Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/D9C45E5204D011EE8CC14910C4F9AE02.roa
File:                     D9C45E5204D011EE8CC14910C4F9AE02.roa (raw, json)
Hash identifier:          uoh1zQUO1IEmsi64yqbN4uusbzs/R/FURz1+JgF7ZPk=
Subject key identifier:   62:B0:B4:38:D2:BD:89:B8:6F:7D:F0:97:5B:B4:FE:DE:55:68:8D:97
Certificate issuer:       /CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Certificate serial:       99
Authority key identifier: 72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/D9C45E5204D011EE8CC14910C4F9AE02.roa
Signing time:             Wed 07 Jun 2023 01:15:55 +0000
ROA not before:           Wed 07 Jun 2023 01:15:55 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     399045
IP address blocks:        103.4.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153 (0x99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
        Validity
            Not Before: Jun  7 01:15:55 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=647fda4b-a589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:98:01:10:17:15:07:d7:1f:a2:bc:14:c4:11:
                    48:6a:b6:c5:ef:53:27:3c:d6:f0:63:13:1e:37:9e:
                    e0:b6:ce:20:17:de:d4:21:df:a7:e1:d2:ec:e8:bd:
                    c1:0d:af:ba:ac:1a:28:2a:07:6f:73:ad:32:09:a3:
                    d5:b9:8a:12:92:61:08:ac:40:86:22:b3:d8:f6:d8:
                    15:a2:75:35:fb:39:98:cb:51:10:ef:45:e3:ab:3a:
                    62:6e:72:e6:30:66:84:c6:36:8a:54:08:4f:7b:ef:
                    bd:29:34:99:21:58:93:02:a7:0a:7f:42:e9:ab:f0:
                    b4:56:43:2d:4b:76:04:16:48:c4:3f:af:0f:c5:4e:
                    74:26:0d:1c:51:dc:ab:af:3b:ef:be:67:c7:97:9d:
                    31:6a:3f:3f:3e:46:5f:d7:fa:e7:4c:a5:f5:51:89:
                    41:9a:74:c1:d3:68:f0:42:b7:b5:e0:2e:40:87:09:
                    17:56:ed:0f:af:e1:51:46:7e:c1:24:1b:fd:d3:db:
                    d3:63:9f:1a:51:ee:3c:b7:a8:bc:ae:41:c7:25:12:
                    df:53:8e:ed:d2:09:df:05:8a:8b:87:26:03:7d:85:
                    aa:33:7a:50:f7:1b:8e:04:07:55:17:14:4e:e6:68:
                    4d:2a:17:d7:84:01:3b:c7:a0:98:a9:b5:ef:bc:91:
                    bc:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B0:B4:38:D2:BD:89:B8:6F:7D:F0:97:5B:B4:FE:DE:55:68:8D:97
            X509v3 Authority Key Identifier:
                keyid:72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/cp4vnB2HwhRzUHjP0hxjjgcVe10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/D9C45E5204D011EE8CC14910C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.4.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:75:aa:b8:1f:4d:77:54:08:44:ce:e7:6a:7e:11:a9:de:6c:
         0d:49:7e:17:be:d6:62:18:40:89:a0:8a:81:1d:39:2b:4c:aa:
         63:23:58:be:dc:06:0a:51:a9:91:2f:dd:3a:c2:9b:c2:67:e7:
         24:1d:c1:4b:d1:af:bc:d1:23:2a:8d:66:ec:fb:4c:c7:25:e0:
         52:5f:92:86:77:ae:66:a5:0b:cd:0c:26:8b:82:46:57:91:41:
         79:99:f5:10:cc:19:31:98:1a:4b:0e:4e:1f:a4:30:dd:27:35:
         d4:48:0f:25:1c:c9:db:12:03:e1:d1:8e:91:92:de:6c:c6:b8:
         de:ec:2b:29:b5:ee:5e:8c:5e:aa:76:e5:80:56:73:cf:11:09:
         fd:b1:3c:81:be:90:6f:59:08:e8:26:3c:ec:7a:de:49:15:ed:
         bc:69:07:ca:c6:bf:70:f0:24:2b:e6:0b:10:af:bb:66:c3:07:
         a8:f5:c2:dc:46:6c:98:b6:bf:6f:d4:1c:b7:31:b1:af:27:1c:
         b5:07:ad:b9:31:ed:11:2c:0c:d6:71:94:cc:4f:a2:83:c4:d0:
         0a:65:14:fc:d9:58:5e:79:c6:13:20:2f:99:c0:c5:9c:9f:a7:
         1d:54:84:66:c0:6e:9a:f3:89:21:63:18:de:8f:8c:e9:40:f7:
         6b:f1:87:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjgwN0ExMTAvBgNVBAUTKDcyOUUyRjlDMUQ4N0MyMTQ3MzUwNzhDRkQyMUM2MzhF
MDcxNTdCNUQwHhcNMjMwNjA3MDExNTU1WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmZGE0Yi1hNTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1JgBEBcVB9cforwUxBFIarbF71MnPNbwYxMeN57gts4gF97UId+n4dLs6L3B
Da+6rBooKgdvc60yCaPVuYoSkmEIrECGIrPY9tgVonU1+zmYy1EQ70XjqzpibnLm
MGaExjaKVAhPe++9KTSZIViTAqcKf0Lpq/C0VkMtS3YEFkjEP68PxU50Jg0cUdyr
rzvvvmfHl50xaj8/PkZf1/rnTKX1UYlBmnTB02jwQre14C5AhwkXVu0Pr+FRRn7B
JBv909vTY58aUe48t6i8rkHHJRLfU47t0gnfBYqLhyYDfYWqM3pQ9xuOBAdVFxRO
5mhNKhfXhAE7x6CYqbXvvJG8KQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGKwtDjS
vYm4b33wl1u0/t5VaI2XMB8GA1UdIwQYMBaAFHKeL5wdh8IUc1B4z9IcY44HFXtd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODA3QS8wMjYzQUI0ODNF
ODgxMUVEQTYxQTlCMkFDNEY5QUUwMi9jcDR2bkIySHdoUnpVSGpQMGh4ampnY1Zl
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NwNHZuQjJId2hSelVIalAwaHhqamdjVmUxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjgwN0EvMDI2M0FCNDgzRTg4MTFFREE2MUE5QjJBQzRGOUFFMDIvRDlDNDVFNTIw
NEQwMTFFRThDQzE0OTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnBGUwDQYJKoZIhvcNAQELBQADggEBAAN1qrgfTXdUCETO
52p+EanebA1Jfhe+1mIYQImgioEdOStMqmMjWL7cBgpRqZEv3TrCm8Jn5yQdwUvR
r7zRIyqNZuz7TMcl4FJfkoZ3rmalC80MJouCRleRQXmZ9RDMGTGYGksOTh+kMN0n
NdRIDyUcydsSA+HRjpGS3mzGuN7sKym17l6MXqp25YBWc88RCf2xPIG+kG9ZCOgm
POx63kkV7bxpB8rGv3DwJCvmCxCvu2bDB6j1wtxGbJi2v2/UHLcxsa8nHLUHrbkx
7REsDNZxlMxPooPE0AplFPzZWF55xhMgL5nAxZyfpx1UhGbAbprziSFjGN6PjOlA
92vxh4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-ams.rpki-client.org