Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/4F2ADC203E2611ECA29D2A53C4F9AE02.roa
File:                     4F2ADC203E2611ECA29D2A53C4F9AE02.roa (raw, json)
Hash identifier:          JzUhdG00Rc21N5wyINsop7+2dfsVPQq0kqzoxBXO3lo=
Subject key identifier:   73:6C:D0:F2:63:D7:D1:D1:0A:39:71:03:64:A2:A0:11:91:6D:E4:BB
Certificate issuer:       /CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
Certificate serial:       02C1
Authority key identifier: AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/4F2ADC203E2611ECA29D2A53C4F9AE02.roa
Signing time:             Wed 21 Dec 2022 03:42:48 +0000
ROA not before:           Wed 21 Dec 2022 03:42:48 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     148998
IP address blocks:        103.175.234.0/23 maxlen: 23
                          103.175.234.0/24 maxlen: 24
                          103.175.235.0/24 maxlen: 24
                          2001:df7:ff80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 705 (0x2c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A3B91/serialNumber=AD102ED0289DC4E4FADE70B34D7660CA0D2BBD2B
        Validity
            Not Before: Dec 21 03:42:48 2022 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=63a280b7-1d4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:dd:fd:a6:c2:9c:a8:ae:07:33:13:76:da:5d:
                    a4:87:70:d5:14:71:4a:a6:54:99:ac:6e:ac:33:d2:
                    81:6b:8b:08:97:9a:f4:2a:e2:79:0a:79:f8:d5:61:
                    fc:5e:bb:bc:d3:8c:47:b9:9a:67:52:2f:f6:d6:d8:
                    62:c9:30:7f:15:c9:ae:9a:e4:f9:d8:50:4a:6a:0c:
                    35:65:5a:1a:3f:dd:d0:26:21:1e:74:01:ac:f1:d1:
                    bc:82:48:b7:e5:b7:7e:66:d5:3a:f3:f6:9b:96:4d:
                    a8:fa:c0:d7:ee:a3:0f:7b:62:47:e5:74:03:5e:34:
                    b1:10:ed:c4:f2:b6:bb:40:5a:50:00:56:8e:c1:d0:
                    54:33:e9:05:24:54:24:c7:ce:67:d1:2c:16:50:c8:
                    50:84:b9:02:fb:f1:96:06:64:80:72:39:0d:0c:e0:
                    6b:58:85:bd:ad:5b:19:54:b0:c6:d6:7f:34:f9:75:
                    37:95:16:24:4b:29:aa:13:60:fa:a5:ac:69:78:b3:
                    b8:fe:a9:7e:a5:04:4d:7d:1e:1b:8e:2f:43:3b:f5:
                    35:44:9b:b4:eb:92:4a:2a:28:6d:68:8b:a5:c7:f0:
                    80:69:b9:41:e0:4a:3f:12:c6:07:10:56:cc:95:bb:
                    8e:38:0c:81:f4:c7:27:90:a2:fd:09:56:15:47:91:
                    db:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:6C:D0:F2:63:D7:D1:D1:0A:39:71:03:64:A2:A0:11:91:6D:E4:BB
            X509v3 Authority Key Identifier:
                keyid:AD:10:2E:D0:28:9D:C4:E4:FA:DE:70:B3:4D:76:60:CA:0D:2B:BD:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/rRAu0CidxOT63nCzTXZgyg0rvSs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRAu0CidxOT63nCzTXZgyg0rvSs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3B91/A365336E3E2411EC9B55E152C4F9AE02/4F2ADC203E2611ECA29D2A53C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.175.234.0/23
                IPv6:
                  2001:df7:ff80::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:57:2b:00:8c:47:be:67:b2:36:3b:33:70:25:59:fb:65:23:
         56:c4:76:75:81:ee:14:dd:3e:b6:62:6b:19:21:cf:b1:09:63:
         86:a7:60:d1:6e:0d:94:c9:12:f5:fc:f7:47:4b:7e:77:48:89:
         70:65:c3:be:c5:84:1c:49:2c:94:30:70:ea:be:97:f0:33:34:
         4b:0c:7f:6d:4b:6a:ef:fd:1b:d2:5d:c7:2f:bb:f1:55:11:05:
         d1:77:df:91:76:8a:81:e7:63:2a:0b:a3:01:f0:70:5c:5f:62:
         ec:54:ce:4d:ee:a1:4e:5a:be:be:e6:d7:6b:0b:79:02:24:96:
         ce:08:25:81:0e:99:d0:6d:99:2e:17:71:d8:f6:ce:fc:41:be:
         0c:69:16:68:b3:75:e1:14:b3:ae:af:a2:f2:c2:15:b1:c5:c8:
         ba:d0:ee:bb:16:39:28:91:61:e6:04:f4:6c:d0:44:3e:f6:de:
         cd:47:5d:0a:27:21:35:f4:4a:00:aa:a0:e2:be:20:24:12:e7:
         a9:c2:2c:f7:7e:d9:a1:89:e3:75:d8:44:ce:fd:a5:e7:87:15:
         79:de:10:15:fe:95:01:c7:e7:1f:35:90:a0:67:bf:ad:1c:84:
         58:3d:86:80:a1:2c:d1:0e:05:9c:92:46:04:43:c5:f6:a2:35:
         24:0c:6d:e9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNCOTExMTAvBgNVBAUTKEFEMTAyRUQwMjg5REM0RTRGQURFNzBCMzRENzY2MENB
MEQyQkJEMkIwHhcNMjIxMjIxMDM0MjQ4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EyODBiNy0xZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3939psKcqK4HMxN22l2kh3DVFHFKplSZrG6sM9KBa4sIl5r0KuJ5Cnn41WH8
Xru804xHuZpnUi/21thiyTB/FcmumuT52FBKagw1ZVoaP93QJiEedAGs8dG8gki3
5bd+ZtU68/ablk2o+sDX7qMPe2JH5XQDXjSxEO3E8ra7QFpQAFaOwdBUM+kFJFQk
x85n0SwWUMhQhLkC+/GWBmSAcjkNDOBrWIW9rVsZVLDG1n80+XU3lRYkSymqE2D6
paxpeLO4/ql+pQRNfR4bji9DO/U1RJu065JKKihtaIulx/CAablB4Eo/EsYHEFbM
lbuOOAyB9McnkKL9CVYVR5HbbQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHNs0PJj
19HRCjlxA2SioBGRbeS7MB8GA1UdIwQYMBaAFK0QLtAoncTk+t5ws012YMoNK70r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0I5MS9BMzY1MzM2RTNF
MjQxMUVDOUI1NUUxNTJDNEY5QUUwMi9yUkF1MENpZHhPVDYzbkN6VFhaZ3lnMHJ2
U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JSQXUwQ2lkeE9UNjNuQ3pUWFpneWcwcnZTcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNCOTEvQTM2NTMzNkUzRTI0MTFFQzlCNTVFMTUyQzRGOUFFMDIvNEYyQURDMjAz
RTI2MTFFQ0EyOUQyQTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnr+owDwQCAAIwCQMHACABDff/gDANBgkqhkiG9w0BAQsF
AAOCAQEANlcrAIxHvmeyNjszcCVZ+2UjVsR2dYHuFN0+tmJrGSHPsQljhqdg0W4N
lMkS9fz3R0t+d0iJcGXDvsWEHEkslDBw6r6X8DM0Swx/bUtq7/0b0l3HL7vxVREF
0XffkXaKgedjKgujAfBwXF9i7FTOTe6hTlq+vubXawt5AiSWzgglgQ6Z0G2ZLhdx
2PbO/EG+DGkWaLN14RSzrq+i8sIVscXIutDuuxY5KJFh5gT0bNBEPvbezUddCich
NfRKAKqg4r4gJBLnqcIs937ZoYnjddhEzv2l54cVed4QFf6VAcfnHzWQoGe/rRyE
WD2GgKEs0Q4FnJJGBEPF9qI1JAxt6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org