Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B15/FAF6FD7871E611E8996E2E64C4F9AE02/8E35170A7F6E11EAB634E537C4F9AE02.roa
File:                     8E35170A7F6E11EAB634E537C4F9AE02.roa (raw, json)
Hash identifier:          vTUYOhxfWl9DLf5fJiVn4x4pHsSkkfa03aU4i7XdyqU=
Subject key identifier:   EC:2B:29:9E:87:40:19:53:17:D8:C6:E2:72:FD:88:0B:88:08:4F:6D
Certificate issuer:       /CN=A91C7B15/serialNumber=AFB08D6F7E97785B6F31171EF82E31BB1D06E2E3
Certificate serial:       112C
Authority key identifier: AF:B0:8D:6F:7E:97:78:5B:6F:31:17:1E:F8:2E:31:BB:1D:06:E2:E3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r7CNb36XeFtvMRce-C4xux0G4uM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7B15/FAF6FD7871E611E8996E2E64C4F9AE02/8E35170A7F6E11EAB634E537C4F9AE02.roa
Signing time:             Tue 26 Apr 2022 06:04:43 +0000
ROA not before:           Tue 26 Apr 2022 06:04:43 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     37988
IP address blocks:        103.108.230.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4396 (0x112c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7B15/serialNumber=AFB08D6F7E97785B6F31171EF82E31BB1D06E2E3
        Validity
            Not Before: Apr 26 06:04:43 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62678b7a-40fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:5b:08:00:49:cd:ec:d0:74:f9:94:74:ca:1d:
                    96:03:18:d2:ca:ab:8d:5e:84:63:0c:ff:6f:36:56:
                    45:66:16:7d:f2:06:1d:21:23:b1:b1:07:a5:90:8d:
                    05:c0:d1:50:b8:06:c0:89:f7:53:ad:7e:b7:ec:29:
                    43:97:a5:cd:7f:ea:de:46:ef:cd:4f:4e:7e:99:41:
                    25:f6:15:66:53:8c:c7:e7:b7:ce:71:5e:e1:ed:56:
                    f8:91:de:c4:60:47:09:5a:39:0b:2e:da:f6:0c:b9:
                    59:a4:80:c3:46:89:db:fc:b6:ad:bd:88:fc:19:18:
                    20:af:49:3c:d1:dc:65:c6:fe:ac:48:3d:99:8b:01:
                    ea:6d:47:73:81:17:13:5e:f9:79:48:43:29:65:d6:
                    da:15:65:de:59:87:4d:99:13:5f:50:65:ba:ee:9e:
                    09:23:74:6a:ca:0c:54:54:60:08:28:49:76:3b:ac:
                    71:99:4a:85:46:c4:be:68:0b:ab:94:b9:a1:b9:e0:
                    d5:13:7d:52:be:50:b6:dc:90:06:47:85:ab:8c:af:
                    8f:10:15:bd:b6:5c:ca:e0:00:b8:69:8c:75:76:34:
                    f6:af:b6:0b:bc:b6:d4:62:b7:13:f9:c4:d3:4c:03:
                    ed:4c:f4:82:ac:99:aa:1e:ce:ca:b4:3a:32:01:c5:
                    c5:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:2B:29:9E:87:40:19:53:17:D8:C6:E2:72:FD:88:0B:88:08:4F:6D
            X509v3 Authority Key Identifier:
                keyid:AF:B0:8D:6F:7E:97:78:5B:6F:31:17:1E:F8:2E:31:BB:1D:06:E2:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7B15/FAF6FD7871E611E8996E2E64C4F9AE02/r7CNb36XeFtvMRce-C4xux0G4uM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r7CNb36XeFtvMRce-C4xux0G4uM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B15/FAF6FD7871E611E8996E2E64C4F9AE02/8E35170A7F6E11EAB634E537C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.108.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:d5:08:26:7a:20:0f:0a:2b:90:f7:1e:35:05:01:63:10:13:
         ea:8a:5d:f1:cd:06:99:d7:25:80:25:92:d0:a3:23:13:42:af:
         d6:b5:1e:c1:03:c8:24:a4:b8:8e:3a:f9:93:41:3c:61:e7:51:
         7b:46:34:40:47:d4:3e:3f:44:f8:dc:92:f8:f0:ed:77:b9:5a:
         45:29:18:09:96:72:b4:ab:4b:dd:b4:cd:6e:b9:5c:2f:75:53:
         e0:e6:f5:53:db:4f:8e:2e:91:b7:7c:1c:fa:d1:ec:ff:4f:f4:
         a1:34:4e:d0:1f:2f:f5:f9:aa:64:38:bd:13:56:70:42:f8:47:
         47:4e:bb:47:08:d9:bd:b0:f2:f7:49:70:96:42:a1:2c:7b:39:
         e1:4f:44:23:2e:ff:70:df:ce:2d:49:75:b6:6b:c0:93:40:d3:
         f5:4b:0f:77:a7:80:30:5a:6c:a6:a6:51:e6:cc:eb:63:8f:57:
         e6:9e:f3:ff:97:f1:6e:5f:d6:d7:cb:c4:9b:7c:51:77:40:08:
         aa:cd:e8:af:f2:9b:71:be:e2:6d:05:a8:d5:fc:61:cc:9f:dd:
         95:d6:46:cd:75:14:a9:26:35:1c:6b:ff:27:5c:e6:25:cc:25:
         20:07:d8:d9:d2:b1:e6:dd:18:39:2c:69:ea:a3:18:9c:61:6b:
         8e:a9:ec:df
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICESwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCMTUxMTAvBgNVBAUTKEFGQjA4RDZGN0U5Nzc4NUI2RjMxMTcxRUY4MkUzMUJC
MUQwNkUyRTMwHhcNMjIwNDI2MDYwNDQzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY3OGI3YS00MGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7lsIAEnN7NB0+ZR0yh2WAxjSyquNXoRjDP9vNlZFZhZ98gYdISOxsQelkI0F
wNFQuAbAifdTrX637ClDl6XNf+reRu/NT05+mUEl9hVmU4zH57fOcV7h7Vb4kd7E
YEcJWjkLLtr2DLlZpIDDRonb/LatvYj8GRggr0k80dxlxv6sSD2ZiwHqbUdzgRcT
Xvl5SEMpZdbaFWXeWYdNmRNfUGW67p4JI3RqygxUVGAIKEl2O6xxmUqFRsS+aAur
lLmhueDVE31SvlC23JAGR4WrjK+PEBW9tlzK4AC4aYx1djT2r7YLvLbUYrcT+cTT
TAPtTPSCrJmqHs7KtDoyAcXFhQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOwrKZ6H
QBlTF9jG4nL9iAuICE9tMB8GA1UdIwQYMBaAFK+wjW9+l3hbbzEXHvguMbsdBuLj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0IxNS9GQUY2RkQ3ODcx
RTYxMUU4OTk2RTJFNjRDNEY5QUUwMi9yN0NOYjM2WGVGdHZNUmNlLUM0eHV4MEc0
dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I3Q05iMzZYZUZ0dk1SY2UtQzR4dXgwRzR1TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCMTUvRkFGNkZENzg3MUU2MTFFODk5NkUyRTY0QzRGOUFFMDIvOEUzNTE3MEE3
RjZFMTFFQUI2MzRFNTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbOYwDQYJKoZIhvcNAQELBQADggEBAErVCCZ6IA8KK5D3
HjUFAWMQE+qKXfHNBpnXJYAlktCjIxNCr9a1HsEDyCSkuI46+ZNBPGHnUXtGNEBH
1D4/RPjckvjw7Xe5WkUpGAmWcrSrS920zW65XC91U+Dm9VPbT44ukbd8HPrR7P9P
9KE0TtAfL/X5qmQ4vRNWcEL4R0dOu0cI2b2w8vdJcJZCoSx7OeFPRCMu/3Dfzi1J
dbZrwJNA0/VLD3engDBabKamUebM62OPV+ae8/+X8W5f1tfLxJt8UXdACKrN6K/y
m3G+4m0FqNX8Ycyf3ZXWRs11FKkmNRxr/ydc5iXMJSAH2NnSsebdGDksaeqjGJxh
a46p7N8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org