Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/58361122FD0711EC8301DB0AC4F9AE02.roa
File:                     58361122FD0711EC8301DB0AC4F9AE02.roa (raw, json)
Hash identifier:          8yzW3RbYifuYg+QOqv69SZbbPA4DJVMyulZlhYpef0A=
Subject key identifier:   8A:70:C9:A5:91:23:F3:5D:D0:64:0A:15:1F:74:28:CF:19:36:C7:A3
Certificate issuer:       /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial:       31F4
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/58361122FD0711EC8301DB0AC4F9AE02.roa
Signing time:             Wed 06 Jul 2022 08:40:53 +0000
ROA not before:           Wed 06 Jul 2022 08:40:53 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     55933
IP address blocks:        103.21.136.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12788 (0x31f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
        Validity
            Not Before: Jul  6 08:40:53 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=62c54a95-fe69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:07:e8:b0:ab:43:42:ef:66:f6:b3:8d:f3:e5:
                    3b:d9:c1:bc:c1:22:57:d1:e9:53:f4:d7:d1:c8:e4:
                    4c:b9:f4:bf:86:72:01:aa:a3:9e:c2:d0:4e:2f:b7:
                    b9:41:98:85:97:3b:c2:ea:7c:b7:5c:10:d9:dc:59:
                    bb:46:68:8f:53:ad:f0:24:40:71:9f:3d:a5:2a:f9:
                    fb:65:c1:8c:cd:aa:c1:b3:9e:5e:21:b2:b5:a6:18:
                    a6:08:ee:c7:7f:f7:06:d0:94:64:38:97:d8:6d:7b:
                    d3:59:70:a6:5c:4f:75:f4:8d:0f:23:94:04:47:21:
                    26:87:64:78:ed:10:00:55:47:16:e7:f1:df:a7:2e:
                    9a:ff:88:b1:c6:29:6a:27:61:5a:e0:ce:0d:a6:c8:
                    10:da:45:bb:d8:77:bc:03:0b:74:eb:ee:3a:5f:bb:
                    5d:e9:0a:17:07:4a:61:80:48:25:96:80:5a:3b:90:
                    e2:87:da:66:8e:41:51:d3:07:10:c6:91:48:2a:20:
                    25:94:90:c1:ad:f3:af:6d:57:68:8a:9a:d8:06:0e:
                    23:7c:e9:0c:11:25:c4:25:ae:bb:47:60:84:e4:bc:
                    e4:57:d2:94:d5:34:52:b8:89:55:63:91:03:b3:d6:
                    25:a6:cb:ba:24:dc:11:db:fc:66:46:db:39:7f:30:
                    b2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:70:C9:A5:91:23:F3:5D:D0:64:0A:15:1F:74:28:CF:19:36:C7:A3
            X509v3 Authority Key Identifier:
                keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/58361122FD0711EC8301DB0AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.21.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:f6:7c:00:fc:db:28:cf:1f:d9:e6:47:3d:5c:fc:97:0a:8b:
         a8:e1:95:88:f3:cb:dc:fc:e4:36:b6:29:a7:91:e5:83:8e:48:
         67:ed:ef:b8:92:ba:3b:07:2f:43:42:f1:7c:ee:0a:1c:71:f0:
         35:aa:d9:aa:36:e0:df:dd:93:af:86:7c:d3:a6:1e:8f:5e:e0:
         14:ed:c0:b1:d2:4e:62:eb:e7:50:91:53:3d:6f:64:73:f4:23:
         8a:27:af:66:b4:be:24:dc:c1:c8:09:63:78:ff:40:89:cd:ed:
         cd:20:82:58:44:9c:8c:e7:d1:3b:0f:0d:89:01:a3:5b:f2:da:
         3b:d0:94:a2:94:24:5f:86:70:04:23:d7:d4:1d:dd:ef:8e:e8:
         d0:fb:b2:73:99:3c:7d:a3:ab:93:92:7e:0f:00:39:f2:04:cf:
         22:39:1d:6c:a3:a5:6e:a4:91:76:32:2f:84:46:f2:80:6d:52:
         27:ac:19:60:be:21:00:00:a3:98:9e:99:fd:a0:f8:da:71:92:
         5b:e1:68:59:1a:fa:f0:c6:e3:8a:fc:82:93:34:bb:50:34:aa:
         00:55:64:5a:ff:72:b0:6f:87:00:52:49:81:af:79:24:c9:b9:
         57:9a:a6:f4:e8:46:ba:ab:f4:14:b0:73:51:c8:ae:3a:2d:3f:
         83:99:c1:4f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMfQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjIwNzA2MDg0MDUzWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM1NGE5NS1mZTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQfosKtDQu9m9rON8+U72cG8wSJX0elT9NfRyORMufS/hnIBqqOewtBOL7e5
QZiFlzvC6ny3XBDZ3Fm7RmiPU63wJEBxnz2lKvn7ZcGMzarBs55eIbK1phimCO7H
f/cG0JRkOJfYbXvTWXCmXE919I0PI5QERyEmh2R47RAAVUcW5/Hfpy6a/4ixxilq
J2Fa4M4NpsgQ2kW72He8Awt06+46X7td6QoXB0phgEglloBaO5Dih9pmjkFR0wcQ
xpFIKiAllJDBrfOvbVdoiprYBg4jfOkMESXEJa67R2CE5LzkV9KU1TRSuIlVY5ED
s9Ylpsu6JNwR2/xmRts5fzCygQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIpwyaWR
I/Nd0GQKFR90KM8ZNsejMB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvNTgzNjExMjJG
RDA3MTFFQzgzMDFEQjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnFYgwDQYJKoZIhvcNAQELBQADggEBAEX2fAD82yjPH9nm
Rz1c/JcKi6jhlYjzy9z85Da2KaeR5YOOSGft77iSujsHL0NC8XzuChxx8DWq2ao2
4N/dk6+GfNOmHo9e4BTtwLHSTmLr51CRUz1vZHP0I4onr2a0viTcwcgJY3j/QInN
7c0gglhEnIzn0TsPDYkBo1vy2jvQlKKUJF+GcAQj19Qd3e+O6ND7snOZPH2jq5OS
fg8AOfIEzyI5HWyjpW6kkXYyL4RG8oBtUiesGWC+IQAAo5iemf2g+NpxklvhaFka
+vDG44r8gpM0u1A0qgBVZFr/crBvhwBSSYGveSTJuVeapvToRrqr9BSwc1HIrjot
P4OZwU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org