Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BA44FB768BE111EDB56BA140C4F9AE02.roa
File:                     BA44FB768BE111EDB56BA140C4F9AE02.roa (raw, json)
Hash identifier:          ew1gpU6VZw1IXmVbUngTAQyn/v+WRK0EJoyqZc8xWsM=
Subject key identifier:   21:BC:0B:F9:E9:84:9E:F3:B5:BD:52:89:E3:F8:6C:B6:3B:E7:BE:E5
Certificate issuer:       /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial:       0325
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BA44FB768BE111EDB56BA140C4F9AE02.roa
Signing time:             Wed 04 Jan 2023 03:41:53 +0000
ROA not before:           Wed 04 Jan 2023 03:41:53 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        103.173.85.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 805 (0x325)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
        Validity
            Not Before: Jan  4 03:41:53 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63b4f581-163c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:48:82:0c:94:bf:ae:6a:5b:98:d2:ef:2a:c6:
                    b8:93:f7:40:06:19:41:ee:47:d1:a1:df:9a:3b:a9:
                    59:c0:bd:10:25:35:a7:79:f9:50:a6:4b:6e:84:8e:
                    36:1f:35:64:99:fb:04:ce:93:c0:8a:83:95:65:40:
                    94:c3:71:de:a2:e1:57:12:5a:b1:40:19:6b:0a:11:
                    20:25:cd:b0:2f:40:13:be:45:b5:8f:13:05:ec:cc:
                    32:18:31:71:8d:11:0f:48:89:f5:b4:2f:a9:e4:15:
                    80:9c:11:85:cb:ee:66:8b:83:70:0e:2a:e9:d3:3a:
                    fc:f6:de:e6:36:19:8a:fe:20:6c:74:98:fa:65:fd:
                    8e:56:a9:59:e1:13:fa:0b:52:7d:8f:19:90:99:c1:
                    79:b2:67:db:33:e3:44:03:01:31:e1:8e:db:50:12:
                    c8:ab:8e:09:22:01:7c:d2:5e:e7:07:de:5c:0a:6f:
                    dc:9c:5a:9e:d4:a8:80:cc:5e:52:04:43:2b:1d:3c:
                    13:ea:a4:ad:2b:3c:70:f8:64:da:f3:82:cb:b3:1f:
                    b0:66:f5:53:b7:06:34:57:42:e1:d7:12:7c:71:cc:
                    0b:73:1f:01:4d:85:49:83:63:c3:61:cc:92:9d:87:
                    e5:56:73:ea:1a:f1:e5:f0:3b:ad:48:b2:0f:53:da:
                    f1:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:BC:0B:F9:E9:84:9E:F3:B5:BD:52:89:E3:F8:6C:B6:3B:E7:BE:E5
            X509v3 Authority Key Identifier:
                keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BA44FB768BE111EDB56BA140C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.173.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:6e:da:e5:3d:31:58:e8:be:34:64:1e:6b:97:ec:e7:b7:42:
         13:c0:01:05:9c:ba:91:2a:bb:2b:b7:e4:0b:1a:26:28:b4:2b:
         0f:7c:7c:2b:bd:e0:84:af:cd:a4:f9:46:c9:39:16:26:39:a7:
         ff:f1:50:57:81:7f:76:4f:45:63:41:4e:a3:c6:10:8d:d9:73:
         27:bf:2c:29:4e:e9:29:9a:97:eb:e8:83:4c:93:95:41:bf:a6:
         6f:ee:13:30:c7:df:6e:04:bc:40:67:e8:ec:fe:18:43:09:70:
         87:3d:6d:a4:36:ae:b6:9d:27:c6:21:97:98:2c:4c:6c:1f:07:
         d8:fb:db:a7:3c:a0:c8:3f:0b:f4:20:cd:bf:46:6d:a6:76:8c:
         99:36:76:18:b8:70:b4:b5:69:8b:fd:be:5a:69:28:74:d1:ae:
         25:7e:1a:c2:68:77:5c:e9:c9:ba:c5:31:34:3b:b5:28:85:47:
         e8:ed:04:57:0c:3b:62:34:04:75:ea:bb:2d:a8:28:38:de:c5:
         92:cf:34:68:aa:22:e2:a5:8f:42:32:db:32:57:17:26:52:a2:
         cd:58:51:78:da:49:ab:f2:4f:08:b7:54:14:3b:e1:29:54:1a:
         64:64:21:cf:7c:f0:7b:3a:ea:87:3d:02:b7:5d:32:bd:48:96:
         f1:e7:d2:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1
NURCMzFDRTgwHhcNMjMwMTA0MDM0MTUzWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I0ZjU4MS0xNjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0EiCDJS/rmpbmNLvKsa4k/dABhlB7kfRod+aO6lZwL0QJTWneflQpktuhI42
HzVkmfsEzpPAioOVZUCUw3HeouFXElqxQBlrChEgJc2wL0ATvkW1jxMF7MwyGDFx
jREPSIn1tC+p5BWAnBGFy+5mi4NwDirp0zr89t7mNhmK/iBsdJj6Zf2OVqlZ4RP6
C1J9jxmQmcF5smfbM+NEAwEx4Y7bUBLIq44JIgF80l7nB95cCm/cnFqe1KiAzF5S
BEMrHTwT6qStKzxw+GTa84LLsx+wZvVTtwY0V0Lh1xJ8ccwLcx8BTYVJg2PDYcyS
nYflVnPqGvHl8DutSLIPU9rx7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCG8C/np
hJ7ztb1SieP4bLY7577lMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB
ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRERkEvODQ1OTg0Q0UxQTg1MTFFQ0E3NkFFQTNBQzRGOUFFMDIvQkE0NEZCNzY4
QkUxMTFFREI1NkJBMTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrVUwDQYJKoZIhvcNAQELBQADggEBAGpu2uU9MVjovjRk
HmuX7Oe3QhPAAQWcupEquyu35AsaJii0Kw98fCu94ISvzaT5Rsk5FiY5p//xUFeB
f3ZPRWNBTqPGEI3Zcye/LClO6Smal+vog0yTlUG/pm/uEzDH324EvEBn6Oz+GEMJ
cIc9baQ2rradJ8Yhl5gsTGwfB9j726c8oMg/C/Qgzb9GbaZ2jJk2dhi4cLS1aYv9
vlppKHTRriV+GsJod1zpybrFMTQ7tSiFR+jtBFcMO2I0BHXquy2oKDjexZLPNGiq
IuKlj0Iy2zJXFyZSos1YUXjaSavyTwi3VBQ74SlUGmRkIc988Hs66oc9ArddMr1I
lvHn0sU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org