Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
File:                     C431493032BF11EDB0244949C4F9AE02.roa (raw, json)
Hash identifier:          lYtkOF9sucVfj7NH7wd1pYu4sxwg0m6DdvhWIrsXMxY=
Subject key identifier:   B2:AC:14:4B:B6:36:8C:12:0C:A9:1A:67:11:47:C7:30:FB:66:7E:CC
Certificate issuer:       /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial:       01F2
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
Signing time:             Wed 08 Mar 2023 13:13:45 +0000
ROA not before:           Wed 08 Mar 2023 13:13:45 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     139042
IP address blocks:        103.138.146.0/23 maxlen: 23
                          103.138.146.0/24 maxlen: 24
                          2407:3b40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 498 (0x1f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
        Validity
            Not Before: Mar  8 13:13:45 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=64088a09-c843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5b:56:9e:57:af:41:de:8b:6a:85:f8:b4:85:
                    89:2f:0d:18:5a:a5:dd:ed:b8:3e:5d:4a:1b:73:64:
                    cc:23:16:fc:50:e6:03:a3:c1:69:63:43:5e:3b:39:
                    e5:bd:01:01:aa:54:f1:f5:ce:a0:88:b3:d7:5e:e1:
                    ad:bf:27:7a:15:f6:68:22:6d:e0:85:e8:b2:9e:73:
                    8c:6e:d8:3b:36:b5:ab:5c:ce:63:7e:ee:4b:50:ca:
                    d0:cb:d3:bc:00:a0:db:66:c2:f3:05:ef:22:46:a2:
                    49:0d:19:12:34:e9:e4:a2:c8:6b:1a:88:c0:36:aa:
                    1f:ee:e2:f9:08:f1:e9:0a:6a:88:3d:c4:8e:6b:eb:
                    9a:49:fc:d9:44:01:7e:a1:7e:26:d7:6e:4b:5f:77:
                    13:d8:14:ef:79:dc:4c:87:d5:04:72:84:02:81:ce:
                    c4:e4:00:12:83:a2:e1:4f:a9:63:93:02:b9:92:9c:
                    d6:d2:58:9d:59:f9:a9:c3:ff:49:f8:01:01:60:c6:
                    42:e5:7b:9b:89:75:08:62:78:13:cf:d0:49:88:4e:
                    40:28:07:80:f5:e0:15:dd:77:56:c8:9c:8b:25:93:
                    2f:8a:a4:48:e9:27:92:52:ff:cc:e3:b8:06:80:d5:
                    84:86:6d:32:91:c2:ef:00:43:36:70:a5:1f:68:d6:
                    da:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:AC:14:4B:B6:36:8C:12:0C:A9:1A:67:11:47:C7:30:FB:66:7E:CC
            X509v3 Authority Key Identifier:
                keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.146.0/23
                IPv6:
                  2407:3b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:00:32:a7:b9:78:9d:00:39:09:4d:b7:3f:d8:08:d1:61:00:
         c6:f5:c9:cf:82:4c:74:37:08:31:48:6b:bf:66:83:10:ed:f7:
         61:0d:eb:ec:c3:47:44:a2:dc:75:fe:c2:17:75:cd:d9:a8:40:
         e5:00:f1:69:a1:d7:00:df:48:d3:76:a3:97:48:3c:aa:93:38:
         00:fd:6c:20:67:49:4c:73:d5:17:08:cf:6f:95:0b:6d:69:4f:
         e9:75:cb:2c:6a:47:7d:86:a7:b7:4e:78:51:6f:6d:94:a5:e1:
         dd:19:28:bd:61:6a:2f:12:e7:a2:d1:c8:4e:45:68:ef:86:a0:
         fb:82:53:3e:67:7c:f7:1d:4b:dd:43:7f:9d:89:5b:2b:03:11:
         a4:98:52:b8:cd:0c:0a:99:93:e5:b2:75:7a:65:f1:1e:58:f0:
         34:22:64:e1:04:10:c1:d3:d3:d3:5e:35:26:d8:17:81:15:db:
         ac:d8:08:11:8b:42:e8:9a:34:0d:c8:05:ba:3b:79:29:f8:98:
         b0:aa:ed:76:0b:15:4b:9c:a3:97:e7:9b:1d:cd:ac:5b:03:a6:
         24:8f:11:79:71:75:9c:b2:9d:23:ec:04:38:9c:b3:bc:b2:0c:
         ad:2a:51:59:a7:f5:60:7c:8a:2a:2f:eb:46:1c:9a:74:42:d5:
         5b:b3:60:ae
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjMwMzA4MTMxMzQ1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA4OGEwOS1jODQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ltWnlevQd6LaoX4tIWJLw0YWqXd7bg+XUobc2TMIxb8UOYDo8FpY0NeOznl
vQEBqlTx9c6giLPXXuGtvyd6FfZoIm3gheiynnOMbtg7NrWrXM5jfu5LUMrQy9O8
AKDbZsLzBe8iRqJJDRkSNOnkoshrGojANqof7uL5CPHpCmqIPcSOa+uaSfzZRAF+
oX4m125LX3cT2BTvedxMh9UEcoQCgc7E5AASg6LhT6ljkwK5kpzW0lidWfmpw/9J
+AEBYMZC5XubiXUIYngTz9BJiE5AKAeA9eAV3XdWyJyLJZMviqRI6SeSUv/M47gG
gNWEhm0ykcLvAEM2cKUfaNbaMwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLKsFEu2
NowSDKkaZxFHxzD7Zn7MMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvQzQzMTQ5MzAz
MkJGMTFFREIwMjQ0OTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnipIwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBADMAMqe5eJ0AOQlNtz/YCNFhAMb1yc+CTHQ3CDFIa79mgxDt92EN6+zDR0Si
3HX+whd1zdmoQOUA8Wmh1wDfSNN2o5dIPKqTOAD9bCBnSUxz1RcIz2+VC21pT+l1
yyxqR32Gp7dOeFFvbZSl4d0ZKL1hai8S56LRyE5FaO+GoPuCUz5nfPcdS91Df52J
WysDEaSYUrjNDAqZk+WydXpl8R5Y8DQiZOEEEMHT09NeNSbYF4EV26zYCBGLQuia
NA3IBbo7eSn4mLCq7XYLFUuco5fnmx3NrFsDpiSPEXlxdZyynSPsBDics7yyDK0q
UVmn9WB8iiov60YcmnRC1VuzYK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org