Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/3031C0FC12F911ECA75E8778C4F9AE02.roa
File:                     3031C0FC12F911ECA75E8778C4F9AE02.roa (raw, json)
Hash identifier:          hDEIKXcAgDDTJ/9D0lfwKd1NLkNwDlMFSfmwBR4o4qk=
Subject key identifier:   19:FE:49:7F:31:97:8D:B5:F5:23:1E:CC:28:08:60:CC:2B:E4:2F:61
Certificate issuer:       /CN=A91B36DC/serialNumber=BC02B005CCAA0453FC9B817BB78CBA915F27C2A8
Certificate serial:       05A5
Authority key identifier: BC:02:B0:05:CC:AA:04:53:FC:9B:81:7B:B7:8C:BA:91:5F:27:C2:A8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAKwBcyqBFP8m4F7t4y6kV8nwqg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/3031C0FC12F911ECA75E8778C4F9AE02.roa
Signing time:             Sat 19 Nov 2022 00:09:40 +0000
ROA not before:           Sat 19 Nov 2022 00:09:40 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     141023
IP address blocks:        103.157.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1445 (0x5a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B36DC/serialNumber=BC02B005CCAA0453FC9B817BB78CBA915F27C2A8
        Validity
            Not Before: Nov 19 00:09:40 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=63781ec4-a0f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:36:81:57:15:b5:93:da:bb:4a:dd:b1:d3:4c:
                    38:3d:c4:43:72:e3:89:6c:41:4e:29:c0:67:80:e5:
                    a2:f5:00:24:00:f5:94:f3:a5:bf:7f:80:2f:cc:bf:
                    9e:6b:36:9c:6b:6c:1e:73:ad:a5:8a:44:34:88:11:
                    32:8b:fb:3f:13:4f:aa:bd:cc:73:1e:95:dc:07:a9:
                    41:59:2d:6b:32:dd:51:2c:a4:87:39:62:c4:49:64:
                    c2:d2:e9:5b:fe:2e:39:03:1d:28:4e:26:eb:e0:2c:
                    8e:28:2d:06:be:b0:01:10:37:02:a6:10:32:e9:16:
                    a0:19:d0:61:be:13:36:68:3e:2a:03:fd:da:3c:b2:
                    60:af:d3:b2:da:cd:b5:5e:c2:4a:c8:0d:c5:fe:8d:
                    90:70:98:05:46:41:0e:81:50:97:7a:93:56:cf:ea:
                    da:31:00:a3:2e:ce:b2:bd:8d:41:f9:db:c9:3c:d4:
                    71:9c:c3:bc:52:26:66:20:00:0f:b4:a8:da:75:25:
                    86:1c:23:e9:49:bc:78:06:22:ac:a4:a4:35:9b:47:
                    a4:16:57:b7:1c:8f:e2:97:d3:43:91:cb:b5:a3:71:
                    61:04:c2:1b:b8:ce:67:35:81:a7:fc:b4:b1:43:46:
                    75:58:66:55:9c:66:26:ad:3c:4e:a7:b6:82:db:cd:
                    cf:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:FE:49:7F:31:97:8D:B5:F5:23:1E:CC:28:08:60:CC:2B:E4:2F:61
            X509v3 Authority Key Identifier:
                keyid:BC:02:B0:05:CC:AA:04:53:FC:9B:81:7B:B7:8C:BA:91:5F:27:C2:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/vAKwBcyqBFP8m4F7t4y6kV8nwqg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAKwBcyqBFP8m4F7t4y6kV8nwqg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B36DC/B043647A19F911EBB8CDED4FC4F9AE02/3031C0FC12F911ECA75E8778C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:0f:cc:8f:15:e1:f0:78:e3:5a:d5:a0:cd:fa:28:fa:04:08:
         9a:a8:6a:d9:f8:d6:81:96:c6:fe:08:44:9b:d3:06:31:c4:eb:
         d5:45:f7:c4:3a:fd:2b:3d:21:61:6b:ba:92:b8:af:c6:84:c6:
         88:34:1e:fe:a0:b0:89:c8:c6:fe:25:bf:7f:24:39:d9:bc:78:
         aa:6c:d7:53:63:b6:f4:26:ca:2b:0d:77:2e:b2:52:ee:8a:48:
         6c:10:ae:8a:64:af:79:73:24:74:48:cc:a7:4a:aa:ce:68:51:
         be:6c:98:d2:d5:53:c2:a4:c7:44:12:f9:d4:9d:b1:ab:cb:20:
         da:5e:69:66:32:a9:00:f7:6c:e1:06:5f:05:d6:c5:d0:a9:12:
         c0:ee:c7:f0:38:60:57:72:86:33:4f:95:c5:2b:ad:1d:54:8a:
         2d:29:eb:82:0f:bb:6c:47:22:ed:e9:18:0c:eb:19:11:30:e9:
         ec:8d:52:7b:be:1a:52:ac:a2:4a:de:8b:24:34:6d:65:f0:cd:
         b3:19:5d:89:b1:6c:4b:66:ec:34:97:73:b1:9f:52:79:ec:5d:
         d7:f3:85:8f:a8:71:72:e4:fd:0c:0f:6d:5b:98:4a:ca:ce:c4:
         31:5a:9b:2f:33:aa:7b:6e:80:cf:ac:0a:e7:52:4b:c1:ee:75:
         11:17:e3:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM2REMxMTAvBgNVBAUTKEJDMDJCMDA1Q0NBQTA0NTNGQzlCODE3QkI3OENCQTkx
NUYyN0MyQTgwHhcNMjIxMTE5MDAwOTQwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc4MWVjNC1hMGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2zaBVxW1k9q7St2x00w4PcRDcuOJbEFOKcBngOWi9QAkAPWU86W/f4AvzL+e
azaca2wec62likQ0iBEyi/s/E0+qvcxzHpXcB6lBWS1rMt1RLKSHOWLESWTC0ulb
/i45Ax0oTibr4CyOKC0GvrABEDcCphAy6RagGdBhvhM2aD4qA/3aPLJgr9Oy2s21
XsJKyA3F/o2QcJgFRkEOgVCXepNWz+raMQCjLs6yvY1B+dvJPNRxnMO8UiZmIAAP
tKjadSWGHCPpSbx4BiKspKQ1m0ekFle3HI/il9NDkcu1o3FhBMIbuM5nNYGn/LSx
Q0Z1WGZVnGYmrTxOp7aC283PMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBn+SX8x
l4219SMezCgIYMwr5C9hMB8GA1UdIwQYMBaAFLwCsAXMqgRT/JuBe7eMupFfJ8Ko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzZEQy9CMDQzNjQ3QTE5
RjkxMUVCQjhDREVENEZDNEY5QUUwMi92QUt3QmN5cUJGUDhtNEY3dDR5NmtWOG53
cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZBS3dCY3lxQkZQOG00Rjd0NHk2a1Y4bndxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM2REMvQjA0MzY0N0ExOUY5MTFFQkI4Q0RFRDRGQzRGOUFFMDIvMzAzMUMwRkMx
MkY5MTFFQ0E3NUU4Nzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnfkwDQYJKoZIhvcNAQELBQADggEBAK0PzI8V4fB441rV
oM36KPoECJqoatn41oGWxv4IRJvTBjHE69VF98Q6/Ss9IWFrupK4r8aExog0Hv6g
sInIxv4lv38kOdm8eKps11NjtvQmyisNdy6yUu6KSGwQropkr3lzJHRIzKdKqs5o
Ub5smNLVU8Kkx0QS+dSdsavLINpeaWYyqQD3bOEGXwXWxdCpEsDux/A4YFdyhjNP
lcUrrR1Uii0p64IPu2xHIu3pGAzrGREw6eyNUnu+GlKsokreiyQ0bWXwzbMZXYmx
bEtm7DSXc7GfUnnsXdfzhY+ocXLk/QwPbVuYSsrOxDFamy8zqntugM+sCudSS8Hu
dREX49w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org