Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/AB33887E726311EDBFC1323DC4F9AE02.roa
File:                     AB33887E726311EDBFC1323DC4F9AE02.roa (raw, json)
Hash identifier:          2rmt93iFrd2qlG3LmCL4Ojmj1ZC7cOaA7umGvsDEHQM=
Subject key identifier:   D2:41:4C:7D:FD:D4:25:FA:CD:0B:A6:7A:43:CB:05:01:87:D8:2E:82
Certificate issuer:       /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial:       0B6C
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/AB33887E726311EDBFC1323DC4F9AE02.roa
Signing time:             Fri 31 Mar 2023 20:06:56 +0000
ROA not before:           Fri 31 Mar 2023 20:06:56 +0000
ROA not after:            Tue 01 Aug 2023 00:00:00 +0000
asID:                     59239
IP address blocks:        103.109.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2924 (0xb6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
        Validity
            Not Before: Mar 31 20:06:56 2023 GMT
            Not After : Aug  1 00:00:00 2023 GMT
        Subject: CN=64273d5f-5ea3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:66:37:e6:26:7e:20:a6:5d:21:1a:29:aa:3a:
                    33:3e:ad:a3:4f:44:00:e1:8e:ec:6f:a5:6f:b1:7d:
                    fa:c7:06:99:be:bf:86:0f:b7:27:fb:fe:d8:ae:f5:
                    cc:ab:37:43:a4:c8:1d:ef:b9:1d:f5:95:f9:ea:e9:
                    d1:94:86:de:d9:2f:6f:a6:1c:91:96:f2:64:4f:4a:
                    38:60:91:8a:7c:4e:9d:39:96:89:e6:1c:6d:e1:07:
                    02:27:a1:b7:44:f5:89:c6:8e:1b:99:10:ff:bd:3c:
                    7b:3f:bd:dd:c1:46:4d:d0:c8:d4:d5:8d:78:61:b8:
                    00:d9:e6:3c:99:47:e1:40:e5:c7:eb:20:c5:d2:55:
                    6d:c1:95:26:c9:c6:14:91:21:55:14:1e:47:37:bd:
                    c6:24:8e:2f:a1:4f:b8:34:a1:e5:ad:ab:33:14:2b:
                    16:ea:3d:b7:52:b2:09:f4:30:3d:f7:1c:aa:6f:74:
                    4b:a6:53:17:2a:1d:6a:73:d4:a9:12:f6:51:67:44:
                    e7:63:ab:0b:61:32:dd:23:1a:66:25:de:e3:25:90:
                    65:51:ec:56:1e:99:e0:35:e0:b3:29:2e:46:6f:4f:
                    cd:c4:1e:d6:ef:50:de:3e:7b:ec:73:ac:8d:4f:e1:
                    66:71:af:97:6c:8f:0f:15:6a:8e:f7:e6:01:b3:ae:
                    01:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:41:4C:7D:FD:D4:25:FA:CD:0B:A6:7A:43:CB:05:01:87:D8:2E:82
            X509v3 Authority Key Identifier:
                keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/AB33887E726311EDBFC1323DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.109.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:db:51:4f:43:c4:5e:5a:07:0a:b0:f8:8e:20:25:6e:07:0c:
         b2:39:82:a4:9a:e8:74:14:b5:75:0c:21:9e:48:c0:b4:90:d9:
         7b:f6:ef:af:79:de:7d:d9:51:65:ad:78:8a:fa:43:4e:ef:8d:
         a8:2e:4a:4e:77:cd:c4:b0:57:0b:1d:c1:72:00:60:36:95:6d:
         84:97:de:eb:24:cc:83:90:04:59:e1:a6:21:e6:8b:3c:ee:ff:
         2a:74:44:9b:c1:65:87:4d:46:d1:ad:86:4f:29:ec:a3:09:38:
         42:a4:67:24:d1:d4:a6:a0:8e:3e:b6:62:57:88:f2:d8:dc:8c:
         46:a2:34:81:2a:45:58:30:92:23:05:5b:01:6b:c5:e5:12:5c:
         28:5f:db:df:e5:b6:0b:4d:a6:b9:5f:bd:1e:da:aa:4a:ce:47:
         8f:f5:69:82:bc:24:fe:e8:9a:9d:36:be:49:4c:26:37:43:b5:
         87:b5:c5:48:96:d3:c2:5d:79:79:00:4d:10:d3:17:19:69:1e:
         19:0c:f0:46:5a:ad:d0:90:5e:d2:84:86:8b:0f:c7:31:60:58:
         2d:50:e5:57:e5:8b:22:cb:05:72:c5:8f:42:5d:8b:14:ab:1e:
         68:8e:00:17:e8:06:7c:ff:cd:2d:33:bf:b1:07:5c:fa:2e:46:
         45:77:22:58
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC2wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjMwMzMxMjAwNjU2WhcNMjMwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3M2Q1Zi01ZWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1mY35iZ+IKZdIRopqjozPq2jT0QA4Y7sb6VvsX36xwaZvr+GD7cn+/7YrvXM
qzdDpMgd77kd9ZX56unRlIbe2S9vphyRlvJkT0o4YJGKfE6dOZaJ5hxt4QcCJ6G3
RPWJxo4bmRD/vTx7P73dwUZN0MjU1Y14YbgA2eY8mUfhQOXH6yDF0lVtwZUmycYU
kSFVFB5HN73GJI4voU+4NKHlraszFCsW6j23UrIJ9DA99xyqb3RLplMXKh1qc9Sp
EvZRZ0TnY6sLYTLdIxpmJd7jJZBlUexWHpngNeCzKS5Gb0/NxB7W71DePnvsc6yN
T+Fmca+XbI8PFWqO9+YBs64BoQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNJBTH39
1CX6zQumekPLBQGH2C6CMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQUIzMzg4N0U3
MjYzMTFFREJGQzEzMjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbV0wDQYJKoZIhvcNAQELBQADggEBAAXbUU9DxF5aBwqw
+I4gJW4HDLI5gqSa6HQUtXUMIZ5IwLSQ2Xv276953n3ZUWWteIr6Q07vjaguSk53
zcSwVwsdwXIAYDaVbYSX3uskzIOQBFnhpiHmizzu/yp0RJvBZYdNRtGthk8p7KMJ
OEKkZyTR1Kagjj62YleI8tjcjEaiNIEqRVgwkiMFWwFrxeUSXChf29/ltgtNprlf
vR7aqkrOR4/1aYK8JP7omp02vklMJjdDtYe1xUiW08JdeXkATRDTFxlpHhkM8EZa
rdCQXtKEhosPxzFgWC1Q5VfliyLLBXLFj0JdixSrHmiOABfoBnz/zS0zv7EHXPou
RkV3Ilg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org