Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/177443CAC3F411EDBC1E045DC4F9AE02.roa
File:                     177443CAC3F411EDBC1E045DC4F9AE02.roa (raw, json)
Hash identifier:          C64cbvjtOZ24WGEVKB4HZ14MtM5Lek1u1CiDng4gUB4=
Subject key identifier:   5D:81:1D:6F:5C:D4:3D:93:B3:A1:46:78:FD:E6:85:6F:3D:70:8C:ED
Certificate issuer:       /CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Certificate serial:       0139
Authority key identifier: E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/177443CAC3F411EDBC1E045DC4F9AE02.roa
Signing time:             Fri 24 Mar 2023 17:15:41 +0000
ROA not before:           Fri 24 Mar 2023 17:15:41 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     150683
IP address blocks:        103.189.68.0/24 maxlen: 24
                          103.189.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 313 (0x139)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
        Validity
            Not Before: Mar 24 17:15:41 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=641ddabd-2da4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c2:2d:6a:eb:9e:c1:1d:5e:ae:bd:db:c9:9d:
                    86:81:2d:90:e8:e5:83:1d:fa:58:74:85:6d:df:61:
                    ae:19:29:63:75:ed:5a:bd:f2:f9:0a:ba:bb:02:c8:
                    8a:61:9f:07:cc:64:04:00:01:f6:34:45:60:22:e5:
                    02:ba:11:58:cc:f6:db:b1:64:54:2e:32:b9:39:0d:
                    95:e5:c5:92:87:2d:07:52:cf:d8:04:23:12:c4:a0:
                    1a:0e:83:d1:b1:d5:6b:3b:58:08:18:84:99:7e:7d:
                    ce:6e:26:f8:00:e6:4d:4d:81:89:bb:d6:98:4a:a1:
                    4a:3d:df:94:b7:cb:be:bb:94:f5:30:f9:fe:ae:0e:
                    b2:63:ea:85:46:fe:07:10:59:b5:89:52:e1:c6:9a:
                    9b:db:be:ef:ce:e7:8c:a3:42:3d:a7:d7:9b:51:64:
                    0d:38:df:73:5c:c1:0c:67:de:b8:c0:07:a2:ab:c9:
                    f7:e1:46:ac:ab:25:92:08:71:57:45:b2:17:08:65:
                    d0:cc:7c:f7:7d:0c:fa:8e:ec:1b:ac:2c:58:1c:36:
                    ac:92:8b:c1:00:35:bb:a7:c8:3b:4f:e0:b0:f8:38:
                    04:56:a9:99:a8:94:2f:82:40:99:44:bb:bb:dc:e2:
                    b5:2b:13:cd:8d:ef:a0:08:af:75:68:55:46:2f:53:
                    a2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:81:1D:6F:5C:D4:3D:93:B3:A1:46:78:FD:E6:85:6F:3D:70:8C:ED
            X509v3 Authority Key Identifier:
                keyid:E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/177443CAC3F411EDBC1E045DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:78:55:15:96:84:67:9f:e3:cb:df:b0:5e:7d:20:28:e0:4b:
         1d:6e:92:63:de:9d:f9:56:1e:e8:94:15:6b:ef:5d:7b:08:d1:
         3e:f6:60:7e:e3:ad:af:a0:2e:4a:16:bc:8e:fe:ba:3a:a4:4c:
         72:9b:8e:e9:ea:ee:04:79:d8:4b:dc:29:b6:c0:e9:a5:66:70:
         25:17:6d:55:41:7b:94:8b:6b:58:00:71:c5:28:82:e8:da:2b:
         b0:0b:2a:9b:fe:7e:e2:08:f9:fb:3d:20:a9:5b:1e:9d:ba:14:
         51:71:26:35:f0:fa:19:99:10:c7:2a:7e:f5:20:8c:16:d0:9f:
         54:71:a4:ab:21:26:f7:c0:3b:fe:0b:0a:3d:9c:e7:4a:1d:eb:
         7c:53:a9:98:73:9f:a9:40:f3:03:6e:b1:93:9b:f5:c2:2f:36:
         3e:0c:9b:ce:ff:4f:0f:54:31:5c:79:a4:d5:0c:4d:fd:13:72:
         6b:c7:b5:04:3e:b4:2b:15:05:8c:39:03:6c:c2:7e:ad:83:43:
         58:49:08:80:5a:b0:4a:68:23:6d:09:0c:b5:a6:70:4f:e9:4b:
         27:97:61:ff:3a:5a:df:a1:88:ac:a3:a8:fd:e7:60:1b:53:47:
         9a:a4:25:6e:b7:3e:a1:51:56:b3:0c:d1:fa:4d:63:22:41:21:
         49:84:c3:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyMDIxMTAvBgNVBAUTKEUzQ0Y0NUY4MDUxMDYzQkJEQjMxN0ZERDE1MTEzMkE5
NDAwNEZENUIwHhcNMjMwMzI0MTcxNTQxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFkZGFiZC0yZGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucItauuewR1err3byZ2GgS2Q6OWDHfpYdIVt32GuGSljde1avfL5Crq7AsiK
YZ8HzGQEAAH2NEVgIuUCuhFYzPbbsWRULjK5OQ2V5cWShy0HUs/YBCMSxKAaDoPR
sdVrO1gIGISZfn3Obib4AOZNTYGJu9aYSqFKPd+Ut8u+u5T1MPn+rg6yY+qFRv4H
EFm1iVLhxpqb277vzueMo0I9p9ebUWQNON9zXMEMZ964wAeiq8n34UasqyWSCHFX
RbIXCGXQzHz3fQz6juwbrCxYHDaskovBADW7p8g7T+Cw+DgEVqmZqJQvgkCZRLu7
3OK1KxPNje+gCK91aFVGL1OiKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF2BHW9c
1D2Ts6FGeP3mhW89cIztMB8GA1UdIwQYMBaAFOPPRfgFEGO72zF/3RURMqlABP1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIwMi8wQUZFQ0E3MEY3
MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi80ODlGLUFVUVk3dmJNWF9kRlJFeXFVQUVf
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ4OUYtQVVRWTd2Yk1YX2RGUkV5cVVBRV9Wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcyMDIvMEFGRUNBNzBGNzA4MTFFQzk4NDlGMzVFQzRGOUFFMDIvMTc3NDQzQ0FD
M0Y0MTFFREJDMUUwNDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvUQwDQYJKoZIhvcNAQELBQADggEBAAZ4VRWWhGef48vf
sF59ICjgSx1ukmPenflWHuiUFWvvXXsI0T72YH7jra+gLkoWvI7+ujqkTHKbjunq
7gR52EvcKbbA6aVmcCUXbVVBe5SLa1gAccUogujaK7ALKpv+fuII+fs9IKlbHp26
FFFxJjXw+hmZEMcqfvUgjBbQn1RxpKshJvfAO/4LCj2c50od63xTqZhzn6lA8wNu
sZOb9cIvNj4Mm87/Tw9UMVx5pNUMTf0TcmvHtQQ+tCsVBYw5A2zCfq2DQ1hJCIBa
sEpoI20JDLWmcE/pSyeXYf86Wt+hiKyjqP3nYBtTR5qkJW63PqFRVrMM0fpNYyJB
IUmEwwA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org