Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
File:                     1DC048C8FDBA11ED81BCDA19C4F9AE02.roa (raw, json)
Hash identifier:          zDsTIzEu6mcHlAwQ3leMM9g7CreeHtcJFwgNPtU5NLI=
Subject key identifier:   C2:B2:6E:AE:65:65:9B:D3:CE:5A:E3:6E:43:FC:2C:25:8A:33:35:A1
Certificate issuer:       /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Certificate serial:       7F
Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
Signing time:             Mon 29 May 2023 00:45:33 +0000
ROA not before:           Mon 29 May 2023 00:45:33 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     150683
IP address blocks:        103.19.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127 (0x7f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
        Validity
            Not Before: May 29 00:45:33 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=6473f5ac-5511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7f:43:38:c9:28:18:60:cf:76:ef:99:d9:83:
                    36:7e:ce:95:90:bb:78:cf:67:37:0a:59:1a:5f:cf:
                    dd:e9:b4:02:2d:4b:14:84:ff:0f:8c:66:1d:1c:6c:
                    ed:00:78:a5:7b:f7:d8:53:40:35:19:1a:ad:06:4d:
                    0d:cd:2c:67:41:98:b9:dd:fc:0c:36:1b:be:41:d7:
                    e4:4c:7f:64:57:fa:fa:bb:70:a6:e6:15:5d:86:3a:
                    57:93:09:11:ab:6d:08:3e:e4:ae:4a:36:f2:1a:f4:
                    e5:86:f2:03:3c:04:c3:51:79:cc:e0:3c:3e:72:86:
                    e1:7b:90:67:42:68:3f:f8:65:52:73:18:ee:2b:e4:
                    99:02:dd:31:13:0a:f9:ec:32:6a:9c:e5:57:04:61:
                    1c:3b:75:b9:de:52:bd:f5:c0:c7:e6:2e:18:5b:e5:
                    89:78:aa:88:75:d3:c3:2f:95:7f:b8:2c:8a:b8:a0:
                    df:90:3d:c9:42:01:6d:63:3a:b8:75:0d:78:ba:9c:
                    ce:a6:36:0e:53:2e:e0:f1:d1:a3:bf:cc:82:2c:87:
                    06:b0:3d:59:b0:5b:0c:dd:1c:eb:ce:a5:62:57:60:
                    46:f8:9c:51:34:ee:51:be:b4:2c:db:c0:90:a3:9d:
                    a6:d8:e1:d8:3f:1b:86:c8:1a:25:47:f5:fd:c6:f7:
                    82:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:B2:6E:AE:65:65:9B:D3:CE:5A:E3:6E:43:FC:2C:25:8A:33:35:A1
            X509v3 Authority Key Identifier:
                keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.19.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:34:a1:31:b8:ac:f1:89:a6:22:bd:7c:68:bf:12:35:ce:f5:
         e7:2c:f3:ca:d5:a4:a4:0f:d7:77:21:d4:42:84:ef:1d:69:c0:
         03:82:0c:fb:69:d0:05:5d:9d:85:c0:25:2b:3b:0e:49:ff:47:
         a2:c3:6c:f9:31:97:97:18:55:6f:0a:d9:1b:fe:85:e0:30:2c:
         da:0e:64:51:f8:a6:ab:7f:35:0e:6b:9c:d1:53:f4:40:79:42:
         2f:95:e0:12:f7:18:ca:ea:8f:7f:e8:c4:fe:79:7d:c4:a4:dd:
         67:2e:a8:89:0e:cf:c1:4e:ed:9b:01:b9:52:7a:ff:7b:25:db:
         0d:e7:fe:d7:bb:0a:be:e6:b8:73:b6:8d:89:81:b7:dd:6c:c5:
         3c:b8:bf:a5:6d:0a:ee:cc:7e:30:cf:81:45:f9:dd:7e:5b:a9:
         e7:54:29:65:66:9e:b8:10:7c:f4:98:ad:0c:21:d0:3f:c0:a3:
         b0:39:c6:27:3b:b8:f9:3a:b2:0f:9d:97:3b:84:25:83:72:9e:
         f6:ff:f0:1e:44:41:52:0e:a2:b0:e9:fd:a1:e5:a2:bb:2e:2f:
         73:6d:4d:9b:68:fa:41:98:df:1b:44:67:89:61:b5:13:08:fd:
         63:70:96:39:08:70:d7:64:fe:81:ea:e1:bc:38:8a:37:3a:2d:
         95:ac:74:09
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RUY2NzExMC8GA1UEBRMoRjhENjkzQTI2OTY0Q0QzQzVBMTk5RDJDMjZFRDIyNjQ3
QTIwRTc3RTAeFw0yMzA1MjkwMDQ1MzNaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzNmNWFjLTU1MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMf0M4ySgYYM9275nZgzZ+zpWQu3jPZzcKWRpfz93ptAItSxSE/w+MZh0cbO0A
eKV799hTQDUZGq0GTQ3NLGdBmLnd/Aw2G75B1+RMf2RX+vq7cKbmFV2GOleTCRGr
bQg+5K5KNvIa9OWG8gM8BMNReczgPD5yhuF7kGdCaD/4ZVJzGO4r5JkC3TETCvns
Mmqc5VcEYRw7dbneUr31wMfmLhhb5Yl4qoh108MvlX+4LIq4oN+QPclCAW1jOrh1
DXi6nM6mNg5TLuDx0aO/zIIshwawPVmwWwzdHOvOpWJXYEb4nFE07lG+tCzbwJCj
nabY4dg/G4bIGiVH9f3G94JvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwrJurmVl
m9POWuNuQ/wsJYozNaEwHwYDVR0jBBgwFoAU+NaTomlkzTxaGZ0sJu0iZHog534w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlFRjY3LzEyQ0U1OEMwNEJD
QjExRURCQkU1OTI1RUM0RjlBRTAyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUz
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLU5hVG9tbGt6VHhhR1owc0p1MGlaSG9nNTM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8xREMwNDhDOEZE
QkExMUVEODFCQ0RBMTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcTMTANBgkqhkiG9w0BAQsFAAOCAQEAKzShMbis8YmmIr18
aL8SNc715yzzytWkpA/XdyHUQoTvHWnAA4IM+2nQBV2dhcAlKzsOSf9HosNs+TGX
lxhVbwrZG/6F4DAs2g5kUfimq381Dmuc0VP0QHlCL5XgEvcYyuqPf+jE/nl9xKTd
Zy6oiQ7PwU7tmwG5Unr/eyXbDef+17sKvua4c7aNiYG33WzFPLi/pW0K7sx+MM+B
Rfndflup51QpZWaeuBB89JitDCHQP8CjsDnGJzu4+TqyD52XO4Qlg3Ke9v/wHkRB
Ug6isOn9oeWiuy4vc21Nm2j6QZjfG0RniWG1Ewj9Y3CWOQhw12T+gerhvDiKNzot
lax0CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org