Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CCF10/EC67333E609011EDA6791A0DC4F9AE02/F970A85C678511ED81F30F87C4F9AE02.roa
File:                     F970A85C678511ED81F30F87C4F9AE02.roa (raw, json)
Hash identifier:          b5xTenmGwdh1G0XQOjcHfAZQv1syF5PYrDf4Sr0VLCg=
Subject key identifier:   B3:6A:7C:9A:93:73:58:C7:90:4D:BF:AB:B3:A9:65:3C:BD:E3:C4:63
Certificate issuer:       /CN=A91CCF10/serialNumber=B8EA71D04EC836E8180873C9E9D40CD2E3553701
Certificate serial:       0D
Authority key identifier: B8:EA:71:D0:4E:C8:36:E8:18:08:73:C9:E9:D4:0C:D2:E3:55:37:01
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOpx0E7INugYCHPJ6dQM0uNVNwE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CCF10/EC67333E609011EDA6791A0DC4F9AE02/F970A85C678511ED81F30F87C4F9AE02.roa
Signing time:             Fri 18 Nov 2022 21:14:23 +0000
ROA not before:           Fri 18 Nov 2022 21:14:23 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     150296
IP address blocks:        103.37.6.0/24 maxlen: 24
                          103.37.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13 (0xd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CCF10/serialNumber=B8EA71D04EC836E8180873C9E9D40CD2E3553701
        Validity
            Not Before: Nov 18 21:14:23 2022 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=6377f5af-05fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0a:91:28:98:34:21:7f:02:f8:b1:57:c4:79:
                    30:b1:3e:57:45:ec:36:c0:21:1e:df:b6:12:4c:1e:
                    df:d1:4d:ce:a3:3f:4a:98:27:69:50:fa:53:83:07:
                    06:81:78:e0:ae:69:6b:32:9c:b6:29:79:88:ea:55:
                    eb:0a:18:8b:71:e7:18:cc:ed:d8:2b:22:e2:ea:5d:
                    4f:e4:38:7a:0a:64:cb:f4:d6:a9:9b:4b:77:92:c5:
                    0a:c5:07:0c:d4:54:df:eb:49:74:1c:41:cf:05:7d:
                    c0:50:44:1b:fb:5d:86:ff:5f:fe:4e:f1:6c:e4:8f:
                    f8:46:6a:a2:b7:b1:3c:62:03:7c:01:11:bd:5a:85:
                    1c:97:99:17:37:73:c6:fc:d2:84:32:da:75:7d:dd:
                    29:60:ab:8a:8a:4b:61:29:2f:1b:0a:12:68:45:b5:
                    6e:63:34:7e:15:17:a2:6b:2b:6c:7b:ee:a8:5a:dd:
                    33:d7:9b:17:95:e3:be:d8:aa:1c:fe:d6:68:93:ee:
                    03:59:ff:61:b7:4f:5a:2a:63:40:58:22:74:b7:61:
                    74:3d:5f:c7:05:fa:b4:7e:b1:d0:c3:9f:50:09:a5:
                    5b:7c:d4:50:39:1b:14:3b:f6:00:13:7a:42:2e:ac:
                    70:19:ec:af:04:72:f2:3f:6d:a6:53:71:f8:1b:e7:
                    61:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:6A:7C:9A:93:73:58:C7:90:4D:BF:AB:B3:A9:65:3C:BD:E3:C4:63
            X509v3 Authority Key Identifier:
                keyid:B8:EA:71:D0:4E:C8:36:E8:18:08:73:C9:E9:D4:0C:D2:E3:55:37:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CCF10/EC67333E609011EDA6791A0DC4F9AE02/uOpx0E7INugYCHPJ6dQM0uNVNwE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOpx0E7INugYCHPJ6dQM0uNVNwE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CCF10/EC67333E609011EDA6791A0DC4F9AE02/F970A85C678511ED81F30F87C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.37.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:c6:13:73:58:86:c4:98:5a:63:c4:90:c1:ac:05:69:1b:af:
         77:16:f6:bc:82:b9:ab:69:c5:68:5f:5b:25:09:6f:9d:25:3d:
         1d:e2:fb:93:ea:01:99:47:7e:b2:45:bd:3f:5a:40:85:63:48:
         bf:08:03:d7:60:0b:1f:09:08:47:ee:00:fa:d2:14:55:df:33:
         0b:92:bf:68:c3:79:ea:06:40:55:77:0d:0f:f5:60:cf:05:04:
         b3:bf:27:78:de:2a:3d:f1:82:3f:d6:aa:81:30:38:dc:97:35:
         c0:dd:74:ab:f0:03:01:27:8a:57:ed:0c:d6:15:dd:40:75:85:
         f8:1b:c7:9e:2c:1c:3a:ee:bc:74:09:a4:4a:14:b0:50:05:27:
         39:d1:c5:79:cb:4b:a0:38:c7:0a:27:05:d0:92:1d:ef:39:ce:
         52:2a:49:97:6c:76:60:06:fc:db:67:90:2f:c3:cd:89:ce:cc:
         c4:cb:1e:d5:71:4f:1f:d7:bf:a7:fe:78:cb:09:dd:6a:4f:a7:
         a1:0e:eb:00:0c:0a:53:51:09:4e:87:bf:7e:12:48:7e:e9:22:
         22:ca:e2:ea:aa:a1:fc:25:45:a4:1d:ae:92:1a:76:25:65:b2:
         22:ff:35:9b:56:54:53:a1:1f:e0:1a:a6:73:fa:fc:ae:a8:d0:
         84:5d:33:01
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
Q0YxMDExMC8GA1UEBRMoQjhFQTcxRDA0RUM4MzZFODE4MDg3M0M5RTlENDBDRDJF
MzU1MzcwMTAeFw0yMjExMTgyMTE0MjNaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNzdmNWFmLTA1ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVCpEomDQhfwL4sVfEeTCxPldF7DbAIR7fthJMHt/RTc6jP0qYJ2lQ+lODBwaB
eOCuaWsynLYpeYjqVesKGItx5xjM7dgrIuLqXU/kOHoKZMv01qmbS3eSxQrFBwzU
VN/rSXQcQc8FfcBQRBv7XYb/X/5O8Wzkj/hGaqK3sTxiA3wBEb1ahRyXmRc3c8b8
0oQy2nV93Slgq4qKS2EpLxsKEmhFtW5jNH4VF6JrK2x77qha3TPXmxeV477Yqhz+
1miT7gNZ/2G3T1oqY0BYInS3YXQ9X8cF+rR+sdDDn1AJpVt81FA5GxQ79gATekIu
rHAZ7K8EcvI/baZTcfgb52HjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUs2p8mpNz
WMeQTb+rs6llPL3jxGMwHwYDVR0jBBgwFoAUuOpx0E7INugYCHPJ6dQM0uNVNwEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNDRjEwL0VDNjczMzNFNjA5
MDExRURBNjc5MUEwREM0RjlBRTAyL3VPcHgwRTdJTnVnWUNIUEo2ZFFNMHVOVk53
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdU9weDBFN0lOdWdZQ0hQSjZkUU0wdU5WTndFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
Q0YxMC9FQzY3MzMzRTYwOTAxMUVEQTY3OTFBMERDNEY5QUUwMi9GOTcwQTg1QzY3
ODUxMUVEODFGMzBGODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWclBjANBgkqhkiG9w0BAQsFAAOCAQEAQcYTc1iGxJhaY8SQ
wawFaRuvdxb2vIK5q2nFaF9bJQlvnSU9HeL7k+oBmUd+skW9P1pAhWNIvwgD12AL
HwkIR+4A+tIUVd8zC5K/aMN56gZAVXcND/VgzwUEs78neN4qPfGCP9aqgTA43Jc1
wN10q/ADASeKV+0M1hXdQHWF+BvHniwcOu68dAmkShSwUAUnOdHFectLoDjHCicF
0JId7znOUipJl2x2YAb822eQL8PNic7MxMse1XFPH9e/p/54ywndak+noQ7rAAwK
U1EJToe/fhJIfukiIsri6qqh/CVFpB2ukhp2JWWyIv81m1ZUU6Ef4Bqmc/r8rqjQ
hF0zAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org