Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/25006724A05211EC9475D05BC4F9AE02.roa
File:                     25006724A05211EC9475D05BC4F9AE02.roa (raw, json)
Hash identifier:          +4rfiB33qfEOClyPz86kii4sNuxSIl6W5bUsOLLwdAg=
Subject key identifier:   D2:C8:02:AB:5D:F2:7B:4D:52:3D:99:E8:B1:13:95:76:81:91:2C:96
Certificate issuer:       /CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
Certificate serial:       05B8
Authority key identifier: A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/25006724A05211EC9475D05BC4F9AE02.roa
Signing time:             Sat 03 Dec 2022 00:09:32 +0000
ROA not before:           Sat 03 Dec 2022 00:09:32 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        103.157.136.0/24 maxlen: 24
                          103.157.137.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1464 (0x5b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9186CDF/serialNumber=A5322E98206815276DC12617961938FFC6C8848A
        Validity
            Not Before: Dec  3 00:09:32 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=638a93bb-bd58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a8:e0:29:2d:16:33:47:ff:3a:79:1a:22:24:
                    69:b0:c0:fa:ea:dd:8e:55:41:5f:ee:1d:15:5c:c2:
                    39:e4:63:c4:22:a3:2f:8f:13:e6:f6:89:cf:ef:23:
                    83:2a:57:9b:5a:c7:24:4e:bb:d7:51:ec:03:73:6e:
                    0f:94:fa:91:81:a0:b0:d0:73:80:40:00:00:2f:c5:
                    bb:bb:8a:66:c8:bb:40:e6:13:cc:53:74:d4:4a:a5:
                    25:b3:33:ef:38:89:b2:a5:35:97:5a:e6:3a:35:73:
                    b7:e8:72:d5:dd:41:2e:11:1a:0c:f5:1f:86:fb:2c:
                    cf:42:75:e9:77:4d:6f:9f:90:79:20:eb:19:b7:b1:
                    d5:95:e9:40:d5:ae:07:c7:6a:dc:00:d4:56:9c:79:
                    c3:ef:81:47:c0:bc:e6:b0:c8:5b:de:cc:26:93:89:
                    04:60:b2:b0:ff:55:c7:40:9d:6e:e6:7b:6d:6d:58:
                    7a:3a:e3:87:a2:11:86:24:53:18:18:1a:db:0a:aa:
                    ba:36:ff:0d:dc:d7:44:83:e1:b8:f3:b8:4d:15:46:
                    ec:48:bc:cc:ad:6c:a8:c5:54:07:16:8b:eb:ed:f5:
                    b9:45:da:de:bf:4b:6a:2f:70:6d:d1:3d:0e:2e:63:
                    b7:3a:2a:ad:f0:9a:73:c7:0f:1d:48:cc:28:23:96:
                    a7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:C8:02:AB:5D:F2:7B:4D:52:3D:99:E8:B1:13:95:76:81:91:2C:96
            X509v3 Authority Key Identifier:
                keyid:A5:32:2E:98:20:68:15:27:6D:C1:26:17:96:19:38:FF:C6:C8:84:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/pTIumCBoFSdtwSYXlhk4_8bIhIo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pTIumCBoFSdtwSYXlhk4_8bIhIo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186CDF/4481F0A811DE11EBB9F9F777C4F9AE02/25006724A05211EC9475D05BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:eb:d4:0f:fb:3c:aa:2a:8c:b3:0c:ff:7a:3f:73:56:60:d7:
         03:fb:5a:4a:42:df:7a:78:18:62:bf:51:e8:93:c8:78:91:90:
         68:15:35:ee:2b:49:b1:6a:7f:d9:22:7e:23:53:7a:3e:ea:06:
         89:77:cf:9f:3d:66:2c:3e:35:09:73:97:b6:ac:dc:80:99:cd:
         38:4e:30:48:cc:46:a6:07:a6:31:92:6b:fa:d6:88:02:00:6d:
         1f:21:ad:98:c8:36:8b:cf:31:f5:b8:4f:26:1e:d7:fe:7c:5a:
         91:20:a1:25:84:d5:ea:5e:ce:a7:f2:0a:b2:13:74:07:c7:9a:
         09:62:6a:08:6c:96:3f:96:b7:35:0f:a9:cf:50:db:5b:5d:6f:
         e5:b7:c0:ca:e2:8c:f3:8d:b0:a1:04:48:a9:ad:da:84:94:e1:
         c9:4f:0a:fb:f6:8c:36:99:5a:bc:b9:41:a0:27:65:01:8b:31:
         03:71:53:92:09:cc:0e:c9:c8:4c:d0:09:42:e6:17:d8:cd:bf:
         21:f5:d4:7c:c0:31:41:1f:45:5d:fc:ad:6c:63:8c:8e:02:e3:
         00:71:2c:8e:4e:fe:52:d7:fb:34:11:99:58:78:65:7c:61:7d:
         30:d0:3e:cf:3b:e8:89:21:4e:e0:73:aa:3f:f0:4d:c0:e5:62:
         9c:02:f1:ed
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZDREYxMTAvBgNVBAUTKEE1MzIyRTk4MjA2ODE1Mjc2REMxMjYxNzk2MTkzOEZG
QzZDODg0OEEwHhcNMjIxMjAzMDAwOTMyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhOTNiYi1iZDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzqjgKS0WM0f/OnkaIiRpsMD66t2OVUFf7h0VXMI55GPEIqMvjxPm9onP7yOD
KlebWsckTrvXUewDc24PlPqRgaCw0HOAQAAAL8W7u4pmyLtA5hPMU3TUSqUlszPv
OImypTWXWuY6NXO36HLV3UEuERoM9R+G+yzPQnXpd01vn5B5IOsZt7HVlelA1a4H
x2rcANRWnHnD74FHwLzmsMhb3swmk4kEYLKw/1XHQJ1u5nttbVh6OuOHohGGJFMY
GBrbCqq6Nv8N3NdEg+G487hNFUbsSLzMrWyoxVQHFovr7fW5Rdrev0tqL3Bt0T0O
LmO3Oiqt8Jpzxw8dSMwoI5aneQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNLIAqtd
8ntNUj2Z6LETlXaBkSyWMB8GA1UdIwQYMBaAFKUyLpggaBUnbcEmF5YZOP/GyISK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkNERi80NDgxRjBBODEx
REUxMUVCQjlGOUY3NzdDNEY5QUUwMi9wVEl1bUNCb0ZTZHR3U1lYbGhrNF84Yklo
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BUSXVtQ0JvRlNkdHdTWVhsaGs0XzhiSWhJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZDREYvNDQ4MUYwQTgxMURFMTFFQkI5RjlGNzc3QzRGOUFFMDIvMjUwMDY3MjRB
MDUyMTFFQzk0NzVEMDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnYgwDQYJKoZIhvcNAQELBQADggEBAAPr1A/7PKoqjLMM
/3o/c1Zg1wP7WkpC33p4GGK/UeiTyHiRkGgVNe4rSbFqf9kifiNTej7qBol3z589
Ziw+NQlzl7as3ICZzThOMEjMRqYHpjGSa/rWiAIAbR8hrZjINovPMfW4TyYe1/58
WpEgoSWE1epezqfyCrITdAfHmgliaghslj+WtzUPqc9Q21tdb+W3wMrijPONsKEE
SKmt2oSU4clPCvv2jDaZWry5QaAnZQGLMQNxU5IJzA7JyEzQCULmF9jNvyH11HzA
MUEfRV38rWxjjI4C4wBxLI5O/lLX+zQRmVh4ZXxhfTDQPs876IkhTuBzqj/wTcDl
YpwC8e0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org