Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/C9CFF60A994611ED8083BB73C4F9AE02.roa
File:                     C9CFF60A994611ED8083BB73C4F9AE02.roa (raw, json)
Hash identifier:          gSI9QKosqeLoO9FQZTAR0CL36y0MaRaDzqmpEnamkMo=
Subject key identifier:   17:D1:97:F7:0E:95:43:F9:D9:93:91:B4:7E:D2:77:AC:60:3C:14:5E
Certificate issuer:       /CN=A91D1AC7/serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A
Certificate serial:       08B6
Authority key identifier: 6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/C9CFF60A994611ED8083BB73C4F9AE02.roa
Signing time:             Tue 02 May 2023 22:18:56 +0000
ROA not before:           Tue 02 May 2023 22:18:55 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     24312
IP address blocks:        103.148.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2230 (0x8b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D1AC7/serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A
        Validity
            Not Before: May  2 22:18:55 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64518c4f-3be1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c1:d7:0c:c7:d0:f8:6b:15:f5:95:26:04:e1:
                    b9:a6:8d:72:42:c2:be:b1:0c:af:ea:68:89:3d:17:
                    99:cb:56:6f:e6:92:d0:66:e9:74:8a:91:19:f6:c0:
                    e9:bd:bc:2f:b9:27:2e:f6:10:b6:22:73:e8:55:43:
                    31:e6:03:dc:35:cf:c0:dc:1f:2d:6f:15:fb:89:61:
                    fa:f0:62:5d:1b:6d:88:8d:0a:48:b5:ac:ab:e7:6c:
                    24:73:c5:05:09:79:da:30:ff:d4:e6:ee:67:84:01:
                    08:57:94:49:25:7e:67:b2:1c:45:64:26:6b:3d:a8:
                    13:6e:78:13:f4:05:39:0f:ca:c4:f0:eb:ca:3f:17:
                    3d:0a:7e:f3:67:9a:51:45:fd:ac:54:86:99:cf:51:
                    fe:85:5d:56:ca:3e:7d:f0:cd:ce:16:79:56:a0:78:
                    85:c9:50:dd:c5:2a:bb:8c:e0:a5:08:d2:28:66:96:
                    8d:64:ec:f7:b2:47:d9:65:d6:f5:15:4d:4e:80:38:
                    df:5f:d7:b1:c0:13:77:c5:f5:53:8c:68:8e:2a:c3:
                    32:7b:4e:97:e2:40:8a:64:a4:c3:b2:51:7b:be:82:
                    c6:d2:bc:36:92:c9:ca:ce:23:3e:f9:ae:64:1c:d9:
                    b1:af:ec:55:86:84:5a:d3:e2:ee:c7:5a:23:39:c1:
                    cd:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D1:97:F7:0E:95:43:F9:D9:93:91:B4:7E:D2:77:AC:60:3C:14:5E
            X509v3 Authority Key Identifier:
                keyid:6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/C9CFF60A994611ED8083BB73C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:01:49:2f:73:ce:dd:2a:27:d8:33:77:93:b5:9f:8f:78:ef:
         74:97:c6:a7:63:94:5e:09:7e:22:3d:22:6b:e9:45:b9:15:14:
         5f:a3:61:f7:eb:20:2e:59:09:fc:c2:af:83:73:5c:32:32:85:
         01:9f:1f:44:01:0e:69:3d:55:51:fc:ea:23:b3:e0:a8:5d:35:
         9d:db:7b:0f:0f:c0:bd:46:40:81:be:7f:11:ba:35:25:34:72:
         54:9f:c2:87:9a:8d:49:6c:5d:9b:2c:d8:1c:e8:47:b3:d2:47:
         e3:bc:7e:a2:5d:9b:18:c5:55:d7:a7:81:01:bf:b5:e7:a5:72:
         90:00:f2:12:7a:ea:b5:80:0f:6b:6d:29:6c:3b:5c:a9:7f:7c:
         5d:2e:fd:7f:b7:51:86:08:31:61:d5:b9:04:b0:83:25:47:3d:
         bf:6f:db:20:5d:f6:78:62:f3:f1:60:e5:1b:1c:68:8a:55:05:
         4f:49:3c:ec:0c:52:3e:f2:f8:b8:ac:27:6e:86:0c:9e:da:2e:
         03:9b:b8:67:0c:a0:b7:76:a2:aa:d8:a3:35:29:8a:ac:12:59:
         0e:c8:07:70:b2:b1:42:de:a6:e8:3d:3d:35:42:72:1f:f7:1a:
         23:87:7f:0a:6c:63:f0:a9:27:66:8a:d7:3e:35:06:cc:5b:16:
         10:19:70:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCLYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDFBQzcxMTAvBgNVBAUTKDZBNDVENjFBODM3NzBDOTBEMDU4Qzc0MTUzMUQ4RDlD
NkI2NzkzNUEwHhcNMjMwNTAyMjIxODU1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxOGM0Zi0zYmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxsHXDMfQ+GsV9ZUmBOG5po1yQsK+sQyv6miJPReZy1Zv5pLQZul0ipEZ9sDp
vbwvuScu9hC2InPoVUMx5gPcNc/A3B8tbxX7iWH68GJdG22IjQpItayr52wkc8UF
CXnaMP/U5u5nhAEIV5RJJX5nshxFZCZrPagTbngT9AU5D8rE8OvKPxc9Cn7zZ5pR
Rf2sVIaZz1H+hV1Wyj598M3OFnlWoHiFyVDdxSq7jOClCNIoZpaNZOz3skfZZdb1
FU1OgDjfX9exwBN3xfVTjGiOKsMye06X4kCKZKTDslF7voLG0rw2ksnKziM++a5k
HNmxr+xVhoRa0+Lux1ojOcHNxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBfRl/cO
lUP52ZORtH7Sd6xgPBReMB8GA1UdIwQYMBaAFGpF1hqDdwyQ0FjHQVMdjZxrZ5Na
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUFDNy84MUE0QzRENjZF
NDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RKRFFXTWRCVXgyTm5HdG5r
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FrWFdHb04zREpEUVdNZEJVeDJObkd0bmsxby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDFBQzcvODFBNEM0RDY2RTQzMTFFQTk0OUQ5OTIyQzRGOUFFMDIvQzlDRkY2MEE5
OTQ2MTFFRDgwODNCQjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlPMwDQYJKoZIhvcNAQELBQADggEBAIMBSS9zzt0qJ9gz
d5O1n49473SXxqdjlF4JfiI9ImvpRbkVFF+jYffrIC5ZCfzCr4NzXDIyhQGfH0QB
Dmk9VVH86iOz4KhdNZ3bew8PwL1GQIG+fxG6NSU0clSfwoeajUlsXZss2BzoR7PS
R+O8fqJdmxjFVdengQG/teelcpAA8hJ66rWAD2ttKWw7XKl/fF0u/X+3UYYIMWHV
uQSwgyVHPb9v2yBd9nhi8/Fg5RscaIpVBU9JPOwMUj7y+LisJ26GDJ7aLgObuGcM
oLd2oqrYozUpiqwSWQ7IB3CysULepug9PTVCch/3GiOHfwpsY/CpJ2aK1z41Bsxb
FhAZcBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org