Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8F2468D8199D11EEA0AE3622C4F9AE02.roa
File:                     8F2468D8199D11EEA0AE3622C4F9AE02.roa (raw, json)
Hash identifier:          zI2IkU0Kh1Bzyv8Z6HCp0ik4K36o2YxTwQkxSmGh0UU=
Subject key identifier:   E6:77:0B:8B:11:BF:2A:13:28:B7:D3:8B:97:06:FF:26:2C:DF:13:8F
Certificate issuer:       /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial:       034B
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8F2468D8199D11EEA0AE3622C4F9AE02.roa
Signing time:             Mon 03 Jul 2023 12:31:40 +0000
ROA not before:           Mon 03 Jul 2023 12:31:40 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     57097
IP address blocks:        103.120.128.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 843 (0x34b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
        Validity
            Not Before: Jul  3 12:31:40 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64a2bfab-37b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b0:d4:b6:2e:1c:08:bf:04:54:e9:c1:da:b5:
                    31:1b:4a:59:57:c4:e8:45:8d:e6:2e:90:62:06:fb:
                    00:5a:ff:23:92:3d:65:1f:30:4d:89:16:56:83:8d:
                    07:18:f3:53:ca:53:21:06:63:d2:20:bd:ff:3f:d3:
                    54:4e:b8:a7:95:ee:ce:85:86:1f:4e:2c:eb:d6:75:
                    24:46:8f:7d:16:82:98:b3:77:f8:02:30:14:36:93:
                    66:05:85:22:a1:77:50:65:97:82:79:b5:27:0d:d1:
                    78:49:48:07:6b:13:c8:c3:2d:6d:f6:25:76:8d:ca:
                    6a:21:f7:ec:91:a6:27:22:ca:0c:49:cc:8a:43:11:
                    58:0f:09:ae:6e:43:d6:c0:e2:96:23:1b:73:60:51:
                    d7:96:11:bf:76:22:b8:ea:84:ad:f3:7b:bb:88:35:
                    eb:e8:33:cc:02:57:b4:82:83:14:e5:1c:79:24:8a:
                    d9:62:b5:36:27:c8:a0:30:1c:c8:66:71:eb:30:d9:
                    59:db:70:6a:6e:e7:e7:dc:c5:c4:44:58:b0:83:21:
                    15:83:7a:28:57:ec:be:e5:34:27:78:cf:de:54:88:
                    99:99:f6:02:5b:50:d4:27:c7:61:fe:1e:53:35:df:
                    26:cf:0e:8e:34:11:3b:5f:b5:67:9a:3f:1f:c1:03:
                    11:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:77:0B:8B:11:BF:2A:13:28:B7:D3:8B:97:06:FF:26:2C:DF:13:8F
            X509v3 Authority Key Identifier:
                keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8F2468D8199D11EEA0AE3622C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.120.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:78:25:22:63:ee:b5:43:18:7f:04:45:47:d4:c4:1f:c7:a3:
         c0:bf:b8:ec:19:93:90:1d:e0:41:0b:f8:b7:42:ac:53:b8:88:
         8b:03:45:be:6b:24:f2:01:62:3d:71:98:f9:16:4b:06:69:7f:
         fb:f9:b4:ad:c9:7e:48:a1:31:10:4a:f2:60:dc:02:3a:9a:c4:
         11:a7:53:5e:e2:59:24:29:f1:b0:e0:65:d1:4e:6a:e3:5a:35:
         27:89:f2:8d:af:71:a9:03:c6:f1:68:ab:4c:e7:1e:d5:af:bd:
         54:e0:6b:dc:3c:1b:d1:9c:76:61:bd:6d:dc:33:fd:08:92:e5:
         b0:b8:29:c3:d1:e1:d9:0b:15:90:94:c5:f0:f6:52:21:2b:63:
         a9:87:c7:7d:d0:c3:1f:b6:02:32:a1:a5:79:2c:a4:c9:fa:06:
         ea:0f:2f:7b:46:f7:ac:ae:fa:70:fd:36:af:84:9f:ba:8b:c5:
         20:15:01:23:ef:cb:99:e8:6b:eb:5f:df:5c:e1:5f:df:cf:99:
         b1:52:ad:eb:b1:c2:6c:90:b5:d8:be:ee:ea:b0:89:2b:b5:fe:
         a4:db:b8:02:b0:bb:8f:a3:44:dd:8d:6f:c1:5f:27:0f:61:cb:
         5d:29:e5:d7:4e:cd:3e:99:fc:88:90:72:a0:11:17:db:93:8f:
         6a:3f:37:6e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDOUIxMTAvBgNVBAUTKDQ5NDIwMkIwMzFFOUY0Mjc2NDMxNTdBMDZFRkFBNEMw
NzBDN0YzRUQwHhcNMjMwNzAzMTIzMTQwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyYmZhYi0zN2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs7DUti4cCL8EVOnB2rUxG0pZV8ToRY3mLpBiBvsAWv8jkj1lHzBNiRZWg40H
GPNTylMhBmPSIL3/P9NUTrinle7OhYYfTizr1nUkRo99FoKYs3f4AjAUNpNmBYUi
oXdQZZeCebUnDdF4SUgHaxPIwy1t9iV2jcpqIffskaYnIsoMScyKQxFYDwmubkPW
wOKWIxtzYFHXlhG/diK46oSt83u7iDXr6DPMAle0goMU5Rx5JIrZYrU2J8igMBzI
ZnHrMNlZ23Bqbufn3MXERFiwgyEVg3ooV+y+5TQneM/eVIiZmfYCW1DUJ8dh/h5T
Nd8mzw6ONBE7X7Vnmj8fwQMRFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOZ3C4sR
vyoTKLfTi5cG/yYs3xOPMB8GA1UdIwQYMBaAFElCArAx6fQnZDFXoG76pMBwx/Pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM5Qi9BNDZFOTg5QTMy
MkIxMUVDOTdGOENGN0NDNEY5QUUwMi9TVUlDc0RIcDlDZGtNVmVnYnZxa3dIREg4
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDOUIvQTQ2RTk4OUEzMjJCMTFFQzk3RjhDRjdDQzRGOUFFMDIvOEYyNDY4RDgx
OTlEMTFFRUEwQUUzNjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABneIAwDQYJKoZIhvcNAQELBQADggEBAK94JSJj7rVDGH8E
RUfUxB/Ho8C/uOwZk5Ad4EEL+LdCrFO4iIsDRb5rJPIBYj1xmPkWSwZpf/v5tK3J
fkihMRBK8mDcAjqaxBGnU17iWSQp8bDgZdFOauNaNSeJ8o2vcakDxvFoq0znHtWv
vVTga9w8G9GcdmG9bdwz/QiS5bC4KcPR4dkLFZCUxfD2UiErY6mHx33Qwx+2AjKh
pXkspMn6BuoPL3tG96yu+nD9Nq+En7qLxSAVASPvy5noa+tf31zhX9/PmbFSreux
wmyQtdi+7uqwiSu1/qTbuAKwu4+jRN2Nb8FfJw9hy10p5ddOzT6Z/IiQcqARF9uT
j2o/N24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org