Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
File:                     8F6D440EC2BA11EB99E5E36FC4F9AE02.roa (raw, json)
Hash identifier:          iZeY30o/ixXr76E1wXwkx7CYqdrdfxHLPOxUOg6/gb8=
Subject key identifier:   F0:B2:DD:89:21:14:29:33:FC:76:20:0C:CA:5F:E4:7F:69:B6:28:AD
Certificate issuer:       /CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Certificate serial:       08FA
Authority key identifier: A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
Signing time:             Sat 30 Apr 2022 20:46:37 +0000
ROA not before:           Sat 30 Apr 2022 20:46:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137554
IP address blocks:        103.137.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2298 (0x8fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
        Validity
            Not Before: Apr 30 20:46:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=626da02d-50cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:73:a9:c2:c4:f8:63:5b:21:6b:b1:99:fd:0d:
                    92:c5:52:0b:07:f8:ce:b7:ae:1c:53:5f:aa:8b:e4:
                    b6:d5:88:6b:96:9e:d2:3a:9b:e8:04:28:69:8f:a9:
                    ba:9e:b8:d5:39:87:1f:5d:40:d5:0b:ca:b2:7b:81:
                    7e:f5:89:4d:15:f0:c9:c1:d2:28:76:77:d4:04:66:
                    8c:36:08:ba:22:5c:e8:78:40:68:d8:e6:a8:15:b9:
                    76:39:78:f0:df:5a:03:9f:fd:25:57:0a:b0:fe:42:
                    a4:dc:20:15:93:14:87:c4:47:5e:32:d7:72:76:b9:
                    31:b7:aa:4c:3c:b7:d7:2f:5d:3d:57:c3:33:5e:db:
                    53:bb:d0:70:2d:26:d6:fb:e5:cf:04:43:db:b1:d4:
                    de:ad:a1:d2:e5:9e:23:7c:a9:25:43:9e:5c:ac:cc:
                    5b:ad:8b:71:4d:dd:f7:52:01:ea:ae:6c:9b:dd:d6:
                    1b:2a:32:c0:99:6b:08:1d:dd:1d:96:41:45:f5:27:
                    77:41:33:62:81:32:d3:4e:f9:9b:47:32:2c:db:c8:
                    98:84:a7:28:ac:e0:86:8f:18:fa:0f:75:b5:4b:ec:
                    51:a7:fc:eb:0e:14:7b:6a:e3:6c:92:51:92:56:71:
                    c0:4d:9f:f2:78:84:15:88:bd:99:6e:d7:f1:52:ba:
                    24:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B2:DD:89:21:14:29:33:FC:76:20:0C:CA:5F:E4:7F:69:B6:28:AD
            X509v3 Authority Key Identifier:
                keyid:A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/pslhETDFFnRVE26Fq_I2qqqTe60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.137.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:92:b1:60:a9:66:53:a7:35:c2:ca:ab:ee:3c:11:32:77:28:
         cb:3d:8e:96:74:5a:c9:55:95:8f:c6:eb:fe:15:8c:f1:75:53:
         27:01:e1:33:45:8f:ae:e4:11:4f:c5:d7:5d:cc:24:86:4b:46:
         a4:1d:1d:75:c5:39:3e:67:a6:cc:05:86:2f:f8:12:0a:62:5d:
         f7:52:95:43:4e:b9:f5:4c:d6:6a:18:eb:d6:9c:97:cf:8a:75:
         79:b8:f8:0f:6f:97:98:be:eb:59:db:c0:49:16:15:fd:2e:c8:
         64:30:0b:21:5d:1f:6d:e6:64:6f:5a:6b:ae:e6:86:a0:f0:24:
         b8:66:67:72:c6:50:2a:a4:2d:d0:9e:ba:ee:a8:6f:98:a9:a7:
         a8:28:87:41:5c:88:df:0a:2e:54:2d:08:2f:79:89:eb:ae:af:
         6d:80:d9:ad:e5:07:0a:a7:e7:f4:35:0d:1f:68:7e:64:59:fa:
         6d:15:57:40:25:05:8d:8e:25:a7:62:6d:e6:9d:e5:b8:21:66:
         e8:a1:81:c3:f4:2d:eb:da:97:c2:10:37:0c:a3:4f:d3:83:74:
         d5:00:86:bf:57:de:4f:87:e5:52:0f:27:ce:c4:9d:50:09:74:
         95:f0:db:96:65:23:97:67:08:09:c3:1d:73:bb:a0:52:09:08:
         27:ed:1e:41
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNEQzgxMTAvBgNVBAUTKEE2Qzk2MTExMzBDNTE2NzQ1NTEzNkU4NUFCRjIzNkFB
QUE5MzdCQUQwHhcNMjIwNDMwMjA0NjM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZkYTAyZC01MGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1nOpwsT4Y1sha7GZ/Q2SxVILB/jOt64cU1+qi+S21Yhrlp7SOpvoBChpj6m6
nrjVOYcfXUDVC8qye4F+9YlNFfDJwdIodnfUBGaMNgi6IlzoeEBo2OaoFbl2OXjw
31oDn/0lVwqw/kKk3CAVkxSHxEdeMtdydrkxt6pMPLfXL109V8MzXttTu9BwLSbW
++XPBEPbsdTeraHS5Z4jfKklQ55crMxbrYtxTd33UgHqrmyb3dYbKjLAmWsIHd0d
lkFF9Sd3QTNigTLTTvmbRzIs28iYhKcorOCGjxj6D3W1S+xRp/zrDhR7auNsklGS
VnHATZ/yeIQViL2ZbtfxUrok2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPCy3Ykh
FCkz/HYgDMpf5H9ptiitMB8GA1UdIwQYMBaAFKbJYREwxRZ0VRNuhavyNqqqk3ut
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0RDOC9FNUNBRjkzRTEx
RDgxMUVBQjcxNjdDNEZDNEY5QUUwMi9wc2xoRVRERkZuUlZFMjZGcV9JMnFxcVRl
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BzbGhFVERGRm5SVkUyNkZxX0kycXFxVGU2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNEQzgvRTVDQUY5M0UxMUQ4MTFFQUI3MTY3QzRGQzRGOUFFMDIvOEY2RDQ0MEVD
MkJBMTFFQjk5RTVFMzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniUIwDQYJKoZIhvcNAQELBQADggEBAEeSsWCpZlOnNcLK
q+48ETJ3KMs9jpZ0WslVlY/G6/4VjPF1UycB4TNFj67kEU/F113MJIZLRqQdHXXF
OT5npswFhi/4EgpiXfdSlUNOufVM1moY69acl8+KdXm4+A9vl5i+61nbwEkWFf0u
yGQwCyFdH23mZG9aa67mhqDwJLhmZ3LGUCqkLdCeuu6ob5ipp6goh0FciN8KLlQt
CC95ieuur22A2a3lBwqn5/Q1DR9ofmRZ+m0VV0AlBY2OJadibead5bghZuihgcP0
Leval8IQNwyjT9ODdNUAhr9X3k+H5VIPJ87EnVAJdJXw25ZlI5dnCAnDHXO7oFIJ
CCftHkE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org