Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
File:                     1304D03292FA11ED8A66E70CC4F9AE02.roa (raw, json)
Hash identifier:          MblrtyDoff68SMnYqH7HgTj3ZTVbUQYfvuW2MIH8WC0=
Subject key identifier:   26:CF:1B:3E:11:2E:FF:89:88:6A:81:79:9B:72:01:C6:AD:99:B1:DC
Certificate issuer:       /CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
Certificate serial:       02
Authority key identifier: EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
Signing time:             Fri 13 Jan 2023 04:23:48 +0000
ROA not before:           Fri 13 Jan 2023 04:23:48 +0000
ROA not after:            Wed 01 Mar 2023 00:00:00 +0000
asID:                     58701
IP address blocks:        103.20.89.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
        Validity
            Not Before: Jan 13 04:23:48 2023 GMT
            Not After : Mar  1 00:00:00 2023 GMT
        Subject: CN=63c0dcd4-3719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b7:a6:63:34:06:d6:9c:4c:09:b9:3f:f3:bb:
                    d5:97:2e:db:16:1d:37:25:d0:26:23:3a:de:32:6f:
                    25:d2:32:0c:74:c5:d0:5d:f4:f3:03:46:f8:0a:52:
                    43:27:82:26:5a:77:42:a0:10:7f:38:c9:8b:a7:f0:
                    8e:e5:58:4c:15:1f:68:cf:3a:72:a3:0f:ec:98:78:
                    78:81:d8:f8:e0:46:29:5e:d4:c1:f0:a5:dd:a5:b1:
                    f2:f5:bc:6c:f9:21:1c:5a:06:da:e0:63:1e:3f:2f:
                    35:92:73:f1:ff:0c:15:ca:24:a4:a8:c5:e7:02:b0:
                    5f:4f:ef:6e:81:16:82:2a:75:e2:bc:db:1b:66:1e:
                    87:32:48:f0:4f:f7:de:8e:cd:8b:db:be:65:cb:bd:
                    5e:6d:a8:c7:1b:70:c6:4a:f3:93:20:68:a9:09:64:
                    b0:9c:ad:24:7e:ab:07:b3:3f:0a:c9:62:dd:0f:df:
                    a9:8a:bc:c2:f2:67:d5:fe:68:3a:ae:5a:fe:50:4b:
                    6c:77:2c:6e:e2:01:92:9d:aa:04:21:23:41:0e:46:
                    b5:76:96:9b:cb:eb:78:f2:93:01:f3:da:e2:30:67:
                    ee:a7:0b:45:5d:ca:60:4b:25:19:c2:b1:c3:08:c6:
                    9d:d0:da:53:33:32:5b:51:5e:cb:41:f5:c2:72:16:
                    22:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:CF:1B:3E:11:2E:FF:89:88:6A:81:79:9B:72:01:C6:AD:99:B1:DC
            X509v3 Authority Key Identifier:
                keyid:EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/7N0mV0PpIRvOCq3LsCLObzO-CwY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.20.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:07:b8:b6:56:f8:de:a6:c4:33:d4:e5:25:84:0d:7f:a9:09:
         86:b9:5e:fc:6f:06:82:68:3c:0f:2f:4d:3c:12:67:6a:44:1e:
         39:5c:c0:82:58:26:6a:d4:1e:4f:a9:fa:45:7e:ec:30:97:58:
         b7:30:1f:52:b4:3d:31:83:38:1e:d2:a7:31:c0:25:81:f8:49:
         e9:13:5e:6e:93:4c:69:f9:8b:f6:aa:8d:ab:bb:93:ca:f0:a6:
         e2:af:29:19:ea:bd:cc:27:d0:34:58:c3:b9:45:b7:8f:6a:ba:
         ad:64:ca:91:c5:4c:58:6f:19:a5:d2:c1:d9:d4:a9:12:09:9a:
         86:e5:a7:0a:42:f4:4e:b0:fb:2e:1c:d5:0b:c7:32:ab:a4:61:
         97:ab:f6:a7:92:3a:40:77:7e:55:e5:8e:e0:d2:0a:ae:fe:a6:
         9d:90:24:78:00:10:87:ba:2f:a2:c8:38:75:a7:3c:2f:00:4e:
         54:12:bf:ab:35:9e:5c:b3:ce:ad:af:72:92:eb:65:63:89:ee:
         49:92:12:13:a4:df:c0:63:a1:ed:f5:c9:29:42:5c:a2:2f:6e:
         6b:94:7c:b2:9f:17:84:c1:4f:ba:1e:75:41:94:6d:17:67:66:
         12:15:dc:a1:06:97:0c:19:14:d5:4c:de:13:34:3d:ed:3f:7d:
         4b:42:58:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTcxMDExMC8GA1UEBRMoRUNERDI2NTc0M0U5MjExQkNFMEFBRENCQjAyMkNFNkYz
M0JFMEIwNjAeFw0yMzAxMTMwNDIzNDhaFw0yMzAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzBkY2Q0LTM3MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8t6ZjNAbWnEwJuT/zu9WXLtsWHTcl0CYjOt4ybyXSMgx0xdBd9PMDRvgKUkMn
giZad0KgEH84yYun8I7lWEwVH2jPOnKjD+yYeHiB2PjgRile1MHwpd2lsfL1vGz5
IRxaBtrgYx4/LzWSc/H/DBXKJKSoxecCsF9P726BFoIqdeK82xtmHocySPBP996O
zYvbvmXLvV5tqMcbcMZK85MgaKkJZLCcrSR+qwezPwrJYt0P36mKvMLyZ9X+aDqu
Wv5QS2x3LG7iAZKdqgQhI0EORrV2lpvL63jykwHz2uIwZ+6nC0VdymBLJRnCscMI
xp3Q2lMzMltRXstB9cJyFiKJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJs8bPhEu
/4mIaoF5m3IBxq2ZsdwwHwYDVR0jBBgwFoAU7N0mV0PpIRvOCq3LsCLObzO+CwYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNzEwLzE4MjI5QTg2ODI2
QjExRUNBMTFCQTUyQkM0RjlBRTAyLzdOMG1WMFBwSVJ2T0NxM0xzQ0xPYnpPLUN3
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN04wbVYwUHBJUnZPQ3EzTHNDTE9iek8tQ3dZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTcxMC8xODIyOUE4NjgyNkIxMUVDQTExQkE1MkJDNEY5QUUwMi8xMzA0RDAzMjky
RkExMUVEOEE2NkU3MENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcUWTANBgkqhkiG9w0BAQsFAAOCAQEALAe4tlb43qbEM9Tl
JYQNf6kJhrle/G8Ggmg8Dy9NPBJnakQeOVzAglgmatQeT6n6RX7sMJdYtzAfUrQ9
MYM4HtKnMcAlgfhJ6RNebpNMafmL9qqNq7uTyvCm4q8pGeq9zCfQNFjDuUW3j2q6
rWTKkcVMWG8ZpdLB2dSpEgmahuWnCkL0TrD7LhzVC8cyq6Rhl6v2p5I6QHd+VeWO
4NIKrv6mnZAkeAAQh7ovosg4dac8LwBOVBK/qzWeXLPOra9ykutlY4nuSZISE6Tf
wGOh7fXJKUJcoi9ua5R8sp8XhMFPuh51QZRtF2dmEhXcoQaXDBkU1UzeEzQ97T99
S0JYZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org