier: 68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/23CF8C0889B511EC866E770DC4F9AE02.roa
Signing time:             Wed 09 Feb 2022 14:32:43 +0000
ROA not before:           Wed 09 Feb 2022 14:32:43 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     137449
IP address blocks:        103.167.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 535 (0x217)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
        Validity
            Not Before: Feb  9 14:32:43 2022 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=6203d08a-6464
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:95:68:f0:51:57:1f:eb:86:91:69:8b:db:ce:
                    2a:cf:8e:a3:7b:fc:01:f2:49:26:1f:75:0d:fe:ac:
                    41:56:ea:96:53:3b:25:c5:12:2d:a3:0e:35:53:02:
                    85:ed:37:12:e1:aa:86:e2:29:70:6b:70:af:d3:e0:
                    39:6c:8f:6c:1a:a5:ff:9f:25:99:5f:07:a5:93:01:
                    3f:c4:93:77:65:a2:44:83:62:1e:fd:c4:d8:d6:e1:
                    5b:23:e4:dd:a2:75:7b:22:f4:38:c4:fb:ec:99:df:
                    fd:7b:e0:35:34:3e:cb:b7:35:86:ce:a7:3a:d1:94:
                    63:7d:b4:54:e3:52:80:e2:38:1a:fc:52:6b:6a:15:
                    2b:52:a2:e1:98:65:74:80:f1:11:93:ca:92:b1:f1:
                    b3:4c:9a:03:ca:45:d7:0a:b4:37:b0:75:dd:45:21:
                    4b:86:ba:e1:e2:eb:fd:1d:29:b9:22:eb:29:3c:6b:
                    1f:21:4d:78:11:f1:5c:0e:4d:40:da:0b:46:4e:07:
                    71:f4:87:37:2c:bb:58:65:ae:53:2d:72:c9:65:fa:
                    b3:07:84:51:43:0d:0f:86:21:88:58:78:1a:0d:38:
                    36:73:c8:c2:f7:61:78:0e:27:24:f6:e8:ad:05:38:
                    9a:90:02:4d:06:40:82:6d:87:f0:5c:b4:c3:2c:e3:
                    28:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:9A:6F:19:74:3D:03:A2:5C:64:C4:2A:44:15:29:F8:1A:DD:F9:09
            X509v3 Authority Key Identifier:
                keyid:68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/aIDTI6o_LVFGBQZA8yGmEpAA3wM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/23CF8C0889B511EC866E770DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.167.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:7a:31:24:44:0f:bf:0a:e0:b3:53:b4:50:cb:96:78:a8:27:
         cd:30:28:5a:09:ce:13:af:f3:4a:a4:25:59:26:52:7d:00:bb:
         7f:ad:5d:ff:2f:00:09:93:98:5f:2b:cf:12:ac:ec:77:f3:67:
         03:3f:04:88:2f:bc:b2:ba:42:e8:12:92:b1:20:98:65:1e:50:
         77:60:5d:51:01:72:f1:5d:52:ea:77:53:0d:d3:0c:92:5b:a9:
         1b:30:88:17:a6:0f:db:d1:f6:98:9e:32:b8:93:81:ef:d1:42:
         09:d4:1a:ec:f7:07:5f:b8:d6:27:33:e3:54:d5:91:12:5f:99:
         22:b6:e6:a0:da:b0:78:60:46:e2:66:23:75:5f:53:e2:c6:34:
         d2:e4:18:3a:37:62:54:2a:eb:45:61:a1:fa:5a:16:d7:a5:b9:
         5e:d0:ba:9b:de:d5:52:2f:5b:55:50:23:01:52:5d:c7:b5:2a:
         85:96:92:7a:68:3a:c3:b8:e9:0d:6d:80:39:46:26:93:18:b8:
         98:f0:68:e5:ca:36:5e:e7:cc:02:6f:82:c2:fa:90:1c:45:b2:
         86:af:0d:40:81:5b:ec:f6:d9:e2:83:5e:a1:7f:26:64:e6:48:
         da:c0:15:ae:51:a8:72:79:59:0a:1d:f5:01:18:42:38:40:1d:
         77:d7:34:05
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFGN0ExMTAvBgNVBAUTKDY4ODBEMzIzQUEzRjJENTE0NjA1MDY0MEYzMjFBNjEy
OTAwMERGMDMwHhcNMjIwMjA5MTQzMjQzWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAzZDA4YS02NDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwpVo8FFXH+uGkWmL284qz46je/wB8kkmH3UN/qxBVuqWUzslxRItow41UwKF
7TcS4aqG4ilwa3Cv0+A5bI9sGqX/nyWZXwelkwE/xJN3ZaJEg2Ie/cTY1uFbI+Td
onV7IvQ4xPvsmd/9e+A1ND7LtzWGzqc60ZRjfbRU41KA4jga/FJrahUrUqLhmGV0
gPERk8qSsfGzTJoDykXXCrQ3sHXdRSFLhrrh4uv9HSm5IuspPGsfIU14EfFcDk1A
2gtGTgdx9Ic3LLtYZa5TLXLJZfqzB4RRQw0PhiGIWHgaDTg2c8jC92F4Dick9uit
BTiakAJNBkCCbYfwXLTDLOMoxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMWabxl0
PQOiXGTEKkQVKfga3fkJMB8GA1UdIwQYMBaAFGiA0yOqPy1RRgUGQPMhphKQAN8D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUY3QS9FMDUzMzMzNkJB
QzkxMUVCQjgwN0Q1MUNDNEY5QUUwMi9hSURUSTZvX0xWRkdCUVpBOHlHbUVwQUEz
d00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJRFRJNm9fTFZGR0JRWkE4eUdtRXBBQTN3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFGN0EvRTA1MzMzMzZCQUM5MTFFQkI4MDdENTFDQzRGOUFFMDIvMjNDRjhDMDg4
OUI1MTFFQzg2NkU3NzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpykwDQYJKoZIhvcNAQELBQADggEBAHN6MSRED78K4LNT
tFDLlnioJ80wKFoJzhOv80qkJVkmUn0Au3+tXf8vAAmTmF8rzxKs7HfzZwM/BIgv
vLK6QugSkrEgmGUeUHdgXVEBcvFdUup3Uw3TDJJbqRswiBemD9vR9pieMriTge/R
QgnUGuz3B1+41icz41TVkRJfmSK25qDasHhgRuJmI3VfU+LGNNLkGDo3YlQq60Vh
ofpaFteluV7Qupve1VIvW1VQIwFSXce1KoWWknpoOsO46Q1tgDlGJpMYuJjwaOXK
Nl7nzAJvgsL6kBxFsoavDUCBW+z22eKDXqF/JmTmSNrAFa5RqHJ5WQod9QEYQjhA
HXfXNAU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org