Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/7A7402FACC8511EDA5377675C4F9AE02.roa
File:                     7A7402FACC8511EDA5377675C4F9AE02.roa (raw, json)
Hash identifier:          JPn9PG8pNwabME1BFv7wexkgODxcwEtiTNG9fU96DNs=
Subject key identifier:   3B:E6:2C:55:AA:6D:4C:01:43:01:6C:58:A5:67:3B:25:70:26:33:48
Certificate issuer:       /CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Certificate serial:       0140
Authority key identifier: E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/7A7402FACC8511EDA5377675C4F9AE02.roa
Signing time:             Mon 27 Mar 2023 09:55:18 +0000
ROA not before:           Mon 27 Mar 2023 09:55:18 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     140499
IP address blocks:        103.189.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320 (0x140)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
        Validity
            Not Before: Mar 27 09:55:18 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=64216805-1c71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4b:4b:f5:dc:d0:da:a4:7d:b5:cf:a8:b1:78:
                    1d:12:c2:0e:08:20:e6:62:ff:b9:0f:59:5d:35:72:
                    d5:95:cc:48:dc:4b:8c:06:49:b4:8d:24:87:cb:08:
                    a9:50:d3:95:99:3e:57:c4:40:24:b5:0d:ad:60:5b:
                    bf:44:e2:6d:83:a7:f5:23:c6:60:59:57:33:be:48:
                    8d:6d:41:8a:c4:b2:bc:9e:d3:03:e0:d8:bb:cb:11:
                    c8:5d:7c:c4:20:a9:cc:d5:ac:3c:f9:78:1b:74:3d:
                    e4:fe:88:3a:dd:85:d7:77:8a:1e:17:39:67:e0:f1:
                    b3:ce:2e:bc:b7:82:25:d0:2f:31:ae:56:fb:18:71:
                    51:2f:c6:e8:fb:52:ea:38:92:05:05:a1:5b:12:a6:
                    aa:9b:ec:80:41:65:a7:a9:49:4b:4a:8f:b2:b1:0b:
                    22:08:af:8d:18:28:2d:d6:d4:3d:f1:d6:fe:12:49:
                    bb:13:f8:50:b4:f9:45:d4:61:c7:79:9c:d0:d3:ac:
                    d4:13:d3:43:3c:bc:95:11:db:88:82:64:40:f0:0f:
                    b4:a5:29:79:e6:36:57:a2:cd:29:9e:82:bf:69:fa:
                    20:03:75:ab:eb:0c:ae:65:d0:b7:81:e5:da:ba:b5:
                    67:45:fd:b1:4a:bd:88:81:c1:c8:c3:cc:61:08:5e:
                    8c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:E6:2C:55:AA:6D:4C:01:43:01:6C:58:A5:67:3B:25:70:26:33:48
            X509v3 Authority Key Identifier:
                keyid:E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/7A7402FACC8511EDA5377675C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:7b:9d:8c:21:0c:09:13:02:37:01:e0:e6:b1:b8:aa:f9:ee:
         70:09:bb:05:1f:bf:ba:22:03:8e:5f:ba:16:5c:36:53:fb:05:
         07:b1:08:f2:94:a3:30:4c:3d:97:37:89:f2:cf:39:e6:fb:66:
         ed:8c:8f:53:a1:09:ec:7c:12:16:ed:28:89:e2:dc:77:45:36:
         eb:0c:68:21:42:e6:73:bf:16:b1:08:be:b1:8a:50:ae:0d:f8:
         ea:a9:f5:fe:e2:19:cd:d3:31:8c:c4:28:e3:80:e8:b9:54:3b:
         18:99:c5:ea:b2:c8:a9:dc:0b:d1:f1:d7:ed:1c:bb:61:f5:ff:
         92:45:dd:15:9a:40:78:92:1a:eb:b6:e1:94:a1:4e:1a:a0:45:
         dc:f3:de:09:c6:e6:0d:fb:4c:17:29:8b:62:1b:4f:e4:30:d9:
         de:5a:e0:5d:11:bd:e0:88:15:0d:52:bd:d8:12:f2:fe:e0:3c:
         b4:19:85:f9:76:66:7d:60:b0:ae:5c:b1:8b:e3:18:01:8e:ee:
         68:ae:96:00:d4:af:59:ba:88:d4:94:a7:f5:8c:ec:9e:07:e5:
         71:c0:12:26:74:da:17:5b:73:4e:ea:4b:5c:4e:0b:c6:7b:9d:
         b6:f4:87:17:fd:37:aa:5b:78:eb:e0:76:15:65:b0:e8:41:99:
         82:2c:c8:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyMDIxMTAvBgNVBAUTKEUzQ0Y0NUY4MDUxMDYzQkJEQjMxN0ZERDE1MTEzMkE5
NDAwNEZENUIwHhcNMjMwMzI3MDk1NTE4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIxNjgwNS0xYzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtktL9dzQ2qR9tc+osXgdEsIOCCDmYv+5D1ldNXLVlcxI3EuMBkm0jSSHywip
UNOVmT5XxEAktQ2tYFu/ROJtg6f1I8ZgWVczvkiNbUGKxLK8ntMD4Ni7yxHIXXzE
IKnM1aw8+XgbdD3k/og63YXXd4oeFzln4PGzzi68t4Il0C8xrlb7GHFRL8bo+1Lq
OJIFBaFbEqaqm+yAQWWnqUlLSo+ysQsiCK+NGCgt1tQ98db+Ekm7E/hQtPlF1GHH
eZzQ06zUE9NDPLyVEduIgmRA8A+0pSl55jZXos0pnoK/afogA3Wr6wyuZdC3geXa
urVnRf2xSr2IgcHIw8xhCF6MVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDvmLFWq
bUwBQwFsWKVnOyVwJjNIMB8GA1UdIwQYMBaAFOPPRfgFEGO72zF/3RURMqlABP1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIwMi8wQUZFQ0E3MEY3
MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi80ODlGLUFVUVk3dmJNWF9kRlJFeXFVQUVf
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ4OUYtQVVRWTd2Yk1YX2RGUkV5cVVBRV9Wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcyMDIvMEFGRUNBNzBGNzA4MTFFQzk4NDlGMzVFQzRGOUFFMDIvN0E3NDAyRkFD
Qzg1MTFFREE1Mzc3Njc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnvUQwDQYJKoZIhvcNAQELBQADggEBAAt7nYwhDAkTAjcB
4OaxuKr57nAJuwUfv7oiA45fuhZcNlP7BQexCPKUozBMPZc3ifLPOeb7Zu2Mj1Oh
Cex8EhbtKIni3HdFNusMaCFC5nO/FrEIvrGKUK4N+Oqp9f7iGc3TMYzEKOOA6LlU
OxiZxeqyyKncC9Hx1+0cu2H1/5JF3RWaQHiSGuu24ZShThqgRdzz3gnG5g37TBcp
i2IbT+Qw2d5a4F0RveCIFQ1SvdgS8v7gPLQZhfl2Zn1gsK5csYvjGAGO7miulgDU
r1m6iNSUp/WM7J4H5XHAEiZ02hdbc07qS1xOC8Z7nbb0hxf9N6pbeOvgdhVlsOhB
mYIsyMk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org