Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/A29817E4D0FF11EC8B0DBF47C4F9AE02.roa
File:                     A29817E4D0FF11EC8B0DBF47C4F9AE02.roa (raw, json)
Hash identifier:          wRj4XuXx6L66SMQBZ7z8J9J7/upRGlL3q4UO0DDZYfU=
Subject key identifier:   A0:D6:E7:96:98:C8:C5:A0:77:59:17:59:9B:36:E6:2E:73:C8:D5:4B
Certificate issuer:       /CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
Certificate serial:       02
Authority key identifier: 85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/A29817E4D0FF11EC8B0DBF47C4F9AE02.roa
Signing time:             Wed 11 May 2022 07:54:51 +0000
ROA not before:           Wed 11 May 2022 07:54:50 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     149807
IP address blocks:        103.186.218.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
        Validity
            Not Before: May 11 07:54:50 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627b6bca-359d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:94:7f:56:83:02:52:66:4e:08:8f:83:b1:f7:
                    6c:84:6e:94:90:5c:9c:a2:84:e1:c3:50:e6:50:eb:
                    aa:07:82:49:7c:5f:d1:e8:44:d3:84:05:24:dd:cb:
                    be:ee:56:86:1d:d7:90:ce:87:1e:f0:03:f4:87:d1:
                    1f:09:93:fb:ff:29:ec:73:07:9e:1d:a8:3e:11:d0:
                    ff:06:ef:d5:37:84:04:95:a5:10:c7:3a:39:aa:64:
                    eb:d0:cc:93:13:b4:7d:e4:3e:88:11:df:0b:73:bc:
                    10:54:8a:bd:4c:56:56:df:05:f7:fc:eb:43:3f:12:
                    72:06:2b:8a:25:aa:95:20:ce:ef:32:01:14:a0:77:
                    c3:e9:ff:47:1b:4c:e3:65:4b:5b:ca:6d:aa:af:10:
                    be:17:17:bf:a9:57:85:aa:ab:0a:4f:97:7c:dc:a6:
                    a8:bc:35:f6:92:62:81:ea:c2:d0:fe:f6:48:6b:9f:
                    83:a1:35:dd:15:60:41:8d:e7:a2:65:39:5a:fa:c4:
                    43:22:ae:65:bc:36:f5:ec:df:f2:5b:e5:97:3d:94:
                    db:8e:62:31:2a:1d:a0:24:d1:e8:e9:44:48:6a:33:
                    8c:41:98:d2:a3:1c:ab:05:ac:07:a0:c6:69:8a:4a:
                    fd:6c:d7:11:b7:44:98:d0:7f:a3:7c:2a:85:96:05:
                    f2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D6:E7:96:98:C8:C5:A0:77:59:17:59:9B:36:E6:2E:73:C8:D5:4B
            X509v3 Authority Key Identifier:
                keyid:85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/hYony1wEyt-u_biTvwbhp7fZ8cE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/A29817E4D0FF11EC8B0DBF47C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2b:f3:d1:ab:44:85:a3:65:f3:ef:cb:bc:1c:37:54:56:bd:fa:
         02:20:a6:b1:0c:e2:a3:08:d0:19:b6:c8:9a:a0:78:38:d7:f9:
         aa:ea:c5:70:8f:aa:90:67:24:20:a4:6e:cc:0f:52:0c:98:f0:
         31:cc:c4:37:f9:79:9b:9d:11:dc:0c:4f:6e:d3:42:6c:58:83:
         ae:44:91:ea:ae:61:4d:db:95:7a:ae:ba:f7:39:65:2f:35:ec:
         5a:9e:a0:f3:34:6a:03:f5:19:3e:05:3e:45:4b:4a:46:e3:63:
         ba:a8:99:6c:14:a7:39:7f:e8:ae:24:35:2d:2a:7a:a7:c0:4e:
         33:8e:fd:ae:56:61:2c:f2:bb:5a:5d:86:64:58:1b:80:86:31:
         ae:bb:c3:9e:c5:33:06:72:c0:27:39:9e:03:ca:90:05:86:5a:
         5f:a3:a2:ce:f7:b9:d6:0e:43:1e:4d:de:73:06:86:c9:4c:12:
         8a:da:a9:2e:db:e2:48:b0:08:20:5b:b0:a4:73:2e:fe:0e:03:
         39:02:f2:6a:eb:f5:f8:fa:e3:40:1d:7a:c2:25:4e:1f:12:d9:
         01:1c:89:da:02:af:9a:63:33:09:8f:a2:04:55:42:cb:55:e3:
         0c:38:05:85:97:2b:22:5b:eb:fe:63:11:48:23:79:f2:84:91:
         4d:c3:f4:49
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QkUyRTExMC8GA1UEBRMoODU4QTI3Q0I1QzA0Q0FERkFFRkRCODkzQkYwNkUxQTdC
N0Q5RjFDMTAeFw0yMjA1MTEwNzU0NTBaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyN2I2YmNhLTM1OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCclH9WgwJSZk4Ij4Ox92yEbpSQXJyihOHDUOZQ66oHgkl8X9HoRNOEBSTdy77u
VoYd15DOhx7wA/SH0R8Jk/v/KexzB54dqD4R0P8G79U3hASVpRDHOjmqZOvQzJMT
tH3kPogR3wtzvBBUir1MVlbfBff860M/EnIGK4olqpUgzu8yARSgd8Pp/0cbTONl
S1vKbaqvEL4XF7+pV4WqqwpPl3zcpqi8NfaSYoHqwtD+9khrn4OhNd0VYEGN56Jl
OVr6xEMirmW8NvXs3/Jb5Zc9lNuOYjEqHaAk0ejpREhqM4xBmNKjHKsFrAegxmmK
Sv1s1xG3RJjQf6N8KoWWBfLFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoNbnlpjI
xaB3WRdZmzbmLnPI1UswHwYDVR0jBBgwFoAUhYony1wEyt+u/biTvwbhp7fZ8cEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCRTJFL0Q4QUJBRkU4RDBG
QjExRUNBMjdBRjIyRkM0RjlBRTAyL2hZb255MXdFeXQtdV9iaVR2d2JocDdmWjhj
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaFlvbnkxd0V5dC11X2JpVHZ3YmhwN2ZaOGNFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QkUyRS9EOEFCQUZFOEQwRkIxMUVDQTI3QUYyMkZDNEY5QUUwMi9BMjk4MTdFNEQw
RkYxMUVDOEIwREJGNDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe62jANBgkqhkiG9w0BAQsFAAOCAQEAK/PRq0SFo2Xz78u8
HDdUVr36AiCmsQziowjQGbbImqB4ONf5qurFcI+qkGckIKRuzA9SDJjwMczEN/l5
m50R3AxPbtNCbFiDrkSR6q5hTduVeq669zllLzXsWp6g8zRqA/UZPgU+RUtKRuNj
uqiZbBSnOX/oriQ1LSp6p8BOM479rlZhLPK7Wl2GZFgbgIYxrrvDnsUzBnLAJzme
A8qQBYZaX6Oizve51g5DHk3ecwaGyUwSitqpLtviSLAIIFuwpHMu/g4DOQLyauv1
+PrjQB16wiVOHxLZARyJ2gKvmmMzCY+iBFVCy1XjDDgFhZcrIlvr/mMRSCN58oSR
TcP0SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org