Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/6254675ACC9211EAB5D39F49C4F9AE02.roa
File:                     6254675ACC9211EAB5D39F49C4F9AE02.roa (raw, json)
Hash identifier:          Wqghd24UTqNJGeV/dwKA/rqob35pP8+V9FwoCvgGLI4=
Subject key identifier:   A2:B2:AB:D8:71:33:95:D3:CC:E2:D1:93:49:92:A8:CC:62:71:88:52
Certificate issuer:       /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial:       13EA
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/6254675ACC9211EAB5D39F49C4F9AE02.roa
Signing time:             Mon 22 Nov 2021 02:43:30 +0000
ROA not before:           Mon 22 Nov 2021 02:43:30 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     136933
IP address blocks:        103.71.152.0/24 maxlen: 24
                          103.71.153.0/24 maxlen: 24
                          103.71.154.0/24 maxlen: 24
                          103.234.72.0/24 maxlen: 24
                          103.234.74.0/24 maxlen: 24
                          103.234.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5098 (0x13ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
        Validity
            Not Before: Nov 22 02:43:30 2021 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=619b03d2-78f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3f:c3:42:ab:73:d7:82:18:2d:e8:2d:5b:97:
                    ca:bf:6c:96:0b:cf:34:9d:37:40:e1:25:a1:e1:f4:
                    86:bf:fe:13:7e:a8:99:1d:63:a8:fe:3c:1f:7d:7d:
                    79:85:cc:91:eb:4f:4b:4b:18:d6:14:7f:39:63:df:
                    f8:ac:88:2a:34:54:90:42:c5:47:de:3e:66:6f:80:
                    e5:57:54:57:64:f0:6e:56:53:ff:d4:58:c0:d8:23:
                    a5:7d:f8:42:d9:88:f3:e0:bf:59:52:3f:4d:b0:b2:
                    7a:7f:df:57:99:45:02:e2:25:5f:12:6d:f2:2e:97:
                    42:4a:d0:e5:ff:e5:84:4c:82:49:1b:da:e7:66:c0:
                    3e:98:9a:7f:94:2a:f2:d7:a2:d2:38:f2:03:72:98:
                    c6:53:24:91:89:d2:19:53:14:31:df:f6:22:d1:77:
                    ad:79:78:da:73:e2:4d:e7:bf:64:20:11:d6:f3:26:
                    40:5c:10:0b:a5:23:4a:13:56:e2:50:33:b8:13:86:
                    32:93:70:15:72:2b:94:e7:65:20:22:b5:6e:50:60:
                    0d:fa:16:90:97:32:80:3b:05:c3:0c:bb:71:46:0a:
                    c7:d9:4f:32:91:57:3e:97:eb:ba:c2:18:48:8a:ac:
                    d4:a3:fb:e6:44:58:8e:b7:08:89:5d:38:de:58:21:
                    7e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:B2:AB:D8:71:33:95:D3:CC:E2:D1:93:49:92:A8:CC:62:71:88:52
            X509v3 Authority Key Identifier:
                keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/6254675ACC9211EAB5D39F49C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.71.152.0-103.71.154.255
                  103.234.72.0/24
                  103.234.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:3c:17:75:4f:bf:20:f8:45:08:81:42:ca:37:d6:32:a2:5c:
         f9:46:97:e4:da:79:31:24:7d:34:24:2b:ce:c5:f9:61:c6:0b:
         7f:52:a4:71:57:97:90:9d:dc:3b:7d:f3:12:fa:b8:59:8f:e0:
         eb:85:12:13:5a:00:54:b8:4e:a3:d4:b7:b2:0c:4e:c6:ef:25:
         fa:db:55:ae:1a:82:f6:3c:85:b1:b7:1d:34:de:69:63:23:8f:
         3f:c6:de:7e:12:27:e9:aa:ef:36:5e:18:18:c9:20:8a:4b:58:
         0e:4b:d2:ab:05:e1:2a:45:f2:f4:04:d6:7e:39:4d:98:f0:97:
         9e:e2:f1:fb:5e:df:51:f8:a0:4f:9c:44:45:78:c3:44:07:e8:
         82:67:66:72:87:3e:8c:91:c1:b1:95:15:f3:32:76:be:04:ed:
         f3:1a:a9:41:5d:1f:c6:f5:06:b4:35:d6:29:c9:e2:17:7c:fb:
         26:9e:13:e3:d0:1b:6e:71:ae:01:9c:f0:f9:cf:81:d7:91:82:
         0d:30:15:3b:cf:23:e0:1f:15:d6:7f:5e:29:fd:4b:93:a7:49:
         ca:11:66:54:68:ea:ce:7e:58:f7:a3:a8:18:5e:e7:d5:70:7c:
         7f:87:e7:f5:67:bf:60:a9:31:af:20:70:07:98:72:4f:ac:d3:
         cc:a1:50:fe
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICE+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjExMTIyMDI0MzMwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTliMDNkMi03OGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvT/DQqtz14IYLegtW5fKv2yWC880nTdA4SWh4fSGv/4TfqiZHWOo/jwffX15
hcyR609LSxjWFH85Y9/4rIgqNFSQQsVH3j5mb4DlV1RXZPBuVlP/1FjA2COlffhC
2Yjz4L9ZUj9NsLJ6f99XmUUC4iVfEm3yLpdCStDl/+WETIJJG9rnZsA+mJp/lCry
16LSOPIDcpjGUySRidIZUxQx3/Yi0XeteXjac+JN579kIBHW8yZAXBALpSNKE1bi
UDO4E4Yyk3AVciuU52UgIrVuUGAN+haQlzKAOwXDDLtxRgrH2U8ykVc+l+u6whhI
iqzUo/vmRFiOtwiJXTjeWCF+WQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFKKyq9hx
M5XTzOLRk0mSqMxicYhSMB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvNjI1NDY3NUFD
QzkyMTFFQUI1RDM5RjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEA2dHmAMEAGdHmgMEAGfqSAMEAWfqSjANBgkqhkiG9w0B
AQsFAAOCAQEAfDwXdU+/IPhFCIFCyjfWMqJc+UaX5Np5MSR9NCQrzsX5YcYLf1Kk
cVeXkJ3cO33zEvq4WY/g64USE1oAVLhOo9S3sgxOxu8l+ttVrhqC9jyFsbcdNN5p
YyOPP8befhIn6arvNl4YGMkgiktYDkvSqwXhKkXy9ATWfjlNmPCXnuLx+17fUfig
T5xERXjDRAfogmdmcoc+jJHBsZUV8zJ2vgTt8xqpQV0fxvUGtDXWKcniF3z7Jp4T
49AbbnGuAZzw+c+B15GCDTAVO88j4B8V1n9eKf1Lk6dJyhFmVGjqzn5Y96OoGF7n
1XB8f4fn9We/YKkxryBwB5hyT6zTzKFQ/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org