Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/15B27E085C9F11EB99CD3865C4F9AE02.roa
File:                     15B27E085C9F11EB99CD3865C4F9AE02.roa (raw, json)
Hash identifier:          rgKsjksGEbjKBGbRACai/wW0PJ5cZA4ez9YZXI25SnA=
Subject key identifier:   FD:30:5F:A5:C3:71:39:39:2D:F0:68:BC:9A:11:7A:5B:49:61:EB:06
Certificate issuer:       /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial:       03EF
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/15B27E085C9F11EB99CD3865C4F9AE02.roa
Signing time:             Fri 13 May 2022 13:12:46 +0000
ROA not before:           Fri 13 May 2022 13:12:46 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        103.110.104.0/24 maxlen: 24
                          103.110.105.0/24 maxlen: 24
                          103.110.106.0/24 maxlen: 24
                          103.110.107.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1007 (0x3ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
        Validity
            Not Before: May 13 13:12:46 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=627e594e-d3bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1d:25:1b:75:a7:e4:4a:08:52:95:52:31:e2:
                    aa:f7:8c:a6:66:2c:53:a0:53:a4:07:13:ce:7a:b2:
                    30:5a:0f:01:8d:07:f9:9c:3c:5b:cd:f2:4b:b7:c2:
                    1a:52:12:b4:34:8f:d2:db:21:22:0c:30:03:5d:00:
                    c4:e4:3d:43:30:87:e4:8d:c4:ef:60:c2:0e:65:39:
                    75:0f:ff:37:27:eb:06:b5:bc:9a:78:1d:5a:9d:81:
                    82:91:18:f4:50:08:33:4a:e3:ca:57:bb:c9:f1:6d:
                    aa:3a:87:a7:9f:2c:f2:26:31:c8:74:b0:88:68:47:
                    95:5f:be:d8:cb:08:82:e5:b9:cd:81:b7:80:b4:3c:
                    59:69:a2:4b:74:2a:a8:5c:1d:13:ec:00:35:15:94:
                    b3:91:0c:48:e9:8f:f8:65:d9:68:75:8f:34:50:66:
                    d7:2f:e1:a5:60:4f:32:e4:75:32:78:d8:d2:26:5c:
                    a0:1e:0b:0f:0a:b3:ba:30:af:90:e4:ae:58:ee:7c:
                    0e:6a:a1:8b:aa:91:e1:2d:90:58:a6:02:e2:fc:81:
                    70:6e:45:f0:48:aa:ea:6d:00:fd:54:e5:79:9e:36:
                    b6:f7:37:17:72:c2:46:35:d7:0b:47:87:cf:bd:c7:
                    d9:67:b0:f3:54:f6:3a:f3:0a:24:5b:de:c5:8d:93:
                    e1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:30:5F:A5:C3:71:39:39:2D:F0:68:BC:9A:11:7A:5B:49:61:EB:06
            X509v3 Authority Key Identifier:
                keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/15B27E085C9F11EB99CD3865C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e8:45:53:69:94:40:cd:b2:a6:d0:39:7d:07:a7:9e:f3:4f:be:
         6e:9e:96:a7:40:08:09:e2:d9:47:62:18:12:12:29:fd:86:5a:
         b3:e9:c8:6e:47:08:2f:c0:9a:54:67:7a:f3:94:87:94:56:5f:
         50:fd:3d:3e:f0:ea:1a:b1:90:25:50:42:44:1f:33:ce:f6:7a:
         c2:f1:f4:dc:b4:54:ce:ae:20:68:8e:27:d7:03:f0:1d:f5:9b:
         f4:87:7e:74:7f:c2:9b:eb:d2:5d:2a:5e:e4:36:d8:8c:e9:6d:
         ae:31:d7:18:45:e8:45:71:64:1e:0b:83:45:07:34:f4:9d:b7:
         fd:9c:26:b5:7c:1b:19:e2:41:f9:be:e3:60:3f:32:a8:01:ad:
         75:3f:2d:68:74:a7:a5:27:fb:b6:c1:8d:f1:87:b2:95:26:bb:
         f1:92:69:bf:69:dd:e1:22:e5:d0:1e:85:ee:9b:03:8d:e3:55:
         cb:c4:47:b1:12:6b:95:f0:97:06:53:f3:10:c9:c9:a3:e1:20:
         04:5a:a2:4c:28:02:94:30:47:00:f8:1a:30:cb:cc:c3:44:66:
         ca:3a:0f:bc:26:10:81:85:7a:36:2e:a3:c4:05:b8:ca:e7:a0:
         a2:ae:ee:22:bd:55:10:d9:e7:e2:69:03:b6:ed:87:1e:74:38:
         de:ed:da:da
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjIwNTEzMTMxMjQ2WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdlNTk0ZS1kM2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxx0lG3Wn5EoIUpVSMeKq94ymZixToFOkBxPOerIwWg8BjQf5nDxbzfJLt8Ia
UhK0NI/S2yEiDDADXQDE5D1DMIfkjcTvYMIOZTl1D/83J+sGtbyaeB1anYGCkRj0
UAgzSuPKV7vJ8W2qOoennyzyJjHIdLCIaEeVX77YywiC5bnNgbeAtDxZaaJLdCqo
XB0T7AA1FZSzkQxI6Y/4ZdlodY80UGbXL+GlYE8y5HUyeNjSJlygHgsPCrO6MK+Q
5K5Y7nwOaqGLqpHhLZBYpgLi/IFwbkXwSKrqbQD9VOV5nja29zcXcsJGNdcLR4fP
vcfZZ7DzVPY68wokW97FjZPhrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP0wX6XD
cTk5LfBovJoReltJYesGMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvMTVCMjdFMDg1
QzlGMTFFQjk5Q0QzODY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnbmgwDQYJKoZIhvcNAQELBQADggEBAOhFU2mUQM2yptA5
fQennvNPvm6elqdACAni2UdiGBISKf2GWrPpyG5HCC/AmlRnevOUh5RWX1D9PT7w
6hqxkCVQQkQfM872esLx9Ny0VM6uIGiOJ9cD8B31m/SHfnR/wpvr0l0qXuQ22Izp
ba4x1xhF6EVxZB4Lg0UHNPSdt/2cJrV8GxniQfm+42A/MqgBrXU/LWh0p6Un+7bB
jfGHspUmu/GSab9p3eEi5dAehe6bA43jVcvER7ESa5XwlwZT8xDJyaPhIARaokwo
ApQwRwD4GjDLzMNEZso6D7wmEIGFejYuo8QFuMrnoKKu7iK9VRDZ5+JpA7bthx50
ON7t2to=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org