Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91910A8/7B20073E9C4E11ECB1748B68C4F9AE02/B1AF4852F80811EDBDDAE922C4F9AE02.roa
File:                     B1AF4852F80811EDBDDAE922C4F9AE02.roa (raw, json)
Hash identifier:          EcCCnDlaoebHkhRHMN772X6ytzqgV5cPSHx4XgJpBfk=
Subject key identifier:   B5:07:83:64:E4:F9:77:18:4C:55:A5:D6:81:FD:B9:80:0B:96:D1:04
Certificate issuer:       /CN=A91910A8/serialNumber=F3674A8907E9B1AE8EE26F9CF3C99C47F754934C
Certificate serial:       0228
Authority key identifier: F3:67:4A:89:07:E9:B1:AE:8E:E2:6F:9C:F3:C9:9C:47:F7:54:93:4C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/82dKiQfpsa6O4m-c88mcR_dUk0w.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91910A8/7B20073E9C4E11ECB1748B68C4F9AE02/B1AF4852F80811EDBDDAE922C4F9AE02.roa
Signing time:             Sun 21 May 2023 18:52:54 +0000
ROA not before:           Sun 21 May 2023 18:52:54 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     134382
IP address blocks:        103.183.63.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 552 (0x228)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91910A8/serialNumber=F3674A8907E9B1AE8EE26F9CF3C99C47F754934C
        Validity
            Not Before: May 21 18:52:54 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=646a6886-bd4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:15:16:0a:56:fc:9f:11:c7:03:9e:c3:e6:3b:
                    6c:cc:39:59:d6:6e:07:3d:2f:11:13:8c:63:8b:a7:
                    5b:a9:45:5f:a9:94:17:4b:a3:14:14:ec:0b:a1:55:
                    ec:de:f0:19:d0:f6:34:a4:a0:83:11:e9:75:07:57:
                    7e:f6:cd:12:9e:23:f8:ad:43:7d:74:a6:63:2c:d6:
                    43:24:70:a8:b2:77:03:0c:53:26:be:30:e5:ba:5a:
                    49:ef:7a:b2:49:54:d2:00:6c:7a:f9:1b:89:26:e4:
                    ac:29:71:7d:9b:c3:0c:e5:42:d9:32:ca:2d:ae:8f:
                    db:bd:c5:d0:0a:03:c6:fe:37:95:a5:71:3b:0c:b3:
                    d6:d4:7d:41:9a:ff:54:0d:45:18:21:60:14:ea:7a:
                    ba:c6:31:0f:04:c4:0f:1b:fc:a6:2d:9c:36:5f:0c:
                    7e:15:da:0e:24:c4:ab:05:27:1e:05:40:92:e9:47:
                    68:9c:dc:41:bb:07:0d:82:44:d3:68:80:a2:71:83:
                    b6:c9:70:da:a5:a4:e3:f1:82:6e:ca:57:54:36:49:
                    77:87:85:29:31:c2:ee:de:53:90:cb:a8:56:d6:aa:
                    9d:3c:aa:d1:07:a7:d8:0c:af:60:08:1c:40:78:05:
                    a2:c4:a1:ba:a6:e2:52:51:ca:7a:19:7e:41:56:74:
                    37:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:07:83:64:E4:F9:77:18:4C:55:A5:D6:81:FD:B9:80:0B:96:D1:04
            X509v3 Authority Key Identifier:
                keyid:F3:67:4A:89:07:E9:B1:AE:8E:E2:6F:9C:F3:C9:9C:47:F7:54:93:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91910A8/7B20073E9C4E11ECB1748B68C4F9AE02/82dKiQfpsa6O4m-c88mcR_dUk0w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/82dKiQfpsa6O4m-c88mcR_dUk0w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91910A8/7B20073E9C4E11ECB1748B68C4F9AE02/B1AF4852F80811EDBDDAE922C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.183.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:1d:45:a3:e7:44:53:0b:d1:02:7e:50:29:80:8d:97:51:df:
         ab:b0:fc:28:21:2e:02:5b:ea:29:cb:38:98:7f:c9:80:10:30:
         90:65:55:5b:6e:3c:5a:6b:d6:e1:2c:97:8c:64:97:6c:e6:cd:
         3f:4d:77:4e:04:96:34:1f:9d:ef:da:5b:42:91:fc:3e:32:b4:
         c3:0c:c4:8e:29:29:64:68:98:a0:05:9c:46:73:ff:c8:80:27:
         72:46:3e:39:37:85:a1:56:42:6d:6f:80:b0:d0:54:80:b5:71:
         c4:81:42:00:fa:c2:fe:bf:b7:92:08:09:b4:e7:57:3a:90:14:
         6e:3e:3c:bd:c5:73:47:39:ce:ef:d7:0a:b0:2d:aa:28:bf:5d:
         3d:64:d7:64:97:d3:fc:b1:d7:d4:48:b9:d5:e3:89:fb:1d:7d:
         85:d1:9f:12:f9:25:f1:17:1e:f8:f4:f9:d8:f6:9a:23:db:fd:
         f7:d3:e2:d8:71:a7:e3:49:24:d7:03:2d:0e:de:e9:7c:b9:fa:
         96:d7:ab:b6:01:4d:47:cf:e5:8f:a7:cd:be:41:af:91:8e:59:
         ab:b7:dc:67:fd:ef:11:e8:f3:99:00:8c:1e:f9:76:50:85:51:
         01:d5:c8:9b:db:48:96:b8:ef:90:85:47:f9:0d:de:b9:c1:dd:
         27:c9:07:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEwQTgxMTAvBgNVBAUTKEYzNjc0QTg5MDdFOUIxQUU4RUUyNkY5Q0YzQzk5QzQ3
Rjc1NDkzNEMwHhcNMjMwNTIxMTg1MjU0WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZhNjg4Ni1iZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyBUWClb8nxHHA57D5jtszDlZ1m4HPS8RE4xji6dbqUVfqZQXS6MUFOwLoVXs
3vAZ0PY0pKCDEel1B1d+9s0SniP4rUN9dKZjLNZDJHCosncDDFMmvjDlulpJ73qy
SVTSAGx6+RuJJuSsKXF9m8MM5ULZMsotro/bvcXQCgPG/jeVpXE7DLPW1H1Bmv9U
DUUYIWAU6nq6xjEPBMQPG/ymLZw2Xwx+FdoOJMSrBSceBUCS6UdonNxBuwcNgkTT
aICicYO2yXDapaTj8YJuyldUNkl3h4UpMcLu3lOQy6hW1qqdPKrRB6fYDK9gCBxA
eAWixKG6puJSUcp6GX5BVnQ3dwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLUHg2Tk
+XcYTFWl1oH9uYALltEEMB8GA1UdIwQYMBaAFPNnSokH6bGujuJvnPPJnEf3VJNM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTBBOC83QjIwMDczRTlD
NEUxMUVDQjE3NDhCNjhDNEY5QUUwMi84MmRLaVFmcHNhNk80bS1jODhtY1JfZFVr
MHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzgyZEtpUWZwc2E2TzRtLWM4OG1jUl9kVWswdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEwQTgvN0IyMDA3M0U5QzRFMTFFQ0IxNzQ4QjY4QzRGOUFFMDIvQjFBRjQ4NTJG
ODA4MTFFREJEREFFOTIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABntz8wDQYJKoZIhvcNAQELBQADggEBADIdRaPnRFML0QJ+
UCmAjZdR36uw/CghLgJb6inLOJh/yYAQMJBlVVtuPFpr1uEsl4xkl2zmzT9Nd04E
ljQfne/aW0KR/D4ytMMMxI4pKWRomKAFnEZz/8iAJ3JGPjk3haFWQm1vgLDQVIC1
ccSBQgD6wv6/t5IICbTnVzqQFG4+PL3Fc0c5zu/XCrAtqii/XT1k12SX0/yx19RI
udXjifsdfYXRnxL5JfEXHvj0+dj2miPb/ffT4thxp+NJJNcDLQ7e6Xy5+pbXq7YB
TUfP5Y+nzb5Br5GOWau33Gf97xHo85kAjB75dlCFUQHVyJvbSJa475CFR/kN3rnB
3SfJB7M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org