Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/67A080B4C19E11ED9703E456C4F9AE02.roa
File:                     67A080B4C19E11ED9703E456C4F9AE02.roa (raw, json)
Hash identifier:          BfAcBl7cNKCwvsbsQegGM4yeUmHS7pqdCrphHWPKbsA=
Subject key identifier:   2E:0F:34:B3:0E:A2:01:08:A1:24:8B:19:17:DB:BE:1C:24:29:59:AB
Certificate issuer:       /CN=A91E4C30/serialNumber=58A0DDD02555C837486D55435186DCC576A1283E
Certificate serial:       20
Authority key identifier: 58:A0:DD:D0:25:55:C8:37:48:6D:55:43:51:86:DC:C5:76:A1:28:3E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKDd0CVVyDdIbVVDUYbcxXahKD4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/67A080B4C19E11ED9703E456C4F9AE02.roa
Signing time:             Mon 13 Mar 2023 12:56:01 +0000
ROA not before:           Mon 13 Mar 2023 12:56:01 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     137449
IP address blocks:        103.61.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32 (0x20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4C30/serialNumber=58A0DDD02555C837486D55435186DCC576A1283E
        Validity
            Not Before: Mar 13 12:56:01 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=640f1d60-212a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:50:a3:5d:b8:20:50:f2:0a:ab:99:9c:07:f0:
                    d6:9a:e8:83:45:a6:8d:70:66:3b:e6:bd:82:fb:5d:
                    73:a6:9f:e3:d0:eb:d5:c3:01:04:4e:a2:ba:1d:21:
                    32:ff:52:80:f1:43:4b:5a:a4:0f:ec:cb:55:c5:42:
                    fd:ae:a6:5a:c0:ac:41:37:6f:1e:e9:5b:04:b2:e8:
                    98:c4:cd:d7:45:7a:ce:5c:1f:29:4a:bb:e0:68:72:
                    c7:cc:bf:a2:d2:be:37:d1:d4:e0:54:5a:aa:cc:fc:
                    a6:86:83:82:48:9a:35:36:97:78:45:c6:f2:82:dc:
                    01:9b:7c:fd:d4:7e:0e:13:17:10:20:34:03:af:cb:
                    2f:da:4c:f2:ca:c7:08:cd:b8:83:ce:66:d7:b3:1a:
                    e3:20:81:22:6e:16:d9:10:d1:41:83:78:89:0b:50:
                    d3:55:03:10:b2:d5:0e:d4:a9:64:27:6f:86:58:02:
                    12:09:42:02:86:51:60:6b:82:70:ee:e3:26:2c:be:
                    00:c7:64:01:74:79:2b:9c:73:1d:b5:f4:30:84:63:
                    46:7c:75:e0:6a:57:f5:2b:a7:2d:96:0e:6e:a0:68:
                    30:ee:07:23:b0:8e:d0:bc:e7:79:fc:62:6d:bc:98:
                    62:1b:87:f6:c4:ee:62:43:ab:e4:45:2b:3c:73:9f:
                    95:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:0F:34:B3:0E:A2:01:08:A1:24:8B:19:17:DB:BE:1C:24:29:59:AB
            X509v3 Authority Key Identifier:
                keyid:58:A0:DD:D0:25:55:C8:37:48:6D:55:43:51:86:DC:C5:76:A1:28:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/WKDd0CVVyDdIbVVDUYbcxXahKD4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKDd0CVVyDdIbVVDUYbcxXahKD4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/67A080B4C19E11ED9703E456C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.61.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:26:d8:36:73:94:0b:86:95:79:59:f9:7f:97:da:ff:ef:4d:
         f4:1a:ba:5b:87:ac:39:02:cb:6b:3e:26:67:a0:eb:a5:c8:d9:
         a2:08:d4:5d:09:4d:8e:e7:00:44:dd:4d:3a:79:e3:9d:18:9a:
         ca:59:36:71:ba:5b:0c:0a:17:3e:61:0b:0b:de:14:25:17:df:
         94:1b:82:ab:84:2b:7f:4b:33:d5:6f:ec:75:68:69:7d:3a:dd:
         2d:a9:39:e5:dc:bd:39:6f:58:31:e5:c6:4f:fd:8d:91:97:f2:
         50:fb:4b:e5:b3:5f:88:a7:32:52:ff:35:fe:2c:53:c3:61:8d:
         74:7d:dd:93:e4:77:c3:b8:5c:18:f6:e3:b0:fc:57:f6:35:63:
         68:4d:57:0f:1a:0f:72:a5:90:3c:c8:11:fe:b5:0a:8d:e2:ec:
         c7:0b:63:13:12:59:92:fa:af:33:63:98:ed:ae:31:78:d7:84:
         34:68:76:f7:81:54:e1:35:2c:71:e1:45:2f:bd:95:ef:76:ed:
         c7:0d:c6:3e:04:1f:c4:5d:64:40:d5:9a:10:d2:2f:e1:4f:68:
         35:a4:0f:e1:b1:53:5c:0a:a6:65:67:6e:5e:63:b5:8d:8b:a8:
         e5:90:30:df:68:07:28:f9:d4:f3:04:85:3e:28:41:a0:c4:91:
         bc:67:6e:ad
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NEMzMDExMC8GA1UEBRMoNThBMERERDAyNTU1QzgzNzQ4NkQ1NTQzNTE4NkRDQzU3
NkExMjgzRTAeFw0yMzAzMTMxMjU2MDFaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MGYxZDYwLTIxMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgUKNduCBQ8gqrmZwH8Naa6INFpo1wZjvmvYL7XXOmn+PQ69XDAQROorodITL/
UoDxQ0tapA/sy1XFQv2uplrArEE3bx7pWwSy6JjEzddFes5cHylKu+BocsfMv6LS
vjfR1OBUWqrM/KaGg4JImjU2l3hFxvKC3AGbfP3Ufg4TFxAgNAOvyy/aTPLKxwjN
uIPOZtezGuMggSJuFtkQ0UGDeIkLUNNVAxCy1Q7UqWQnb4ZYAhIJQgKGUWBrgnDu
4yYsvgDHZAF0eSuccx219DCEY0Z8deBqV/Urpy2WDm6gaDDuByOwjtC853n8Ym28
mGIbh/bE7mJDq+RFKzxzn5X/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULg80sw6i
AQihJIsZF9u+HCQpWaswHwYDVR0jBBgwFoAUWKDd0CVVyDdIbVVDUYbcxXahKD4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0QzMwLzBGMUY3Q0U4OTY0
MTExRURCQTlEQ0M0RkM0RjlBRTAyL1dLRGQwQ1ZWeURkSWJWVkRVWWJjeFhhaEtE
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV0tEZDBDVlZ5RGRJYlZWRFVZYmN4WGFoS0Q0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NEMzMC8wRjFGN0NFODk2NDExMUVEQkE5RENDNEZDNEY5QUUwMi82N0EwODBCNEMx
OUUxMUVEOTcwM0U0NTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGc98DANBgkqhkiG9w0BAQsFAAOCAQEAXSbYNnOUC4aVeVn5
f5fa/+9N9Bq6W4esOQLLaz4mZ6DrpcjZogjUXQlNjucARN1NOnnjnRiaylk2cbpb
DAoXPmELC94UJRfflBuCq4Qrf0sz1W/sdWhpfTrdLak55dy9OW9YMeXGT/2NkZfy
UPtL5bNfiKcyUv81/ixTw2GNdH3dk+R3w7hcGPbjsPxX9jVjaE1XDxoPcqWQPMgR
/rUKjeLsxwtjExJZkvqvM2OY7a4xeNeENGh294FU4TUsceFFL72V73btxw3GPgQf
xF1kQNWaENIv4U9oNaQP4bFTXAqmZWduXmO1jYuo5ZAw32gHKPnU8wSFPihBoMSR
vGdurQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org