Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/D71C0DA021E111EB85E9C824C4F9AE02.roa
File:                     D71C0DA021E111EB85E9C824C4F9AE02.roa (raw, json)
Hash identifier:          h6IZeFRQrMRN+YnnkB8bWRtNHZABbA8wLJlUemjEneI=
Subject key identifier:   FC:EB:C6:34:88:6A:7F:26:CF:8F:B1:92:00:D1:E9:A2:94:51:59:37
Certificate issuer:       /CN=A919F207/serialNumber=E73A79440444FE34C310F784894C4AB21EACAA04
Certificate serial:       0686
Authority key identifier: E7:3A:79:44:04:44:FE:34:C3:10:F7:84:89:4C:4A:B2:1E:AC:AA:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5zp5RARE_jTDEPeEiUxKsh6sqgQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/D71C0DA021E111EB85E9C824C4F9AE02.roa
Signing time:             Sat 24 Sep 2022 10:59:46 +0000
ROA not before:           Sat 24 Sep 2022 10:59:46 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     18013
IP address blocks:        103.153.36.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1670 (0x686)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F207/serialNumber=E73A79440444FE34C310F784894C4AB21EACAA04
        Validity
            Not Before: Sep 24 10:59:46 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=632ee322-d6e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:20:a1:85:d1:e9:70:db:1f:52:e9:88:2e:5f:
                    4d:91:09:7f:b3:86:03:b7:5d:b3:35:ff:08:e6:98:
                    99:36:80:8f:60:14:d4:33:60:ab:07:fb:ba:9d:00:
                    a0:fe:06:ca:64:2a:e9:af:ca:5f:2f:17:4c:2d:4a:
                    cf:8f:0f:dd:9e:71:90:6d:40:ba:bb:84:6f:49:48:
                    ac:c2:7b:be:e5:d2:6e:96:4f:51:f2:b6:c9:53:23:
                    47:b6:52:7d:6a:cf:5f:bd:55:2f:ea:e8:41:1d:a3:
                    15:9d:52:1b:da:26:ca:3b:d2:fe:9a:a0:6b:7f:e0:
                    02:8d:6b:bc:63:06:b4:7b:7b:10:a3:1c:2f:f4:e3:
                    be:0f:4b:d9:61:3a:c4:b3:97:bc:a2:9d:fd:12:71:
                    3f:e5:62:7b:88:5f:67:04:25:e2:70:30:e6:3d:45:
                    2a:44:0d:cc:ff:af:b9:cb:65:d2:5e:92:5a:47:71:
                    0a:8c:63:6e:86:a0:57:ca:cd:61:47:57:44:27:85:
                    86:94:f0:ba:7e:2a:b3:1b:9f:62:43:c0:b6:e9:66:
                    21:0a:c4:11:22:27:16:0c:95:48:36:5b:02:af:1d:
                    93:23:3e:7b:5d:46:d5:98:29:26:3d:61:92:e4:19:
                    9f:21:5f:ce:36:c3:6f:f5:89:1d:23:bf:c5:02:4e:
                    46:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:EB:C6:34:88:6A:7F:26:CF:8F:B1:92:00:D1:E9:A2:94:51:59:37
            X509v3 Authority Key Identifier:
                keyid:E7:3A:79:44:04:44:FE:34:C3:10:F7:84:89:4C:4A:B2:1E:AC:AA:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/5zp5RARE_jTDEPeEiUxKsh6sqgQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5zp5RARE_jTDEPeEiUxKsh6sqgQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F207/12F2CC0AC26111EA986EEF41C4F9AE02/D71C0DA021E111EB85E9C824C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.153.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:c0:c1:13:44:bb:6d:46:b5:ba:3b:8e:9e:e4:a1:e4:84:6d:
         33:72:95:d9:9b:ca:a1:75:64:28:0b:02:97:08:9f:c7:1e:22:
         a3:0b:b3:4e:18:bd:b5:25:8c:c0:d2:ec:32:a0:1a:90:28:a9:
         e7:67:4e:c5:ae:c2:75:44:00:80:33:fe:f3:d4:b4:98:58:2b:
         fc:50:c3:d0:83:20:37:e1:cb:b1:26:1e:9d:3e:09:73:f2:df:
         a4:69:03:ed:39:00:02:b5:f3:d2:4f:6e:99:af:85:8c:b8:94:
         5a:5a:74:03:c1:e7:ed:e3:82:9f:c7:d1:36:c6:a6:49:24:04:
         d7:b0:b1:30:81:02:54:2f:0d:66:2d:90:d5:0f:3d:d5:e7:2a:
         ec:4d:d7:23:71:99:42:7f:07:f5:5e:18:8e:e0:bc:88:9c:11:
         25:c2:f8:cf:6f:e5:71:02:5d:57:32:f0:18:ad:31:3b:9d:95:
         32:bc:81:9c:9e:54:65:94:99:db:1c:2b:2d:95:f4:46:54:af:
         12:9d:ae:87:85:ef:db:d8:86:a1:c0:a2:13:db:a3:54:aa:df:
         2f:ab:0a:16:fc:22:4b:16:c3:51:aa:11:0a:aa:40:9f:05:87:
         d0:82:b3:46:c7:55:01:95:b6:4b:ad:73:88:ff:42:e1:67:ef:
         1e:ab:db:a2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYyMDcxMTAvBgNVBAUTKEU3M0E3OTQ0MDQ0NEZFMzRDMzEwRjc4NDg5NEM0QUIy
MUVBQ0FBMDQwHhcNMjIwOTI0MTA1OTQ2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJlZTMyMi1kNmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7CChhdHpcNsfUumILl9NkQl/s4YDt12zNf8I5piZNoCPYBTUM2CrB/u6nQCg
/gbKZCrpr8pfLxdMLUrPjw/dnnGQbUC6u4RvSUiswnu+5dJulk9R8rbJUyNHtlJ9
as9fvVUv6uhBHaMVnVIb2ibKO9L+mqBrf+ACjWu8Ywa0e3sQoxwv9OO+D0vZYTrE
s5e8op39EnE/5WJ7iF9nBCXicDDmPUUqRA3M/6+5y2XSXpJaR3EKjGNuhqBXys1h
R1dEJ4WGlPC6fiqzG59iQ8C26WYhCsQRIicWDJVINlsCrx2TIz57XUbVmCkmPWGS
5BmfIV/ONsNv9YkdI7/FAk5GiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPzrxjSI
an8mz4+xkgDR6aKUUVk3MB8GA1UdIwQYMBaAFOc6eUQERP40wxD3hIlMSrIerKoE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjIwNy8xMkYyQ0MwQUMy
NjExMUVBOTg2RUVGNDFDNEY5QUUwMi81enA1UkFSRV9qVERFUGVFaVV4S3NoNnNx
Z1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzV6cDVSQVJFX2pUREVQZUVpVXhLc2g2c3FnUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYyMDcvMTJGMkNDMEFDMjYxMTFFQTk4NkVFRjQxQzRGOUFFMDIvRDcxQzBEQTAy
MUUxMTFFQjg1RTlDODI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmSQwDQYJKoZIhvcNAQELBQADggEBAAbAwRNEu21Gtbo7
jp7koeSEbTNyldmbyqF1ZCgLApcIn8ceIqMLs04YvbUljMDS7DKgGpAoqednTsWu
wnVEAIAz/vPUtJhYK/xQw9CDIDfhy7EmHp0+CXPy36RpA+05AAK189JPbpmvhYy4
lFpadAPB5+3jgp/H0TbGpkkkBNewsTCBAlQvDWYtkNUPPdXnKuxN1yNxmUJ/B/Ve
GI7gvIicESXC+M9v5XECXVcy8BitMTudlTK8gZyeVGWUmdscKy2V9EZUrxKdroeF
79vYhqHAohPbo1Sq3y+rChb8IksWw1GqEQqqQJ8Fh9CCs0bHVQGVtkutc4j/QuFn
7x6r26I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org