Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1C51BBC4632611EB8444A935C4F9AE02.roa
File:                     1C51BBC4632611EB8444A935C4F9AE02.roa (raw, json)
Hash identifier:          r12mYpKJQLcreWhErLMIowH6kmfyJQDXf9JqCMAfkRs=
Subject key identifier:   6C:65:43:ED:71:0D:EA:2B:9C:E3:C7:FA:F9:8C:07:2C:07:24:66:B4
Certificate issuer:       /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial:       0582
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1C51BBC4632611EB8444A935C4F9AE02.roa
Signing time:             Mon 03 Apr 2023 01:11:35 +0000
ROA not before:           Mon 03 Apr 2023 01:11:35 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     32181
IP address blocks:        103.110.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1410 (0x582)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
        Validity
            Not Before: Apr  3 01:11:35 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=642a27c7-b678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f6:8f:ba:3c:17:2d:10:0c:9a:d4:a7:0e:33:
                    3c:6f:59:0b:27:48:59:15:27:e4:5d:62:24:a6:b5:
                    eb:3f:09:27:27:99:85:f4:7a:73:c1:65:7e:3b:71:
                    21:ae:79:95:c5:51:d5:40:18:1a:f5:71:0a:92:7c:
                    9d:a5:d3:8c:45:02:56:79:e6:bf:c3:17:1f:43:97:
                    25:64:1d:d1:46:d3:51:df:b9:8e:67:8b:a1:c9:19:
                    bf:39:bc:ea:87:c2:c6:33:f4:3e:4f:04:0f:25:7e:
                    4c:ad:28:ad:99:75:ff:34:e8:20:58:17:1f:47:83:
                    65:31:32:e1:28:4b:1e:22:25:4c:09:0b:a0:f5:83:
                    8e:46:13:43:ed:7d:61:7f:c2:05:52:6e:59:01:b4:
                    89:8b:c3:6c:18:cb:a9:bc:4b:15:7f:15:d1:0d:e4:
                    77:c5:40:e4:45:0b:b6:cb:50:8a:fc:91:21:7a:4d:
                    ad:e9:7f:b9:8f:cb:99:b7:76:f2:c7:02:7a:a9:b0:
                    f3:30:56:ed:ea:35:ec:ce:fc:37:27:9d:01:27:66:
                    46:82:31:e4:25:5e:86:0a:aa:65:22:6a:e6:22:17:
                    97:de:d4:5f:51:6c:c5:26:a7:8f:52:44:f6:09:0c:
                    77:8f:3e:d9:41:98:29:a3:ae:fb:e1:33:ba:b8:32:
                    94:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:65:43:ED:71:0D:EA:2B:9C:E3:C7:FA:F9:8C:07:2C:07:24:66:B4
            X509v3 Authority Key Identifier:
                keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1C51BBC4632611EB8444A935C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:b1:16:70:7e:12:27:a1:3f:b5:37:f0:c9:74:d0:ff:ba:6e:
         5f:2a:9a:03:7c:84:f8:de:70:1e:10:ff:95:bd:c2:ee:2f:d0:
         f4:c7:bb:f6:b2:8d:23:89:0f:29:22:ab:19:e8:b2:69:a7:10:
         68:0b:4f:0e:01:80:14:87:43:c8:82:75:5c:a8:c7:46:2a:2a:
         b9:37:13:8e:f1:8d:49:ee:67:c6:24:b5:75:c4:20:d2:25:35:
         6e:a5:d6:a4:f6:69:83:ed:6b:da:94:04:fb:d7:7b:82:05:27:
         be:d8:f7:a4:f7:55:3c:5d:f2:30:f2:d0:0f:0c:a8:9f:4e:64:
         17:16:65:de:d7:88:85:f4:1e:d5:33:ea:10:1e:b3:86:e9:08:
         c8:ee:e9:2e:9b:fc:c9:e3:88:46:7e:85:4f:1b:ea:3b:1f:6b:
         56:33:7b:c6:0a:f7:d6:1f:95:cd:82:9c:79:e8:d9:c3:4d:22:
         57:80:71:16:ae:96:d4:f1:c9:15:29:8c:65:eb:a7:8a:9d:41:
         23:ed:30:9b:7c:a8:8a:53:5d:90:b9:be:59:15:96:50:25:70:
         ff:a6:81:2c:c1:4d:f0:04:59:19:41:74:68:c2:78:b1:1e:cc:
         e6:56:7c:af:31:00:f5:00:c9:b8:77:c4:c8:fc:f2:d0:56:11:
         82:f3:2b:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjMwNDAzMDExMTM1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJhMjdjNy1iNjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1faPujwXLRAMmtSnDjM8b1kLJ0hZFSfkXWIkprXrPwknJ5mF9HpzwWV+O3Eh
rnmVxVHVQBga9XEKknydpdOMRQJWeea/wxcfQ5clZB3RRtNR37mOZ4uhyRm/Obzq
h8LGM/Q+TwQPJX5MrSitmXX/NOggWBcfR4NlMTLhKEseIiVMCQug9YOORhND7X1h
f8IFUm5ZAbSJi8NsGMupvEsVfxXRDeR3xUDkRQu2y1CK/JEhek2t6X+5j8uZt3by
xwJ6qbDzMFbt6jXszvw3J50BJ2ZGgjHkJV6GCqplImrmIheX3tRfUWzFJqePUkT2
CQx3jz7ZQZgpo6774TO6uDKUOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGxlQ+1x
DeornOPH+vmMBywHJGa0MB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvMUM1MUJCQzQ2
MzI2MTFFQjg0NDRBOTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbmowDQYJKoZIhvcNAQELBQADggEBAFixFnB+EiehP7U3
8Ml00P+6bl8qmgN8hPjecB4Q/5W9wu4v0PTHu/ayjSOJDykiqxnosmmnEGgLTw4B
gBSHQ8iCdVyox0YqKrk3E47xjUnuZ8YktXXEINIlNW6l1qT2aYPta9qUBPvXe4IF
J77Y96T3VTxd8jDy0A8MqJ9OZBcWZd7XiIX0HtUz6hAes4bpCMju6S6b/MnjiEZ+
hU8b6jsfa1Yze8YK99Yflc2CnHno2cNNIleAcRaultTxyRUpjGXrp4qdQSPtMJt8
qIpTXZC5vlkVllAlcP+mgSzBTfAEWRlBdGjCeLEezOZWfK8xAPUAybh3xMj88tBW
EYLzKxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org