Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9175906/8CCCCBA483E711ECA0034F6BC4F9AE02/95E3252A84CE11ECAED6B97AC4F9AE02.roa
File:                     95E3252A84CE11ECAED6B97AC4F9AE02.roa (raw, json)
Hash identifier:          OyH4z3vBNZ2/qcmcyaphMnGtjQUh1P3xnf6dFgq++H0=
Subject key identifier:   96:1D:2D:93:F4:98:8D:39:B4:E2:80:C3:0A:D9:0D:14:B7:A3:A2:03
Certificate issuer:       /CN=A9175906/serialNumber=9D1BACD40A8259924CD2C56951A43E0BF872D686
Certificate serial:       03
Authority key identifier: 9D:1B:AC:D4:0A:82:59:92:4C:D2:C5:69:51:A4:3E:0B:F8:72:D6:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nRus1AqCWZJM0sVpUaQ-C_hy1oY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9175906/8CCCCBA483E711ECA0034F6BC4F9AE02/95E3252A84CE11ECAED6B97AC4F9AE02.roa
Signing time:             Thu 03 Feb 2022 08:52:16 +0000
ROA not before:           Thu 03 Feb 2022 08:52:16 +0000
ROA not after:            Mon 01 May 2023 00:00:00 +0000
asID:                     139922
IP address blocks:        103.180.240.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9175906/serialNumber=9D1BACD40A8259924CD2C56951A43E0BF872D686
        Validity
            Not Before: Feb  3 08:52:16 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=61fb97bf-7ca4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:45:35:aa:10:45:2f:1c:26:91:02:62:69:f1:
                    ce:1f:be:b4:57:86:19:6c:c1:dc:cf:70:a0:01:33:
                    2e:db:42:e2:16:72:d6:f1:13:3e:a5:e2:8e:27:56:
                    e5:56:b1:5d:37:08:6d:f0:e7:3f:8e:fb:ae:9b:17:
                    e5:1f:23:5f:ce:e3:b2:0d:21:c7:bf:2a:3b:5d:8c:
                    a1:53:dc:15:94:f8:0b:49:a8:98:85:d2:88:ff:26:
                    56:6d:6d:89:d5:e7:05:39:a5:e7:a8:93:ce:1e:45:
                    2a:5a:0a:a8:d7:b9:5d:b8:da:16:8a:0f:da:02:8c:
                    62:fd:2b:a9:83:af:2f:78:1f:c7:ef:3e:4d:5d:a7:
                    58:13:85:c6:56:c2:01:d7:0a:6e:52:7d:98:eb:f8:
                    7b:cd:32:32:7a:58:7a:4f:0a:42:05:f8:64:2d:2c:
                    65:58:6a:cf:27:fa:97:e4:cd:3f:6b:54:a6:58:6e:
                    80:23:57:f3:7a:53:98:8d:4e:fc:6c:20:07:a4:75:
                    0d:9c:37:10:00:e2:fa:41:56:a4:43:7e:5b:29:05:
                    61:5a:69:1b:63:40:bd:9d:f8:9d:57:dd:43:91:f1:
                    c6:28:cd:6c:8a:f1:9d:fa:47:82:ad:d1:88:35:a7:
                    af:62:3e:13:38:71:aa:50:04:72:c1:2d:e3:a9:de:
                    8d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:1D:2D:93:F4:98:8D:39:B4:E2:80:C3:0A:D9:0D:14:B7:A3:A2:03
            X509v3 Authority Key Identifier:
                keyid:9D:1B:AC:D4:0A:82:59:92:4C:D2:C5:69:51:A4:3E:0B:F8:72:D6:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9175906/8CCCCBA483E711ECA0034F6BC4F9AE02/nRus1AqCWZJM0sVpUaQ-C_hy1oY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nRus1AqCWZJM0sVpUaQ-C_hy1oY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175906/8CCCCBA483E711ECA0034F6BC4F9AE02/95E3252A84CE11ECAED6B97AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.180.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bb:63:ce:89:27:25:c5:f7:cf:d0:fa:90:79:70:d6:9c:ea:4f:
         14:2d:4d:2b:d1:8c:68:18:82:42:c1:aa:a4:7c:af:a2:4f:47:
         25:df:f5:ca:92:46:fd:21:07:eb:54:f8:6f:29:0e:33:01:66:
         f6:85:94:97:cc:85:21:9c:81:ac:f1:2a:3e:9b:03:52:f3:8f:
         b6:88:14:00:7d:6d:7f:ac:a9:76:42:4b:29:e7:a9:cc:60:bf:
         3a:cc:9a:34:1b:7e:87:74:4d:e1:1c:1f:80:24:19:39:eb:f7:
         ec:2b:03:c2:65:73:76:c4:93:f7:52:9a:78:e2:59:96:7a:93:
         1c:53:b5:d3:54:c3:b6:32:4a:4e:13:12:a2:49:7d:1a:a2:a7:
         ab:13:a5:c0:06:a8:60:3f:d1:e6:5a:1a:52:19:5b:c2:0d:1f:
         b3:b2:a4:f7:06:c2:1e:74:5a:a6:f4:ef:6a:5e:61:cc:fa:7f:
         44:cd:aa:88:88:64:21:96:29:88:91:49:26:86:e0:7a:ca:b6:
         dd:6d:d5:bb:1e:7a:95:c1:4c:4f:ee:8d:10:4d:4c:0d:15:5e:
         d0:24:86:b8:41:0e:07:1f:6e:0b:04:f2:ed:0c:05:30:cc:7b:
         0a:39:70:64:d4:74:a8:58:7c:0f:09:8f:08:c8:50:8d:76:a7:
         e9:d2:dc:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTkwNjExMC8GA1UEBRMoOUQxQkFDRDQwQTgyNTk5MjRDRDJDNTY5NTFBNDNFMEJG
ODcyRDY4NjAeFw0yMjAyMDMwODUyMTZaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZmI5N2JmLTdjYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNRTWqEEUvHCaRAmJp8c4fvrRXhhlswdzPcKABMy7bQuIWctbxEz6l4o4nVuVW
sV03CG3w5z+O+66bF+UfI1/O47INIce/KjtdjKFT3BWU+AtJqJiF0oj/JlZtbYnV
5wU5peeok84eRSpaCqjXuV242haKD9oCjGL9K6mDry94H8fvPk1dp1gThcZWwgHX
Cm5SfZjr+HvNMjJ6WHpPCkIF+GQtLGVYas8n+pfkzT9rVKZYboAjV/N6U5iNTvxs
IAekdQ2cNxAA4vpBVqRDflspBWFaaRtjQL2d+J1X3UOR8cYozWyK8Z36R4Kt0Yg1
p69iPhM4capQBHLBLeOp3o3DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlh0tk/SY
jTm04oDDCtkNFLejogMwHwYDVR0jBBgwFoAUnRus1AqCWZJM0sVpUaQ+C/hy1oYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1OTA2LzhDQ0NDQkE0ODNF
NzExRUNBMDAzNEY2QkM0RjlBRTAyL25SdXMxQXFDV1pKTTBzVnBVYVEtQ19oeTFv
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvblJ1czFBcUNXWkpNMHNWcFVhUS1DX2h5MW9ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTkwNi84Q0NDQ0JBNDgzRTcxMUVDQTAwMzRGNkJDNEY5QUUwMi85NUUzMjUyQTg0
Q0UxMUVDQUVENkI5N0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe08DANBgkqhkiG9w0BAQsFAAOCAQEAu2POiSclxffP0PqQ
eXDWnOpPFC1NK9GMaBiCQsGqpHyvok9HJd/1ypJG/SEH61T4bykOMwFm9oWUl8yF
IZyBrPEqPpsDUvOPtogUAH1tf6ypdkJLKeepzGC/OsyaNBt+h3RN4RwfgCQZOev3
7CsDwmVzdsST91KaeOJZlnqTHFO101TDtjJKThMSokl9GqKnqxOlwAaoYD/R5loa
Uhlbwg0fs7Kk9wbCHnRapvTval5hzPp/RM2qiIhkIZYpiJFJJobgesq23W3Vux56
lcFMT+6NEE1MDRVe0CSGuEEOBx9uCwTy7QwFMMx7CjlwZNR0qFh8DwmPCMhQjXan
6dLcQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org