Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/8E2A37005BB711EC93E3525AC4F9AE02.roa
File:                     8E2A37005BB711EC93E3525AC4F9AE02.roa (raw, json)
Hash identifier:          EjkGxfE8J/CGALKcjygHsyBx9oeFyRUrrUOmfOWsMqs=
Subject key identifier:   66:27:37:79:7C:FF:0F:2F:01:1A:A3:2C:F8:A6:EC:22:58:5E:BC:8E
Certificate issuer:       /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial:       0EF2
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/8E2A37005BB711EC93E3525AC4F9AE02.roa
Signing time:             Wed 15 Dec 2021 05:54:19 +0000
ROA not before:           Wed 15 Dec 2021 05:54:19 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     64073
IP address blocks:        103.130.68.0/24 maxlen: 24
                          2403:b4c0:f000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3826 (0xef2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
        Validity
            Not Before: Dec 15 05:54:19 2021 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=61b9830b-77d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:39:c2:c7:c7:bc:cb:2c:1a:c9:12:ad:32:31:
                    92:99:63:6f:a8:b4:79:79:0b:b3:e9:4d:6a:65:6e:
                    92:f0:53:c9:8a:27:de:d4:d4:57:20:7e:23:f7:c8:
                    74:90:84:bb:16:9d:0d:dd:12:9b:c0:1d:77:93:0a:
                    fd:b2:e3:d3:bd:cd:4f:a9:3f:b2:0a:d9:d0:39:42:
                    27:1a:21:50:b7:fb:5f:47:63:66:90:3d:11:0a:b2:
                    77:c5:83:24:ca:da:9c:f9:f8:be:ff:f7:c1:8e:4e:
                    c7:59:a7:00:bc:4c:cc:85:2e:c1:1e:e7:4e:ad:65:
                    47:0f:f5:f0:92:09:d2:dd:0e:13:ba:79:69:4d:f6:
                    e0:b4:22:30:d9:98:a5:67:45:89:9b:a0:9d:fa:9b:
                    b5:f0:a1:08:ac:a1:89:95:c1:42:75:eb:bf:f1:a7:
                    0c:02:12:55:1e:16:f5:cc:99:6e:6b:e5:54:d0:38:
                    0f:93:2c:4e:17:65:2d:e9:35:70:fe:13:a8:02:74:
                    3c:9c:1b:34:cf:88:9e:53:bd:eb:b9:45:73:6c:77:
                    b8:e6:0d:99:38:85:da:26:ee:cb:9d:af:d5:ec:90:
                    2d:88:0a:00:8c:83:96:78:bc:63:71:a1:2b:ec:4c:
                    68:75:6e:ef:5c:ea:81:1e:c8:2b:ba:6a:d5:43:62:
                    30:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:27:37:79:7C:FF:0F:2F:01:1A:A3:2C:F8:A6:EC:22:58:5E:BC:8E
            X509v3 Authority Key Identifier:
                keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/8E2A37005BB711EC93E3525AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.68.0/24
                IPv6:
                  2403:b4c0:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         1d:1e:a1:34:a0:1a:a4:b8:b2:43:2b:5f:25:2c:d5:54:5a:40:
         f5:d1:fc:8e:45:6b:05:01:a2:7b:19:58:83:cd:df:e8:62:28:
         b4:b7:fe:6f:75:c8:75:a1:1f:51:11:f0:68:dd:88:e4:49:91:
         40:fa:97:15:d5:a0:b8:be:49:77:51:16:45:4d:c4:82:94:2a:
         fc:fe:f1:45:16:a3:54:32:9c:e0:df:90:b9:03:65:25:68:77:
         be:8a:cc:49:25:3d:57:75:7d:56:a4:7c:6d:5d:1a:8b:d5:7c:
         1b:52:ee:b3:15:2d:e6:d3:46:53:74:ac:dc:e2:1e:eb:50:00:
         fe:ed:0d:36:c6:c9:97:92:5c:d1:dc:6b:2d:bf:65:da:94:2d:
         e5:eb:e2:8a:c7:ac:1b:53:57:32:2c:ae:2d:35:13:d3:ce:86:
         cc:6e:83:d5:29:d6:4c:fc:cc:99:43:68:f2:94:81:cd:da:9e:
         6a:c8:ef:33:6e:be:e8:0b:c3:42:62:c3:25:f1:4d:47:03:b1:
         8e:76:48:7e:f3:4c:cf:b5:1e:af:d9:46:2a:22:82:81:cb:41:
         c5:90:17:6e:85:b8:29:8e:fe:05:06:f4:8b:84:c9:0f:bd:2e:
         68:ca:ca:1e:79:0c:cc:58:11:c0:dc:f1:f3:29:e5:7e:1d:cc:
         e7:d2:ec:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICDvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjExMjE1MDU1NDE5WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWI5ODMwYi03N2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwjnCx8e8yywayRKtMjGSmWNvqLR5eQuz6U1qZW6S8FPJiife1NRXIH4j98h0
kIS7Fp0N3RKbwB13kwr9suPTvc1PqT+yCtnQOUInGiFQt/tfR2NmkD0RCrJ3xYMk
ytqc+fi+//fBjk7HWacAvEzMhS7BHudOrWVHD/XwkgnS3Q4TunlpTfbgtCIw2Zil
Z0WJm6Cd+pu18KEIrKGJlcFCdeu/8acMAhJVHhb1zJlua+VU0DgPkyxOF2Ut6TVw
/hOoAnQ8nBs0z4ieU73ruUVzbHe45g2ZOIXaJu7Lna/V7JAtiAoAjIOWeLxjcaEr
7ExodW7vXOqBHsgrumrVQ2IwIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGYnN3l8
/w8vARqjLPim7CJYXryOMB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvOEUyQTM3MDA1
QkI3MTFFQzkzRTM1MjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABngkQwDgQCAAIwCAMGBCQDtMDwMA0GCSqGSIb3DQEBCwUA
A4IBAQAdHqE0oBqkuLJDK18lLNVUWkD10fyORWsFAaJ7GViDzd/oYii0t/5vdch1
oR9REfBo3YjkSZFA+pcV1aC4vkl3URZFTcSClCr8/vFFFqNUMpzg35C5A2UlaHe+
isxJJT1XdX1WpHxtXRqL1XwbUu6zFS3m00ZTdKzc4h7rUAD+7Q02xsmXklzR3Gst
v2XalC3l6+KKx6wbU1cyLK4tNRPTzobMboPVKdZM/MyZQ2jylIHN2p5qyO8zbr7o
C8NCYsMl8U1HA7GOdkh+80zPtR6v2UYqIoKBy0HFkBduhbgpjv4FBvSLhMkPvS5o
ysoeeQzMWBHA3PHzKeV+Hczn0uxe
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org