Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/B64D26B468C011ECB726634FC4F9AE02.roa
File:                     B64D26B468C011ECB726634FC4F9AE02.roa (raw, json)
Hash identifier:          fO1IKO0lLuUHJF3jFVZECdTppEIu3xNBdxDYkuEFZJE=
Subject key identifier:   C2:51:45:32:75:5D:F7:A6:6C:3B:53:19:7B:EC:4A:BB:1D:9D:F0:EC
Certificate issuer:       /CN=A91C8B4F/serialNumber=40DB9E2CBADECDA9B972351021507ADCD1A5627F
Certificate serial:       02
Authority key identifier: 40:DB:9E:2C:BA:DE:CD:A9:B9:72:35:10:21:50:7A:DC:D1:A5:62:7F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNueLLrezam5cjUQIVB63NGlYn8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/B64D26B468C011ECB726634FC4F9AE02.roa
Signing time:             Wed 29 Dec 2021 16:02:25 +0000
ROA not before:           Wed 29 Dec 2021 16:02:25 +0000
ROA not after:            Tue 31 Jan 2023 00:00:00 +0000
asID:                     133933
IP address blocks:        103.48.24.0/23 maxlen: 23
                          103.104.84.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8B4F/serialNumber=40DB9E2CBADECDA9B972351021507ADCD1A5627F
        Validity
            Not Before: Dec 29 16:02:25 2021 GMT
            Not After : Jan 31 00:00:00 2023 GMT
        Subject: CN=61cc8690-6484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c0:62:e7:89:54:4f:a7:70:34:0a:ce:0a:43:
                    e2:d1:83:f7:fe:83:27:61:50:05:c8:e0:46:e5:f1:
                    d7:c3:14:22:3f:3d:2d:f3:2b:0d:20:70:0e:9c:0f:
                    a4:06:1e:d7:a4:fd:35:3e:3d:08:9e:1b:30:2b:1a:
                    14:d6:af:5f:22:fd:cf:26:1f:a1:1c:54:50:d4:ab:
                    be:9f:c8:96:3f:be:ff:9e:bd:04:a7:92:61:72:0e:
                    94:d6:a2:da:f9:ec:e4:7d:e6:32:54:6f:d3:3c:41:
                    90:7d:b8:1f:c3:ea:40:83:e2:5e:f8:e7:46:04:62:
                    98:df:c6:47:44:4c:5b:aa:bb:1f:68:ee:a7:39:da:
                    aa:1d:4a:37:29:af:c7:f0:84:e3:43:57:f2:cc:eb:
                    9a:be:d7:50:50:3b:61:49:52:8c:23:a8:93:62:7b:
                    92:bf:4c:32:5f:53:43:ba:16:fe:b2:68:fc:8c:30:
                    00:d4:f4:5c:fc:ca:f7:ee:10:fb:28:13:39:c6:f6:
                    bf:ab:18:88:6c:5d:70:e4:f2:89:a6:01:c9:3a:26:
                    1c:35:93:a5:e9:a7:ba:55:50:6b:13:bf:f4:a6:44:
                    f5:8d:a9:8e:9d:13:52:dc:2b:5c:5b:3e:82:a9:47:
                    04:e5:1d:09:a1:c8:39:2f:1b:83:73:48:e3:1a:81:
                    b8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:51:45:32:75:5D:F7:A6:6C:3B:53:19:7B:EC:4A:BB:1D:9D:F0:EC
            X509v3 Authority Key Identifier:
                keyid:40:DB:9E:2C:BA:DE:CD:A9:B9:72:35:10:21:50:7A:DC:D1:A5:62:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/QNueLLrezam5cjUQIVB63NGlYn8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNueLLrezam5cjUQIVB63NGlYn8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/B64D26B468C011ECB726634FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.48.24.0/23
                  103.104.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:58:7d:96:8e:f1:a7:9d:b8:06:80:d1:c3:a2:31:15:2b:3f:
         01:ca:07:38:63:da:40:19:6b:a5:4e:99:30:43:ef:a1:33:a4:
         c0:7c:24:b9:a2:b6:91:6d:32:8c:85:a3:84:59:c3:b0:7e:d4:
         01:e1:94:bc:69:22:06:0b:35:63:e3:c4:40:29:cb:a6:7b:7c:
         e1:22:c4:b4:e4:13:90:ab:09:37:e0:b8:52:82:71:c4:2d:3d:
         49:5d:c7:8c:25:93:3e:05:82:0a:20:21:9e:f1:f8:22:56:17:
         d0:2b:5f:aa:7e:a9:08:57:76:a8:3c:4c:88:71:4a:73:29:45:
         fc:bc:7e:a5:c2:8f:16:3e:02:ee:2d:da:2c:3b:83:e9:36:45:
         bc:01:1d:80:32:ea:49:d0:4a:e8:3a:c2:37:32:1b:63:b7:83:
         04:3c:4d:55:eb:84:4d:33:e5:9a:b0:8d:ae:02:51:d0:59:fb:
         86:6c:7e:b0:8d:89:9f:dd:8b:7f:5d:16:34:87:7a:bf:42:f3:
         19:ce:66:ac:3c:fd:59:49:94:17:3c:15:1c:0d:b7:84:e8:4c:
         06:e5:0a:e3:50:ca:9d:64:fd:c8:65:03:46:e3:77:ea:51:3d:
         c5:1e:10:7b:22:2e:cd:57:ab:01:83:11:9e:8e:3f:f9:16:9b:
         78:75:d3:a9
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
OEI0RjExMC8GA1UEBRMoNDBEQjlFMkNCQURFQ0RBOUI5NzIzNTEwMjE1MDdBRENE
MUE1NjI3RjAeFw0yMTEyMjkxNjAyMjVaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxY2M4NjkwLTY0ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0wGLniVRPp3A0Cs4KQ+LRg/f+gydhUAXI4Ebl8dfDFCI/PS3zKw0gcA6cD6QG
Htek/TU+PQieGzArGhTWr18i/c8mH6EcVFDUq76fyJY/vv+evQSnkmFyDpTWotr5
7OR95jJUb9M8QZB9uB/D6kCD4l7450YEYpjfxkdETFuqux9o7qc52qodSjcpr8fw
hONDV/LM65q+11BQO2FJUowjqJNie5K/TDJfU0O6Fv6yaPyMMADU9Fz8yvfuEPso
EznG9r+rGIhsXXDk8ommAck6Jhw1k6Xpp7pVUGsTv/SmRPWNqY6dE1LcK1xbPoKp
RwTlHQmhyDkvG4NzSOMagbiJAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUwlFFMnVd
96ZsO1MZe+xKux2d8OwwHwYDVR0jBBgwFoAUQNueLLrezam5cjUQIVB63NGlYn8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4QjRGL0RENzMyNjQ4NjhC
QzExRUM4NzgwNzk0OEM0RjlBRTAyL1FOdWVMTHJlemFtNWNqVVFJVkI2M05HbFlu
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUU51ZUxMcmV6YW01Y2pVUUlWQjYzTkdsWW44LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OEI0Ri9ERDczMjY0ODY4QkMxMUVDODc4MDc5NDhDNEY5QUUwMi9CNjREMjZCNDY4
QzAxMUVDQjcyNjYzNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWcwGAMEAWdoVDANBgkqhkiG9w0BAQsFAAOCAQEAd1h9lo7x
p524BoDRw6IxFSs/AcoHOGPaQBlrpU6ZMEPvoTOkwHwkuaK2kW0yjIWjhFnDsH7U
AeGUvGkiBgs1Y+PEQCnLpnt84SLEtOQTkKsJN+C4UoJxxC09SV3HjCWTPgWCCiAh
nvH4IlYX0Ctfqn6pCFd2qDxMiHFKcylF/Lx+pcKPFj4C7i3aLDuD6TZFvAEdgDLq
SdBK6DrCNzIbY7eDBDxNVeuETTPlmrCNrgJR0Fn7hmx+sI2Jn92Lf10WNId6v0Lz
Gc5mrDz9WUmUFzwVHA23hOhMBuUK41DKnWT9yGUDRuN36lE9xR4QeyIuzVerAYMR
no4/+RabeHXTqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org