Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/FEC5DD0A974911EE83D3A17BC4F9AE02.roa
File:                     FEC5DD0A974911EE83D3A17BC4F9AE02.roa (raw, json)
Hash identifier:          cBb/IU7TkJeeBwNEibKwZnUWA2tYoHjEnipdCaJYDYc=
Subject key identifier:   B7:84:39:C1:FB:55:2B:63:68:30:36:01:5D:72:4D:3C:37:DB:64:EE
Certificate issuer:       /CN=A91C6BF0/serialNumber=7D23E75C10DF6571BEAC17F3555E1B9983814225
Certificate serial:       7A
Authority key identifier: 7D:23:E7:5C:10:DF:65:71:BE:AC:17:F3:55:5E:1B:99:83:81:42:25
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSPnXBDfZXG-rBfzVV4bmYOBQiU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/FEC5DD0A974911EE83D3A17BC4F9AE02.roa
Signing time:             Sun 10 Dec 2023 10:50:56 +0000
ROA not before:           Sun 10 Dec 2023 10:50:56 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     137967
IP address blocks:        103.134.26.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122 (0x7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6BF0/serialNumber=7D23E75C10DF6571BEAC17F3555E1B9983814225
        Validity
            Not Before: Dec 10 10:50:56 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=65759810-b094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ef:38:a8:5f:4e:1c:b3:ac:92:86:40:ba:dd:
                    4b:e9:b3:89:3b:4d:f2:b2:21:ce:51:eb:d8:15:10:
                    93:7c:6b:6d:68:b9:5a:5b:f7:91:94:fc:47:f5:5b:
                    1c:bc:d3:43:26:3b:5c:1f:30:d1:2c:a8:ca:f5:eb:
                    ac:06:0c:9d:dd:1a:54:79:24:80:05:39:48:6c:bd:
                    a2:db:ff:6b:15:e3:6c:54:7f:b4:34:2d:25:7c:5e:
                    c4:b3:50:23:b0:ff:e6:1a:fa:a4:0c:39:ac:77:de:
                    57:81:89:7a:d9:1f:d2:ee:ca:de:de:3d:53:3f:43:
                    fd:16:5a:c9:3f:de:b1:cc:7a:95:22:f0:c1:1f:ca:
                    41:7e:12:58:6e:19:e4:96:ce:5f:89:d5:e0:5e:2d:
                    76:79:bf:97:ff:13:f9:ca:b6:db:93:e1:61:df:fa:
                    6c:67:65:53:fd:5a:5d:29:56:d9:77:72:2f:07:3e:
                    65:98:f6:68:41:bd:71:61:f2:9e:39:fc:65:9f:04:
                    55:60:ce:36:94:6f:e8:b0:f2:c1:bf:00:4b:36:cc:
                    0f:47:15:9d:ce:65:af:21:87:e3:97:33:48:cf:de:
                    39:84:0e:18:3f:20:e4:d2:07:2b:c2:ef:65:c0:f7:
                    d8:e9:c3:17:86:ee:be:53:53:90:c8:fd:53:2d:28:
                    7e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:84:39:C1:FB:55:2B:63:68:30:36:01:5D:72:4D:3C:37:DB:64:EE
            X509v3 Authority Key Identifier:
                keyid:7D:23:E7:5C:10:DF:65:71:BE:AC:17:F3:55:5E:1B:99:83:81:42:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/fSPnXBDfZXG-rBfzVV4bmYOBQiU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSPnXBDfZXG-rBfzVV4bmYOBQiU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/FEC5DD0A974911EE83D3A17BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:fb:49:3a:fa:6b:87:b4:b4:1b:fe:ec:f0:fd:03:2c:6e:77:
         48:cb:6f:10:26:9f:66:7b:e0:7a:36:1b:2e:88:82:0d:ae:39:
         0a:8c:41:39:ed:3f:cf:31:95:07:03:b3:6c:27:1f:50:0e:f0:
         db:60:df:66:7e:3c:88:f6:48:8b:ac:47:84:01:a8:4f:5d:eb:
         60:ea:cb:c7:88:fa:40:2f:bc:bf:f3:89:23:e3:94:e8:e1:04:
         cb:92:78:57:21:4d:02:38:af:53:93:0d:e6:68:71:70:20:75:
         8a:5f:5d:aa:22:0a:a9:d1:60:ed:d4:fc:fb:5a:34:76:7e:06:
         cd:e0:f7:c2:4a:86:69:61:fb:82:74:dd:e0:10:aa:61:21:fa:
         04:e0:ae:a5:ed:59:04:35:6f:ca:1c:da:04:6b:92:db:55:3f:
         62:97:a7:28:b7:20:60:53:bc:79:4e:d0:f5:c7:81:9f:52:38:
         94:1a:32:6d:89:de:b7:d8:43:3b:f8:48:a0:85:d1:1b:07:c8:
         c3:99:15:23:1d:cb:5f:20:4b:c6:61:6f:a5:6e:00:70:31:3b:
         1b:78:3e:a0:3d:4b:62:1d:99:10:29:e9:ed:32:85:4f:07:58:
         3d:d5:8e:39:46:5e:a2:95:c0:f2:41:47:43:55:42:23:45:ac:
         9c:1b:01:d0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NkJGMDExMC8GA1UEBRMoN0QyM0U3NUMxMERGNjU3MUJFQUMxN0YzNTU1RTFCOTk4
MzgxNDIyNTAeFw0yMzEyMTAxMDUwNTZaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzU5ODEwLWIwOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC97zioX04cs6yShkC63Uvps4k7TfKyIc5R69gVEJN8a21ouVpb95GU/Ef1Wxy8
00MmO1wfMNEsqMr166wGDJ3dGlR5JIAFOUhsvaLb/2sV42xUf7Q0LSV8XsSzUCOw
/+Ya+qQMOax33leBiXrZH9Luyt7ePVM/Q/0WWsk/3rHMepUi8MEfykF+ElhuGeSW
zl+J1eBeLXZ5v5f/E/nKttuT4WHf+mxnZVP9Wl0pVtl3ci8HPmWY9mhBvXFh8p45
/GWfBFVgzjaUb+iw8sG/AEs2zA9HFZ3OZa8hh+OXM0jP3jmEDhg/IOTSByvC72XA
99jpwxeG7r5TU5DI/VMtKH5DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUt4Q5wftV
K2NoMDYBXXJNPDfbZO4wHwYDVR0jBBgwFoAUfSPnXBDfZXG+rBfzVV4bmYOBQiUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2QkYwLzE0OTE5NzRBQUVC
QjExRTk4QTM5MEI1OUM0RjlBRTAyL2ZTUG5YQkRmWlhHLXJCZnpWVjRibVlPQlFp
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZlNQblhCRGZaWEctckJmelZWNGJtWU9CUWlVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NkJGMC8xNDkxOTc0QUFFQkIxMUU5OEEzOTBCNTlDNEY5QUUwMi9GRUM1REQwQTk3
NDkxMUVFODNEM0ExN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeGGjANBgkqhkiG9w0BAQsFAAOCAQEAhPtJOvprh7S0G/7s
8P0DLG53SMtvECafZnvgejYbLoiCDa45CoxBOe0/zzGVBwOzbCcfUA7w22DfZn48
iPZIi6xHhAGoT13rYOrLx4j6QC+8v/OJI+OU6OEEy5J4VyFNAjivU5MN5mhxcCB1
il9dqiIKqdFg7dT8+1o0dn4GzeD3wkqGaWH7gnTd4BCqYSH6BOCupe1ZBDVvyhza
BGuS21U/YpenKLcgYFO8eU7Q9ceBn1I4lBoybYnet9hDO/hIoIXRGwfIw5kVIx3L
XyBLxmFvpW4AcDE7G3g+oD1LYh2ZECnp7TKFTwdYPdWOOUZeopXA8kFHQ1VCI0Ws
nBsB0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org