Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/04BCF99ECB9B11ED8F301914C4F9AE02.roa
File:                     04BCF99ECB9B11ED8F301914C4F9AE02.roa (raw, json)
Hash identifier:          K3QZNoGhzrTw/46pJFdG1uf/Vg1LEZyIeZmXudiMnPU=
Subject key identifier:   75:2E:04:FC:BA:E3:F6:6B:B2:35:69:6F:BC:61:D9:9C:A3:D2:D9:2F
Certificate issuer:       /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1
Certificate serial:       02
Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/04BCF99ECB9B11ED8F301914C4F9AE02.roa
Signing time:             Sun 26 Mar 2023 05:56:58 +0000
ROA not before:           Sun 26 Mar 2023 05:56:58 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     150691
IP address blocks:        103.57.98.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1
        Validity
            Not Before: Mar 26 05:56:58 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=641fdeaa-a8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5d:1b:dd:71:88:74:e1:ac:d1:d5:17:95:af:
                    bd:04:57:94:08:f2:84:98:ad:a8:66:69:94:c2:87:
                    7d:75:69:a9:6c:15:d6:dc:70:2a:58:58:69:5b:b6:
                    33:04:16:51:6d:2e:5c:08:00:50:e2:bc:4a:74:c4:
                    dc:83:a6:2e:4a:bf:be:ee:fe:15:45:ee:99:25:ac:
                    37:d4:94:b9:93:21:91:bf:04:87:82:1b:22:e3:19:
                    61:10:65:0e:1c:46:4b:60:a4:83:09:5f:ce:4f:bf:
                    7c:46:d7:2b:66:71:a3:a5:e5:ef:97:22:34:07:c9:
                    ce:aa:d0:c9:f0:77:3b:b4:f7:a7:c3:3f:0f:16:55:
                    7c:f3:69:bc:4a:c1:df:36:04:4d:c7:34:2c:cc:8d:
                    8b:c2:c7:ef:2d:e5:13:c3:84:65:76:a1:10:28:34:
                    a9:76:91:70:f6:74:b1:63:1c:c6:93:e6:41:29:24:
                    f9:e6:50:f4:cf:42:85:ff:ca:b2:24:5b:ce:65:2c:
                    76:c3:db:53:cd:3f:39:02:c1:bb:7d:5a:21:31:19:
                    45:46:f4:e5:9e:24:56:da:6f:a7:7a:93:64:a2:4d:
                    43:63:70:53:05:7b:ac:b8:18:90:21:36:a3:ca:03:
                    18:88:20:28:7f:f6:e3:95:88:68:34:f9:65:fd:7d:
                    be:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:2E:04:FC:BA:E3:F6:6B:B2:35:69:6F:BC:61:D9:9C:A3:D2:D9:2F
            X509v3 Authority Key Identifier:
                keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/04BCF99ECB9B11ED8F301914C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.57.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         be:4f:84:8b:f3:5e:f7:16:61:0d:e2:e0:2b:4a:6c:36:10:19:
         d2:af:d4:11:3a:83:66:aa:cd:6b:0c:6d:39:ce:e8:04:2d:36:
         44:f4:fc:8f:7e:b5:d5:12:c3:bf:b6:21:81:b7:58:6a:19:03:
         d4:1b:7a:aa:5f:b9:40:d6:27:10:90:50:64:7d:34:e0:45:04:
         80:af:e3:89:47:ad:62:8f:95:ba:2b:9a:cd:d1:60:9c:41:dc:
         93:48:d3:ac:7c:fe:50:a0:76:c0:ff:80:64:5f:d7:b4:8b:65:
         a2:d3:19:59:b0:f3:c3:92:b2:82:82:4b:8e:53:71:2b:db:54:
         bd:1f:77:d2:44:e3:e7:bb:e0:dd:20:7d:8d:ea:f3:25:3f:c2:
         2b:2b:72:5f:23:70:eb:df:17:cd:c2:9b:12:f2:d1:09:ac:2a:
         f2:d7:a1:eb:4e:03:87:71:6b:9f:69:e8:b0:7a:b5:70:ff:18:
         af:5c:9c:9f:ac:c4:22:bb:f9:35:d5:23:45:d2:b5:e6:6c:58:
         df:ec:78:c2:15:1a:4d:0d:f5:ff:37:48:33:6d:e2:bf:e4:2d:
         3e:75:a8:c2:c7:7e:a4:58:3f:08:6a:27:8d:ec:bb:5c:bc:dd:
         0e:9e:a3:05:3a:10:c1:0b:c0:54:c3:d7:26:d1:ea:ce:ae:a8:
         77:e8:20:da
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MEMyQjExMC8GA1UEBRMoRTVCQjJEOEI5RTE4Njk3QzAxNTlFRDgxMzJFNUYzNEI4
NkIxMzdCMTAeFw0yMzAzMjYwNTU2NThaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MWZkZWFhLWE4YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqXRvdcYh04azR1ReVr70EV5QI8oSYrahmaZTCh311aalsFdbccCpYWGlbtjME
FlFtLlwIAFDivEp0xNyDpi5Kv77u/hVF7pklrDfUlLmTIZG/BIeCGyLjGWEQZQ4c
RktgpIMJX85Pv3xG1ytmcaOl5e+XIjQHyc6q0Mnwdzu096fDPw8WVXzzabxKwd82
BE3HNCzMjYvCx+8t5RPDhGV2oRAoNKl2kXD2dLFjHMaT5kEpJPnmUPTPQoX/yrIk
W85lLHbD21PNPzkCwbt9WiExGUVG9OWeJFbab6d6k2SiTUNjcFMFe6y4GJAhNqPK
AxiIICh/9uOViGg0+WX9fb4hAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdS4E/Lrj
9muyNWlvvGHZnKPS2S8wHwYDVR0jBBgwFoAU5bsti54YaXwBWe2BMuXzS4axN7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUwQzJCL0QyN0U2RUQwQ0I5
NjExRURBQzM0OUI3OUM0RjlBRTAyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNWJzdGk1NFlhWHdCV2UyQk11WHpTNGF4TjdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi8wNEJDRjk5RUNC
OUIxMUVEOEYzMDE5MTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWc5YjANBgkqhkiG9w0BAQsFAAOCAQEAvk+Ei/Ne9xZhDeLg
K0psNhAZ0q/UETqDZqrNawxtOc7oBC02RPT8j3611RLDv7YhgbdYahkD1Bt6ql+5
QNYnEJBQZH004EUEgK/jiUetYo+VuiuazdFgnEHck0jTrHz+UKB2wP+AZF/XtItl
otMZWbDzw5KygoJLjlNxK9tUvR930kTj57vg3SB9jerzJT/CKytyXyNw698XzcKb
EvLRCawq8teh604Dh3Frn2nosHq1cP8Yr1ycn6zEIrv5NdUjRdK15mxY3+x4whUa
TQ31/zdIM23iv+QtPnWowsd+pFg/CGonjey7XLzdDp6jBToQwQvAVMPXJtHqzq6o
d+gg2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org