Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/65D4CCC0F17B11EC806AC312C4F9AE02.roa
File:                     65D4CCC0F17B11EC806AC312C4F9AE02.roa (raw, json)
Hash identifier:          0ZqHQWTYUL58Z+6L1eu9lW6g61/Kz69YLciIARaZv+c=
Subject key identifier:   9D:4A:A7:77:F7:5A:D4:F6:53:89:1C:C4:EC:05:FC:8E:45:90:AC:A2
Certificate issuer:       /CN=A91C8236/serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
Certificate serial:       084D
Authority key identifier: ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/65D4CCC0F17B11EC806AC312C4F9AE02.roa
Signing time:             Wed 20 Jul 2022 15:47:19 +0000
ROA not before:           Wed 20 Jul 2022 15:47:19 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     140216
IP address blocks:        103.148.178.0/23 maxlen: 23
                          103.148.178.0/24 maxlen: 24
                          2001:df2:e180::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2125 (0x84d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8236/serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
        Validity
            Not Before: Jul 20 15:47:19 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62d82387-5cd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:74:16:32:5c:07:8e:07:18:05:61:e4:d7:8f:
                    d2:12:e2:c6:70:30:16:6d:e2:b6:7e:d5:19:7b:53:
                    2e:3c:1f:dc:cf:96:dd:45:78:a8:d4:a8:9f:a8:b6:
                    ee:1b:b2:e9:64:7e:8a:32:ce:e4:6b:1d:d3:db:86:
                    2f:30:0f:29:34:a9:ce:0e:7e:58:3a:38:88:ab:c9:
                    82:db:85:3c:25:61:90:75:36:2f:02:63:72:a2:4c:
                    11:35:76:df:6a:06:0f:b3:5d:38:09:d2:ce:f7:9d:
                    bb:7e:dc:65:03:66:69:82:a7:f6:b6:3a:e8:2e:d2:
                    0f:c5:94:b4:c8:59:36:66:6b:49:ac:5e:65:ef:38:
                    8e:bd:8b:82:ac:d3:47:90:4f:1b:58:cf:9f:d6:8e:
                    6d:76:e5:ea:bb:c3:1a:75:32:a8:a6:e3:a2:12:39:
                    95:bf:f9:6c:31:b9:e4:03:e0:21:9c:c6:d4:a6:94:
                    9d:fc:cb:67:68:cb:09:b4:34:85:c9:55:e7:44:dc:
                    bb:cd:17:71:0d:d8:14:cc:0d:dd:6e:ff:7a:e0:a9:
                    ac:29:a1:80:f1:60:51:c1:25:62:db:c1:52:87:7c:
                    a6:5a:00:4b:41:6f:fc:a9:78:2c:2d:7e:4c:8b:ee:
                    22:62:08:66:44:6d:c8:24:ba:fb:04:64:e8:c8:eb:
                    84:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:4A:A7:77:F7:5A:D4:F6:53:89:1C:C4:EC:05:FC:8E:45:90:AC:A2
            X509v3 Authority Key Identifier:
                keyid:ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/65D4CCC0F17B11EC806AC312C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.178.0/23
                IPv6:
                  2001:df2:e180::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:5b:bb:5e:9e:21:f8:0e:c5:a4:8a:68:6e:d4:37:91:99:15:
         7e:60:f8:c2:0f:4d:4a:eb:4a:e0:eb:8c:73:be:ec:ba:57:9a:
         42:e8:1b:44:ca:4d:e1:60:d0:79:45:34:11:4a:e5:16:33:1e:
         e6:ff:fd:86:a2:13:c2:a4:9a:91:0e:bb:6a:58:3d:cb:ba:43:
         f7:55:3a:07:a7:5f:a1:b2:03:fd:c4:74:90:55:1d:17:93:4e:
         df:85:c8:45:d9:63:00:25:cf:94:3c:5a:43:ef:64:d1:fa:20:
         20:cf:1a:39:ca:34:70:e9:9a:69:8f:e4:a3:37:8b:fa:cb:d1:
         c3:6a:18:33:d4:7a:ac:a6:3c:0d:a3:37:a9:62:06:7d:9f:2f:
         14:12:42:43:ed:b8:04:95:d8:60:f0:77:c5:92:ac:c6:d6:92:
         e2:76:4a:7f:0a:5d:82:0c:b4:3c:bf:80:e9:af:2f:d7:ec:f9:
         33:31:ea:7d:dc:b4:18:32:72:0f:6e:dd:60:d9:12:ac:98:e6:
         4b:4b:c7:bf:c5:1f:76:d2:08:8e:b6:83:be:36:87:ab:6e:65:
         e4:db:c0:67:84:44:b7:1d:35:bf:ad:cb:af:94:c3:40:41:20:
         75:45:ae:0e:13:43:00:59:9d:d8:3f:10:bc:ad:3b:9b:13:e9:
         40:87:8a:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzgyMzYxMTAvBgNVBAUTKEVEODVFRjc3MzQzQzU1NDEyQjA2QTUzQzJBNEUyMDc2
N0FEMTJGMjUwHhcNMjIwNzIwMTU0NzE5WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ4MjM4Ny01Y2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4XQWMlwHjgcYBWHk14/SEuLGcDAWbeK2ftUZe1MuPB/cz5bdRXio1KifqLbu
G7LpZH6KMs7kax3T24YvMA8pNKnODn5YOjiIq8mC24U8JWGQdTYvAmNyokwRNXbf
agYPs104CdLO9527ftxlA2Zpgqf2tjroLtIPxZS0yFk2ZmtJrF5l7ziOvYuCrNNH
kE8bWM+f1o5tduXqu8MadTKopuOiEjmVv/lsMbnkA+AhnMbUppSd/MtnaMsJtDSF
yVXnRNy7zRdxDdgUzA3dbv964KmsKaGA8WBRwSVi28FSh3ymWgBLQW/8qXgsLX5M
i+4iYghmRG3IJLr7BGToyOuE/QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJ1Kp3f3
WtT2U4kcxOwF/I5FkKyiMB8GA1UdIwQYMBaAFO2F73c0PFVBKwalPCpOIHZ60S8l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODIzNi9ENDI4Nzk2RTUz
MjcxMUVBOEM1N0UzN0FDNEY5QUUwMi83WVh2ZHpROFZVRXJCcVU4S2s0Z2RuclJM
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZWHZkelE4VlVFckJxVThLazRnZG5yUkx5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzgyMzYvRDQyODc5NkU1MzI3MTFFQThDNTdFMzdBQzRGOUFFMDIvNjVENENDQzBG
MTdCMTFFQzgwNkFDMzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlLIwDwQCAAIwCQMHACABDfLhgDANBgkqhkiG9w0BAQsF
AAOCAQEAXFu7Xp4h+A7FpIpobtQ3kZkVfmD4wg9NSutK4OuMc77suleaQugbRMpN
4WDQeUU0EUrlFjMe5v/9hqITwqSakQ67alg9y7pD91U6B6dfobID/cR0kFUdF5NO
34XIRdljACXPlDxaQ+9k0fogIM8aOco0cOmaaY/kozeL+svRw2oYM9R6rKY8DaM3
qWIGfZ8vFBJCQ+24BJXYYPB3xZKsxtaS4nZKfwpdggy0PL+A6a8v1+z5MzHqfdy0
GDJyD27dYNkSrJjmS0vHv8UfdtIIjraDvjaHq25l5NvAZ4REtx01v63Lr5TDQEEg
dUWuDhNDAFmd2D8QvK07mxPpQIeKsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org