Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/85FBDB06750D11EBAFCBD663C4F9AE02.roa
File:                     85FBDB06750D11EBAFCBD663C4F9AE02.roa (raw, json)
Hash identifier:          l5wUCwCB8rS54rW9ZEhfJurg2X3L8znWObS7KN8NtIk=
Subject key identifier:   66:E2:BD:BF:D0:FA:FA:4C:32:DD:82:5C:B6:0B:BE:D9:F1:62:F2:24
Certificate issuer:       /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial:       03EC
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/85FBDB06750D11EBAFCBD663C4F9AE02.roa
Signing time:             Fri 13 May 2022 13:12:43 +0000
ROA not before:           Fri 13 May 2022 13:12:43 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     2914
IP address blocks:        103.110.104.0/24 maxlen: 24
                          103.110.107.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1004 (0x3ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
        Validity
            Not Before: May 13 13:12:43 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=627e594b-aadf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:30:5d:dc:eb:5f:0f:fa:5b:cb:ea:ba:cb:5e:
                    69:84:37:ad:b5:b9:94:be:6e:e8:8a:86:70:c3:9a:
                    b6:88:c3:d7:3a:df:a9:05:64:15:cf:5b:5f:f1:e6:
                    11:a0:e8:15:ac:85:d7:fa:71:28:fe:a6:59:b4:cc:
                    64:a3:c7:a4:4f:4d:5e:34:b8:20:69:5e:a0:7d:cd:
                    5c:75:f0:46:9a:86:13:ea:96:b9:68:c7:09:54:e0:
                    fb:3d:ee:66:3d:32:96:14:83:5e:16:e1:b7:1b:9f:
                    6d:73:68:bb:d2:0b:e4:82:22:e6:8f:3c:1d:21:15:
                    c8:b1:41:f8:91:bb:8e:21:69:7b:2a:b1:a3:a7:4f:
                    1c:58:a9:35:ae:91:00:1c:cf:65:00:95:62:6d:7f:
                    b3:b0:a9:8d:b3:ba:9f:1f:07:89:2b:fb:54:96:d7:
                    79:81:0f:07:06:ee:e4:67:d7:fc:7f:14:2c:1a:9b:
                    23:bc:ef:fa:84:7e:9e:b7:ca:43:7f:b7:da:7f:91:
                    df:ac:e8:34:f6:44:57:d4:94:5f:14:1b:6b:38:f9:
                    c3:18:f6:e6:68:a0:23:d8:e9:43:46:b3:57:78:94:
                    b8:e1:0d:f5:80:4b:0a:0d:54:bc:ee:ec:13:f2:05:
                    e5:99:9b:eb:e2:59:90:f3:35:e1:bf:28:de:21:78:
                    71:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E2:BD:BF:D0:FA:FA:4C:32:DD:82:5C:B6:0B:BE:D9:F1:62:F2:24
            X509v3 Authority Key Identifier:
                keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/85FBDB06750D11EBAFCBD663C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.104.0/24
                  103.110.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:1c:7e:d8:7d:80:7d:9d:06:f3:43:a4:b7:6c:24:b6:c7:e8:
         44:9b:f0:ac:53:a4:23:90:bc:20:60:b7:e3:bc:de:60:3f:66:
         7e:de:cb:c6:a3:7d:38:99:41:d6:ba:c8:86:1b:c7:4f:a8:ee:
         f2:85:7d:8d:a5:83:80:95:8b:2c:fe:68:2c:d5:5e:e8:e1:84:
         2f:3f:7b:5b:6d:5e:92:27:29:5a:f3:79:ab:e5:e5:82:b7:45:
         e4:a4:af:88:dc:c7:ec:3d:19:da:1f:46:10:30:3e:0e:84:d3:
         cb:b9:62:4c:f2:1f:df:f2:b9:10:87:d9:31:45:1d:ad:95:b1:
         b6:92:88:bd:9d:61:dd:6a:0a:02:5f:b2:d4:a2:1e:1f:b6:bc:
         b9:dc:ee:e4:3c:0a:04:e6:ae:68:e6:c9:e1:9e:2e:43:24:f6:
         99:fb:1c:8e:61:01:c7:76:3c:49:c0:5c:50:96:42:06:c1:d4:
         db:04:9c:d0:da:8d:78:a8:7e:fa:e9:96:d1:20:71:4c:1d:23:
         c0:40:42:a4:d8:66:ab:f9:a0:ac:4b:ec:c1:31:14:93:59:9e:
         9a:67:0d:db:aa:0e:e8:87:de:e7:a9:26:c7:1b:1d:db:7f:c9:
         7e:33:73:0d:57:d0:32:90:48:f7:7c:59:cb:a1:32:3d:ba:23:
         55:8f:1a:bf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjIwNTEzMTMxMjQzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdlNTk0Yi1hYWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoTBd3OtfD/pby+q6y15phDettbmUvm7oioZww5q2iMPXOt+pBWQVz1tf8eYR
oOgVrIXX+nEo/qZZtMxko8ekT01eNLggaV6gfc1cdfBGmoYT6pa5aMcJVOD7Pe5m
PTKWFINeFuG3G59tc2i70gvkgiLmjzwdIRXIsUH4kbuOIWl7KrGjp08cWKk1rpEA
HM9lAJVibX+zsKmNs7qfHweJK/tUltd5gQ8HBu7kZ9f8fxQsGpsjvO/6hH6et8pD
f7faf5HfrOg09kRX1JRfFBtrOPnDGPbmaKAj2OlDRrNXeJS44Q31gEsKDVS87uwT
8gXlmZvr4lmQ8zXhvyjeIXhxvwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGbivb/Q
+vpMMt2CXLYLvtnxYvIkMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvODVGQkRCMDY3
NTBEMTFFQkFGQ0JENjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnbmgDBABnbmswDQYJKoZIhvcNAQELBQADggEBAHYcfth9
gH2dBvNDpLdsJLbH6ESb8KxTpCOQvCBgt+O83mA/Zn7ey8ajfTiZQda6yIYbx0+o
7vKFfY2lg4CViyz+aCzVXujhhC8/e1ttXpInKVrzeavl5YK3ReSkr4jcx+w9Gdof
RhAwPg6E08u5YkzyH9/yuRCH2TFFHa2VsbaSiL2dYd1qCgJfstSiHh+2vLnc7uQ8
CgTmrmjmyeGeLkMk9pn7HI5hAcd2PEnAXFCWQgbB1NsEnNDajXiofvrpltEgcUwd
I8BAQqTYZqv5oKxL7MExFJNZnppnDduqDuiH3uepJscbHdt/yX4zcw1X0DKQSPd8
WcuhMj26I1WPGr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org