Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8197203002C511EBBBAF893DC4F9AE02.roa
File:                     8197203002C511EBBBAF893DC4F9AE02.roa (raw, json)
Hash identifier:          FDZhuXcu/1aQB6vN9VkpAzyCMpDdP3aUsA67xXJH0Jc=
Subject key identifier:   7D:49:9A:FE:7A:52:1E:AD:96:0F:12:EE:32:01:3F:72:0B:90:81:AF
Certificate issuer:       /CN=A91BF8C3/serialNumber=6A4DBBA36D4C767D5BD72B6EE970A8000FC5495E
Certificate serial:       05E5
Authority key identifier: 6A:4D:BB:A3:6D:4C:76:7D:5B:D7:2B:6E:E9:70:A8:00:0F:C5:49:5E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ak27o21Mdn1b1ytu6XCoAA_FSV4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8197203002C511EBBBAF893DC4F9AE02.roa
Signing time:             Tue 08 Nov 2022 23:49:21 +0000
ROA not before:           Tue 08 Nov 2022 23:49:21 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     132857
IP address blocks:        103.156.192.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1509 (0x5e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BF8C3/serialNumber=6A4DBBA36D4C767D5BD72B6EE970A8000FC5495E
        Validity
            Not Before: Nov  8 23:49:21 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=636aeb01-95b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f0:95:ff:74:35:ca:0b:97:a3:9f:57:8a:e2:
                    8c:41:52:73:68:97:37:ca:38:13:fc:af:40:f3:d8:
                    12:8e:93:98:48:dd:6f:ab:20:1c:4c:8f:2c:5d:4e:
                    76:5c:1e:1d:af:15:de:db:4a:d1:4c:c8:20:19:16:
                    ef:ad:d5:fa:d3:01:78:fb:07:04:89:de:cb:bc:cc:
                    74:3d:0c:a4:b3:de:72:f9:33:2c:89:d2:d5:8f:ca:
                    a0:71:44:fa:8e:ce:22:7a:ca:ab:34:0e:da:87:9a:
                    f7:64:fa:77:23:bf:69:37:a7:d9:2c:a6:fa:88:82:
                    26:20:33:73:ed:77:7d:15:0c:77:e0:a6:71:60:b7:
                    ff:e1:ee:e1:20:62:d0:fd:76:df:0e:8e:20:a4:30:
                    80:94:65:c5:35:c2:62:1c:fb:ee:20:4d:7a:60:21:
                    85:97:52:9c:1c:fa:8b:bc:d0:a1:a2:dc:a3:94:08:
                    8e:0d:f1:17:60:1e:7c:ae:e3:1b:e1:01:05:08:61:
                    4b:b8:a0:65:66:b9:92:f9:09:df:a4:72:8b:43:f1:
                    2e:c5:0d:da:12:2f:9a:6f:75:51:7f:7f:88:59:65:
                    05:76:fd:98:e1:1f:2d:5a:29:50:d1:df:91:dc:a1:
                    19:28:88:d4:87:90:87:40:bb:65:e0:64:a3:37:5a:
                    a4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:49:9A:FE:7A:52:1E:AD:96:0F:12:EE:32:01:3F:72:0B:90:81:AF
            X509v3 Authority Key Identifier:
                keyid:6A:4D:BB:A3:6D:4C:76:7D:5B:D7:2B:6E:E9:70:A8:00:0F:C5:49:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/ak27o21Mdn1b1ytu6XCoAA_FSV4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ak27o21Mdn1b1ytu6XCoAA_FSV4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF8C3/D0E33FA402C311EB8ADC3238C4F9AE02/8197203002C511EBBBAF893DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:6f:31:fa:42:e4:1a:71:46:a0:fc:14:e7:fa:a8:8d:44:9a:
         11:ab:56:45:4f:35:51:f7:61:f2:5e:64:cb:ba:c5:f1:c5:0c:
         1e:45:28:ad:5e:45:6d:a5:e9:c1:e4:f6:11:85:50:cc:6a:ab:
         7c:bf:5e:93:83:78:c7:1b:7a:d3:73:d0:0f:29:26:d4:a3:56:
         54:b7:90:88:fa:43:9b:f6:44:ce:e6:86:60:4d:4f:c6:8c:33:
         3d:b5:03:72:dd:42:b5:e2:b7:cf:9d:cc:69:a2:12:2f:57:34:
         f5:57:b3:b2:03:26:39:c4:9d:a3:86:ad:f1:b3:80:5f:52:d7:
         ce:b7:1f:2f:65:9b:4b:09:11:06:72:5b:cd:d9:12:37:88:89:
         c7:bf:88:21:91:d1:4b:a3:91:00:98:4e:f1:33:a6:c5:ba:8a:
         3f:3a:cb:58:3c:9f:7f:76:e4:b6:90:cb:50:63:c4:b8:9d:ca:
         67:e7:f5:8c:a7:97:d2:d5:e0:f8:1e:02:6e:81:2f:b4:de:43:
         fc:f9:33:27:92:05:d5:52:4e:12:53:2d:fa:ce:6a:ce:83:5d:
         c0:75:1d:46:2a:38:6c:3e:c1:04:be:65:9b:a5:74:75:e3:a9:
         bb:fb:21:1c:4f:ca:7c:e3:ef:a6:26:02:52:a8:f4:45:4d:68:
         89:92:bb:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY4QzMxMTAvBgNVBAUTKDZBNERCQkEzNkQ0Qzc2N0Q1QkQ3MkI2RUU5NzBBODAw
MEZDNTQ5NUUwHhcNMjIxMTA4MjM0OTIxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhZWIwMS05NWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuvCV/3Q1yguXo59XiuKMQVJzaJc3yjgT/K9A89gSjpOYSN1vqyAcTI8sXU52
XB4drxXe20rRTMggGRbvrdX60wF4+wcEid7LvMx0PQyks95y+TMsidLVj8qgcUT6
js4iesqrNA7ah5r3ZPp3I79pN6fZLKb6iIImIDNz7Xd9FQx34KZxYLf/4e7hIGLQ
/XbfDo4gpDCAlGXFNcJiHPvuIE16YCGFl1KcHPqLvNChotyjlAiODfEXYB58ruMb
4QEFCGFLuKBlZrmS+QnfpHKLQ/EuxQ3aEi+ab3VRf3+IWWUFdv2Y4R8tWilQ0d+R
3KEZKIjUh5CHQLtl4GSjN1qkwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH1Jmv56
Uh6tlg8S7jIBP3ILkIGvMB8GA1UdIwQYMBaAFGpNu6NtTHZ9W9crbulwqAAPxUle
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjhDMy9EMEUzM0ZBNDAy
QzMxMUVCOEFEQzMyMzhDNEY5QUUwMi9hazI3bzIxTWRuMWIxeXR1NlhDb0FBX0ZT
VjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FrMjdvMjFNZG4xYjF5dHU2WENvQUFfRlNWNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY4QzMvRDBFMzNGQTQwMkMzMTFFQjhBREMzMjM4QzRGOUFFMDIvODE5NzIwMzAw
MkM1MTFFQkJCQUY4OTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnMAwDQYJKoZIhvcNAQELBQADggEBAAxvMfpC5BpxRqD8
FOf6qI1EmhGrVkVPNVH3YfJeZMu6xfHFDB5FKK1eRW2l6cHk9hGFUMxqq3y/XpOD
eMcbetNz0A8pJtSjVlS3kIj6Q5v2RM7mhmBNT8aMMz21A3LdQrXit8+dzGmiEi9X
NPVXs7IDJjnEnaOGrfGzgF9S1863Hy9lm0sJEQZyW83ZEjeIice/iCGR0UujkQCY
TvEzpsW6ij86y1g8n3925LaQy1BjxLidymfn9Yynl9LV4PgeAm6BL7TeQ/z5MyeS
BdVSThJTLfrOas6DXcB1HUYqOGw+wQS+ZZuldHXjqbv7IRxPynzj76YmAlKo9EVN
aImSu6s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org