Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9194A8C/9E6711A42B1C11EC95997409C4F9AE02/1C438C7C2B1F11EC938CA90BC4F9AE02.roa
File:                     1C438C7C2B1F11EC938CA90BC4F9AE02.roa (raw, json)
Hash identifier:          6WDC4NF6p7exlFJV2kt3WkoVn/VdZqKjDKJMebT2h8Y=
Subject key identifier:   37:A3:F9:63:D4:BA:B4:F1:E8:84:C0:A6:3C:71:45:18:45:06:9A:F1
Certificate issuer:       /CN=A9194A8C/serialNumber=0ABFD77A68692EFEB432400FFDDDD7AE1B23BC27
Certificate serial:       0152
Authority key identifier: 0A:BF:D7:7A:68:69:2E:FE:B4:32:40:0F:FD:DD:D7:AE:1B:23:BC:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cr_XemhpLv60MkAP_d3XrhsjvCc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9194A8C/9E6711A42B1C11EC95997409C4F9AE02/1C438C7C2B1F11EC938CA90BC4F9AE02.roa
Signing time:             Mon 28 Mar 2022 15:34:35 +0000
ROA not before:           Mon 28 Mar 2022 15:34:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142121
IP address blocks:        103.166.168.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338 (0x152)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9194A8C/serialNumber=0ABFD77A68692EFEB432400FFDDDD7AE1B23BC27
        Validity
            Not Before: Mar 28 15:34:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6241d58a-b8f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:7e:34:61:cc:22:8c:de:69:ed:70:c8:98:01:
                    f8:28:a2:6d:e3:2d:dd:03:6c:cd:82:df:05:b0:86:
                    ad:77:c1:18:3a:23:c0:f5:90:39:88:da:d5:77:cc:
                    a6:f0:0c:ce:76:93:79:92:d6:4a:bf:ce:47:0c:ba:
                    54:75:a8:29:2c:fa:2c:79:3a:35:cd:29:5f:9c:51:
                    eb:9d:66:55:8d:95:a2:27:f8:18:05:c5:8c:49:6a:
                    5d:cf:67:a6:93:be:76:37:e3:c5:f3:7d:20:35:ff:
                    8c:8b:6d:3e:1f:f6:48:00:a3:7c:c6:cd:eb:40:cc:
                    fb:92:18:cd:0a:9f:95:15:54:20:f5:1b:a0:dd:b4:
                    09:f0:05:2d:af:6d:b9:8b:dc:8d:00:17:ee:30:1e:
                    6d:cc:92:f3:2a:ef:7c:34:50:22:f3:be:0b:91:b3:
                    7a:cf:dc:f4:4d:43:3c:02:85:fb:ed:e2:34:9a:d7:
                    69:be:b2:4c:59:4b:e4:7d:5c:b7:6f:cd:19:fa:73:
                    55:ff:c6:05:cb:fa:ae:60:92:f8:86:23:b1:60:43:
                    41:40:44:88:91:fe:97:f9:13:c8:b4:11:01:f3:63:
                    e7:9d:92:ab:5b:4b:41:3e:b4:ca:c0:62:04:44:de:
                    b9:84:d0:60:83:ea:28:a5:18:5e:83:e9:c4:ab:5a:
                    44:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:A3:F9:63:D4:BA:B4:F1:E8:84:C0:A6:3C:71:45:18:45:06:9A:F1
            X509v3 Authority Key Identifier:
                keyid:0A:BF:D7:7A:68:69:2E:FE:B4:32:40:0F:FD:DD:D7:AE:1B:23:BC:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9194A8C/9E6711A42B1C11EC95997409C4F9AE02/Cr_XemhpLv60MkAP_d3XrhsjvCc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cr_XemhpLv60MkAP_d3XrhsjvCc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194A8C/9E6711A42B1C11EC95997409C4F9AE02/1C438C7C2B1F11EC938CA90BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:76:c6:1e:98:24:60:59:09:81:7d:19:8e:f2:3e:1f:82:b7:
         e4:c1:c5:46:4e:86:ad:51:ff:7b:91:f2:66:e7:95:1c:1e:4d:
         d3:ca:d3:20:d4:9f:ac:79:4a:f0:f0:17:da:37:fc:8e:0d:fe:
         ba:46:58:2b:c2:93:c4:d6:5d:85:dd:60:b2:84:28:ad:09:66:
         28:76:c0:5a:8d:47:26:f9:a9:30:1d:8e:fd:f6:6d:6e:f8:f4:
         81:b8:b1:fd:b4:97:50:1a:20:c4:23:8a:57:0f:29:8f:82:04:
         ee:e4:4b:ec:22:3d:53:7e:54:3a:bf:2f:1e:6c:07:c7:50:63:
         bd:9a:ad:cb:4d:38:48:dd:7a:e2:60:fb:fc:40:56:71:6f:4b:
         4a:f0:a9:60:5d:52:64:a3:6b:a9:f0:0a:96:95:1a:c2:fe:08:
         e0:19:ae:2e:d6:77:69:75:15:2a:32:ee:9f:24:36:8c:d5:3a:
         40:95:88:e4:73:cf:a6:18:0f:45:d1:cf:f8:0e:6f:29:62:c3:
         e3:3b:ed:6d:a9:ef:b5:47:8b:93:2e:7e:97:bd:59:5e:49:3d:
         5b:50:2b:f4:a8:85:fc:b7:f1:4b:8d:73:e3:d3:46:9f:10:65:
         45:46:1f:be:ab:ce:75:c1:0f:cc:de:a9:11:df:1f:dc:0f:4e:
         9d:29:df:63
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRBOEMxMTAvBgNVBAUTKDBBQkZENzdBNjg2OTJFRkVCNDMyNDAwRkZEREREN0FF
MUIyM0JDMjcwHhcNMjIwMzI4MTUzNDM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQxZDU4YS1iOGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6340YcwijN5p7XDImAH4KKJt4y3dA2zNgt8FsIatd8EYOiPA9ZA5iNrVd8ym
8AzOdpN5ktZKv85HDLpUdagpLPoseTo1zSlfnFHrnWZVjZWiJ/gYBcWMSWpdz2em
k752N+PF830gNf+Mi20+H/ZIAKN8xs3rQMz7khjNCp+VFVQg9Rug3bQJ8AUtr225
i9yNABfuMB5tzJLzKu98NFAi874LkbN6z9z0TUM8AoX77eI0mtdpvrJMWUvkfVy3
b80Z+nNV/8YFy/quYJL4hiOxYENBQESIkf6X+RPItBEB82PnnZKrW0tBPrTKwGIE
RN65hNBgg+oopRheg+nEq1pEDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDej+WPU
urTx6ITApjxxRRhFBprxMB8GA1UdIwQYMBaAFAq/13poaS7+tDJAD/3d164bI7wn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEE4Qy85RTY3MTFBNDJC
MUMxMUVDOTU5OTc0MDlDNEY5QUUwMi9Dcl9YZW1ocEx2NjBNa0FQX2QzWHJoc2p2
Q2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NyX1hlbWhwTHY2ME1rQVBfZDNYcmhzanZDYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTRBOEMvOUU2NzExQTQyQjFDMTFFQzk1OTk3NDA5QzRGOUFFMDIvMUM0MzhDN0My
QjFGMTFFQzkzOENBOTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpqgwDQYJKoZIhvcNAQELBQADggEBAIx2xh6YJGBZCYF9
GY7yPh+Ct+TBxUZOhq1R/3uR8mbnlRweTdPK0yDUn6x5SvDwF9o3/I4N/rpGWCvC
k8TWXYXdYLKEKK0JZih2wFqNRyb5qTAdjv32bW749IG4sf20l1AaIMQjilcPKY+C
BO7kS+wiPVN+VDq/Lx5sB8dQY72arctNOEjdeuJg+/xAVnFvS0rwqWBdUmSja6nw
CpaVGsL+COAZri7Wd2l1FSoy7p8kNozVOkCViORzz6YYD0XRz/gObyliw+M77W2p
77VHi5Mufpe9WV5JPVtQK/Sohfy38UuNc+PTRp8QZUVGH76rznXBD8zeqRHfH9wP
Tp0p32M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org