Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/B612D9FA040011EE89624085C4F9AE02.roa
File:                     B612D9FA040011EE89624085C4F9AE02.roa (raw, json)
Hash identifier:          QNLT4oUcSBQKi1rNG1md5wyAgf3UljIorIcNatJjVAs=
Subject key identifier:   07:CC:14:10:21:A4:C9:CB:A4:9E:9B:05:90:7C:A1:84:29:1F:CA:E4
Certificate issuer:       /CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Certificate serial:       97
Authority key identifier: 72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/B612D9FA040011EE89624085C4F9AE02.roa
Signing time:             Tue 06 Jun 2023 00:26:00 +0000
ROA not before:           Tue 06 Jun 2023 00:26:00 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     57844
IP address blocks:        103.4.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151 (0x97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
        Validity
            Not Before: Jun  6 00:26:00 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=647e7d17-1a36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5b:4b:6c:37:48:4a:0c:85:06:66:8e:45:6b:
                    23:d9:c8:47:42:09:5b:9d:e1:0c:77:9c:ed:7f:ba:
                    03:13:03:6f:c4:11:36:f9:6b:f1:ee:c9:2a:b3:83:
                    77:55:99:e8:c5:0b:a6:e2:30:3b:39:05:bf:e6:15:
                    b0:40:28:be:50:8c:b0:29:c7:c0:48:f8:8b:61:c2:
                    ad:2c:47:34:48:f8:1d:7d:57:77:b7:02:39:80:96:
                    03:23:56:3e:e0:e0:ba:1d:2c:44:25:28:1b:6b:3b:
                    2c:5d:dd:d5:64:5d:74:08:da:72:ec:bb:8b:3f:0a:
                    df:24:e9:da:86:d2:d4:40:d9:0c:72:9b:54:fb:1b:
                    a1:55:ea:33:32:fd:06:f4:30:bb:5f:ac:00:1a:e7:
                    b8:1b:31:94:39:a9:03:53:ab:ef:c8:1e:b4:8d:8d:
                    70:89:ae:59:26:07:6a:9d:49:d2:c0:76:06:30:00:
                    9d:47:aa:23:82:f0:f9:c2:fb:b0:4c:0f:3d:67:14:
                    fd:55:7b:29:a8:04:a8:c8:b0:58:2f:f2:0c:b2:35:
                    b8:26:59:a9:b7:d3:94:d9:28:32:1a:ba:af:ab:52:
                    b1:40:65:4a:09:d7:99:47:cb:50:07:d0:68:df:74:
                    fc:3a:b7:d2:4a:d6:bf:0f:16:40:ed:f4:6b:10:6a:
                    48:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:CC:14:10:21:A4:C9:CB:A4:9E:9B:05:90:7C:A1:84:29:1F:CA:E4
            X509v3 Authority Key Identifier:
                keyid:72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/cp4vnB2HwhRzUHjP0hxjjgcVe10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/B612D9FA040011EE89624085C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.4.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:26:b5:e3:36:b4:3a:c6:cb:1b:89:55:b7:b9:cf:4f:6f:42:
         19:8a:a8:5c:5c:98:cb:86:62:c1:01:9f:20:05:dd:48:1f:57:
         e9:d5:f6:ca:a5:06:8f:08:8e:fe:33:5d:8c:eb:9d:a0:40:79:
         27:ae:1a:47:fc:4e:f5:13:f8:d6:8e:83:b0:2d:72:b2:ff:c7:
         d6:72:ed:26:ba:b3:a5:fb:0f:38:db:78:39:32:0d:47:b3:43:
         d6:b9:e1:bf:df:35:95:a7:04:33:4b:e2:b0:dd:3a:39:e8:2f:
         4a:7e:dc:9a:d8:bc:7f:df:ef:c6:5b:88:08:97:13:f6:1e:05:
         cc:06:84:c3:cf:fc:97:04:52:ab:cd:b2:8e:0c:01:60:56:e8:
         f1:3d:0d:18:3f:81:15:d3:bf:57:f8:d7:93:5c:be:ee:d5:f0:
         f4:3d:d1:63:82:34:19:02:fe:30:2d:06:be:68:24:fd:a0:ab:
         e2:3f:2e:b1:d5:21:3e:5f:2e:79:fb:c5:b4:bd:d3:56:57:67:
         47:dc:92:69:4b:b4:92:ff:6f:dc:5f:15:8c:81:ec:60:c1:93:
         c7:ee:dc:56:aa:f6:ba:45:82:e0:70:34:40:f5:14:7e:01:0a:
         c9:c8:52:65:6c:43:d1:f3:22:80:3e:7a:28:50:c0:7d:14:a2:
         5b:b7:66:23
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjgwN0ExMTAvBgNVBAUTKDcyOUUyRjlDMUQ4N0MyMTQ3MzUwNzhDRkQyMUM2MzhF
MDcxNTdCNUQwHhcNMjMwNjA2MDAyNjAwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdlN2QxNy0xYTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1VtLbDdISgyFBmaORWsj2chHQglbneEMd5ztf7oDEwNvxBE2+Wvx7skqs4N3
VZnoxQum4jA7OQW/5hWwQCi+UIywKcfASPiLYcKtLEc0SPgdfVd3twI5gJYDI1Y+
4OC6HSxEJSgbazssXd3VZF10CNpy7LuLPwrfJOnahtLUQNkMcptU+xuhVeozMv0G
9DC7X6wAGue4GzGUOakDU6vvyB60jY1wia5ZJgdqnUnSwHYGMACdR6ojgvD5wvuw
TA89ZxT9VXspqASoyLBYL/IMsjW4Jlmpt9OU2SgyGrqvq1KxQGVKCdeZR8tQB9Bo
33T8OrfSSta/DxZA7fRrEGpIOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAfMFBAh
pMnLpJ6bBZB8oYQpH8rkMB8GA1UdIwQYMBaAFHKeL5wdh8IUc1B4z9IcY44HFXtd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODA3QS8wMjYzQUI0ODNF
ODgxMUVEQTYxQTlCMkFDNEY5QUUwMi9jcDR2bkIySHdoUnpVSGpQMGh4ampnY1Zl
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NwNHZuQjJId2hSelVIalAwaHhqamdjVmUxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjgwN0EvMDI2M0FCNDgzRTg4MTFFREE2MUE5QjJBQzRGOUFFMDIvQjYxMkQ5RkEw
NDAwMTFFRTg5NjI0MDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnBGQwDQYJKoZIhvcNAQELBQADggEBACMmteM2tDrGyxuJ
Vbe5z09vQhmKqFxcmMuGYsEBnyAF3UgfV+nV9sqlBo8Ijv4zXYzrnaBAeSeuGkf8
TvUT+NaOg7AtcrL/x9Zy7Sa6s6X7DzjbeDkyDUezQ9a54b/fNZWnBDNL4rDdOjno
L0p+3JrYvH/f78ZbiAiXE/YeBcwGhMPP/JcEUqvNso4MAWBW6PE9DRg/gRXTv1f4
15Ncvu7V8PQ90WOCNBkC/jAtBr5oJP2gq+I/LrHVIT5fLnn7xbS901ZXZ0fckmlL
tJL/b9xfFYyB7GDBk8fu3Faq9rpFguBwNED1FH4BCsnIUmVsQ9HzIoA+eihQwH0U
olu3ZiM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org