Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
File:                     3D6E5CE8C82F11ED91939D31C4F9AE02.roa (raw, json)
Hash identifier:          YzPNUVxhh4V3eFAik8V3QVcGSOJbwZIgpTYq1I/9sD0=
Subject key identifier:   48:79:6E:30:18:06:E5:78:39:88:9D:0B:91:C0:83:17:E9:3D:FB:D2
Certificate issuer:       /CN=A91A8CB6/serialNumber=2A877EED52E6222039BFCC38FE70358FBBD27B68
Certificate serial:       08FA
Authority key identifier: 2A:87:7E:ED:52:E6:22:20:39:BF:CC:38:FE:70:35:8F:BB:D2:7B:68
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kod-7VLmIiA5v8w4_nA1j7vSe2g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
Signing time:             Fri 31 Mar 2023 22:08:33 +0000
ROA not before:           Fri 31 Mar 2023 22:08:33 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     150180
IP address blocks:        103.148.212.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2298 (0x8fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A8CB6/serialNumber=2A877EED52E6222039BFCC38FE70358FBBD27B68
        Validity
            Not Before: Mar 31 22:08:33 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=642759e1-a4c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e3:9e:93:bc:d4:6d:77:e7:c0:30:d2:23:15:
                    5c:c5:d4:41:10:81:7b:f2:60:ad:a2:f6:db:b5:13:
                    a3:f1:fd:b7:7d:2d:a1:69:0f:a1:06:53:e0:98:54:
                    19:11:5b:27:32:e0:25:ec:63:31:00:66:67:f4:31:
                    99:0b:f0:ba:81:b4:8b:65:c6:12:85:fb:e2:a3:1a:
                    97:b8:c7:d6:65:cd:2f:29:58:13:01:38:0e:17:94:
                    6d:55:79:85:49:9f:97:fa:6d:1d:92:9f:01:d2:e0:
                    73:31:30:b9:42:e0:67:6e:39:34:d3:08:02:c4:cd:
                    5d:4a:5e:0a:03:f5:98:a6:9e:13:26:b3:e8:4d:f4:
                    2e:ec:d6:18:5c:ec:b4:7e:9d:29:3b:5d:f4:03:b8:
                    a5:00:56:57:35:df:58:0e:cd:09:1b:3e:9e:77:ef:
                    52:1b:cc:14:e8:3b:30:1a:88:de:27:17:a2:a6:b7:
                    5f:9a:55:06:c6:90:99:69:1c:2c:bf:a1:5b:35:18:
                    8a:b7:8a:6e:cf:49:0e:16:57:9e:34:77:5d:51:53:
                    89:b7:2c:b6:51:d5:b6:d5:a8:3c:e3:7d:9f:57:73:
                    d5:b2:18:3a:42:90:f5:d0:80:00:13:1d:e7:23:28:
                    70:22:99:7c:51:91:b7:dd:f5:b8:4b:7e:20:fd:bd:
                    20:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:79:6E:30:18:06:E5:78:39:88:9D:0B:91:C0:83:17:E9:3D:FB:D2
            X509v3 Authority Key Identifier:
                keyid:2A:87:7E:ED:52:E6:22:20:39:BF:CC:38:FE:70:35:8F:BB:D2:7B:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/Kod-7VLmIiA5v8w4_nA1j7vSe2g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kod-7VLmIiA5v8w4_nA1j7vSe2g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:27:1a:65:5c:81:d8:99:3e:88:85:9a:a0:29:67:b9:0b:d6:
         9a:f1:34:4f:15:68:98:24:37:77:d1:56:64:3f:79:01:c2:a6:
         ac:01:26:4b:91:3b:33:34:4b:63:6c:e2:57:2b:3a:a0:d6:c5:
         0d:05:8e:ef:02:92:91:24:e1:ee:72:f0:ff:a4:9f:59:df:3f:
         93:24:aa:af:b6:9f:be:aa:5f:93:d1:75:b8:5c:c3:dc:76:bd:
         6a:dc:3f:9d:cc:6c:54:32:d9:9b:c5:3b:18:22:53:6a:de:93:
         1d:97:27:05:b4:fc:42:56:e9:c2:fb:78:82:b0:a0:0e:95:82:
         ec:b6:b9:6b:be:7f:05:6c:01:99:bb:ef:50:95:53:be:aa:1d:
         5f:c4:fc:fd:00:f9:29:18:92:99:2d:62:20:b0:44:ad:8d:7e:
         1c:b3:87:72:5f:f9:6a:10:28:fd:1c:bf:06:9b:8f:6d:34:fd:
         d0:27:b1:e8:69:ac:74:4d:be:92:5b:fe:91:02:e6:c7:16:48:
         62:70:ec:38:0f:8f:7d:5d:70:ae:69:4a:6f:c9:e8:4b:d3:03:
         c9:c8:6a:f2:46:f3:1c:c8:a9:a2:14:58:a9:80:df:19:3a:df:
         ac:cc:5f:98:ac:32:8c:6f:f5:97:3a:4a:58:23:e3:3b:14:40:
         63:b5:79:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThDQjYxMTAvBgNVBAUTKDJBODc3RUVENTJFNjIyMjAzOUJGQ0MzOEZFNzAzNThG
QkJEMjdCNjgwHhcNMjMwMzMxMjIwODMzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3NTllMS1hNGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsuOek7zUbXfnwDDSIxVcxdRBEIF78mCtovbbtROj8f23fS2haQ+hBlPgmFQZ
EVsnMuAl7GMxAGZn9DGZC/C6gbSLZcYShfvioxqXuMfWZc0vKVgTATgOF5RtVXmF
SZ+X+m0dkp8B0uBzMTC5QuBnbjk00wgCxM1dSl4KA/WYpp4TJrPoTfQu7NYYXOy0
fp0pO130A7ilAFZXNd9YDs0JGz6ed+9SG8wU6DswGojeJxeiprdfmlUGxpCZaRws
v6FbNRiKt4puz0kOFleeNHddUVOJtyy2UdW21ag8432fV3PVshg6QpD10IAAEx3n
IyhwIpl8UZG33fW4S34g/b0g5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEh5bjAY
BuV4OYidC5HAgxfpPfvSMB8GA1UdIwQYMBaAFCqHfu1S5iIgOb/MOP5wNY+70nto
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOENCNi81NkE0QTY0MDVB
RTYxMUVBOUM4OENCODJDNEY5QUUwMi9Lb2QtN1ZMbUlpQTV2OHc0X25BMWo3dlNl
MmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tvZC03VkxtSWlBNXY4dzRfbkExajd2U2UyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThDQjYvNTZBNEE2NDA1QUU2MTFFQTlDODhDQjgyQzRGOUFFMDIvM0Q2RTVDRThD
ODJGMTFFRDkxOTM5RDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlNQwDQYJKoZIhvcNAQELBQADggEBAIEnGmVcgdiZPoiF
mqApZ7kL1prxNE8VaJgkN3fRVmQ/eQHCpqwBJkuROzM0S2Ns4lcrOqDWxQ0Fju8C
kpEk4e5y8P+kn1nfP5Mkqq+2n76qX5PRdbhcw9x2vWrcP53MbFQy2ZvFOxgiU2re
kx2XJwW0/EJW6cL7eIKwoA6Vguy2uWu+fwVsAZm771CVU76qHV/E/P0A+SkYkpkt
YiCwRK2Nfhyzh3Jf+WoQKP0cvwabj200/dAnsehprHRNvpJb/pEC5scWSGJw7DgP
j31dcK5pSm/J6EvTA8nIavJG8xzIqaIUWKmA3xk636zMX5isMoxv9Zc6Slgj4zsU
QGO1eWw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org