Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/AC89CB1AB29C11EDB216812EC4F9AE02.roa
File:                     AC89CB1AB29C11EDB216812EC4F9AE02.roa (raw, json)
Hash identifier:          JRHEi2BmD+m8X2toYIUL5RmxI2eJQ0v5KBRp4ad2MKg=
Subject key identifier:   DB:5F:3D:CE:70:F2:A6:40:F0:67:E6:7D:9F:6F:C0:30:65:FC:79:50
Certificate issuer:       /CN=A91AFB4C/serialNumber=6349735904E1BC0D65BD594A07762BB5299C038A
Certificate serial:       02
Authority key identifier: 63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/AC89CB1AB29C11EDB216812EC4F9AE02.roa
Signing time:             Wed 22 Feb 2023 10:35:50 +0000
ROA not before:           Wed 22 Feb 2023 10:35:50 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     138357
IP address blocks:        103.89.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AFB4C/serialNumber=6349735904E1BC0D65BD594A07762BB5299C038A
        Validity
            Not Before: Feb 22 10:35:50 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=63f5f006-0ce7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8c:b4:c0:9b:83:94:fd:fb:c3:23:99:14:9f:
                    8b:32:ba:d8:d1:16:ef:b2:a5:41:2c:8d:b9:88:33:
                    1d:6f:19:75:c5:d0:17:2e:06:33:85:dd:fd:10:2c:
                    11:97:8b:02:1a:93:e6:28:d5:ce:58:9d:f3:ce:b0:
                    d9:91:cd:61:97:4f:0f:f2:cd:6f:a0:b3:73:d0:84:
                    85:d7:b5:4f:ab:34:6c:b9:a8:e7:53:13:b0:fc:f6:
                    4b:97:f8:30:58:2e:1d:0e:c4:e3:7a:c8:98:d7:cd:
                    77:76:44:75:b9:f9:25:c9:cc:17:42:29:8e:e8:05:
                    5a:e4:a0:a3:1b:c0:53:56:c5:2c:bd:45:b6:a1:bb:
                    5e:e9:07:07:b5:54:d7:10:de:26:2d:0b:de:7b:72:
                    44:cb:2c:6c:eb:01:04:19:e4:76:01:d9:84:a2:40:
                    a5:28:05:71:d7:69:e0:41:7b:1a:c6:4b:cb:97:b2:
                    72:39:34:2c:24:53:69:96:94:6b:c5:a5:08:fa:09:
                    b3:1e:be:86:87:4e:7d:6f:b7:80:68:5a:65:3e:13:
                    29:70:1d:85:d3:2f:ff:68:38:0f:e3:08:d4:e1:44:
                    6f:1b:b1:53:60:14:b9:28:f7:ea:45:06:ad:a8:d0:
                    5a:35:7a:32:09:ad:b5:d4:1b:d2:db:1f:77:de:c2:
                    fc:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:5F:3D:CE:70:F2:A6:40:F0:67:E6:7D:9F:6F:C0:30:65:FC:79:50
            X509v3 Authority Key Identifier:
                keyid:63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/AC89CB1AB29C11EDB216812EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.89.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:6d:66:e4:53:3e:ea:c4:a7:0e:6f:04:12:f7:53:5c:d4:c2:
         14:15:40:a0:5b:98:77:92:7b:b6:f0:1c:4c:4c:d8:05:13:44:
         19:e8:3b:fe:e5:37:07:bd:5a:12:ef:bb:01:c8:53:1d:00:a3:
         a6:85:a5:cc:d5:8b:02:97:f5:26:3e:8e:36:00:31:cb:ce:ef:
         ef:74:92:83:c4:b2:66:a3:31:ed:b5:f9:b8:ef:54:8a:02:46:
         95:a3:5b:d4:b3:43:45:54:45:05:d0:3e:74:1c:74:76:52:e7:
         f5:fd:82:7c:7c:a0:cf:9d:9a:63:c3:4b:e3:b1:c4:f9:d1:40:
         4c:3b:ad:e1:a9:83:40:31:bd:d3:bd:14:62:5d:f6:5d:e4:4b:
         25:e1:c2:ec:f6:2d:2a:1f:a5:ae:b3:75:7f:b1:1a:c7:f5:a8:
         c8:c8:3f:f6:74:11:58:e5:72:9e:f6:ab:ae:03:c6:fa:9f:d7:
         46:fe:15:be:79:92:e4:1a:ee:b5:60:35:30:32:2a:2a:d2:c8:
         2b:4d:e7:f5:7f:c7:95:32:2f:ae:a5:69:5d:ea:99:fe:5e:0e:
         45:5e:79:62:56:b5:40:97:18:a7:ed:e6:30:18:ba:fb:44:cb:
         2a:65:2d:11:ce:e9:72:06:a2:7f:25:37:a9:51:e6:f5:8f:c5:
         79:32:21:c3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RkI0QzExMC8GA1UEBRMoNjM0OTczNTkwNEUxQkMwRDY1QkQ1OTRBMDc3NjJCQjUy
OTlDMDM4QTAeFw0yMzAyMjIxMDM1NTBaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZjVmMDA2LTBjZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgjLTAm4OU/fvDI5kUn4syutjRFu+ypUEsjbmIMx1vGXXF0BcuBjOF3f0QLBGX
iwIak+Yo1c5YnfPOsNmRzWGXTw/yzW+gs3PQhIXXtU+rNGy5qOdTE7D89kuX+DBY
Lh0OxON6yJjXzXd2RHW5+SXJzBdCKY7oBVrkoKMbwFNWxSy9Rbahu17pBwe1VNcQ
3iYtC957ckTLLGzrAQQZ5HYB2YSiQKUoBXHXaeBBexrGS8uXsnI5NCwkU2mWlGvF
pQj6CbMevoaHTn1vt4BoWmU+EylwHYXTL/9oOA/jCNThRG8bsVNgFLko9+pFBq2o
0Fo1ejIJrbXUG9LbH3fewvxDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU2189znDy
pkDwZ+Z9n2/AMGX8eVAwHwYDVR0jBBgwFoAUY0lzWQThvA1lvVlKB3YrtSmcA4ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGQjRDL0M0NzBCMjJBQjI5
NzExRUQ5NEVGMDkyNkM0RjlBRTAyL1kwbHpXUVRodkExbHZWbEtCM1lydFNtY0E0
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWTBseldRVGh2QTFsdlZsS0IzWXJ0U21jQTRvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RkI0Qy9DNDcwQjIyQUIyOTcxMUVEOTRFRjA5MjZDNEY5QUUwMi9BQzg5Q0IxQUIy
OUMxMUVEQjIxNjgxMkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdZ8DANBgkqhkiG9w0BAQsFAAOCAQEAwW1m5FM+6sSnDm8E
EvdTXNTCFBVAoFuYd5J7tvAcTEzYBRNEGeg7/uU3B71aEu+7AchTHQCjpoWlzNWL
Apf1Jj6ONgAxy87v73SSg8SyZqMx7bX5uO9UigJGlaNb1LNDRVRFBdA+dBx0dlLn
9f2CfHygz52aY8NL47HE+dFATDut4amDQDG9070UYl32XeRLJeHC7PYtKh+lrrN1
f7Eax/WoyMg/9nQRWOVynvarrgPG+p/XRv4VvnmS5BrutWA1MDIqKtLIK03n9X/H
lTIvrqVpXeqZ/l4ORV55Yla1QJcYp+3mMBi6+0TLKmUtEc7pcgaifyU3qVHm9Y/F
eTIhww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org