Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/ACB57B3694B811EDB9841674C4F9AE02.roa
File:                     ACB57B3694B811EDB9841674C4F9AE02.roa (raw, json)
Hash identifier:          Y78Oj3UUfq8kbRaPCIUHkQJEAXmf+ASYU7yACs5vL9g=
Subject key identifier:   58:A4:5F:8B:97:03:DA:0D:4A:B5:B2:94:42:E2:BE:75:CA:3A:CD:4E
Certificate issuer:       /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial:       3378
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/ACB57B3694B811EDB9841674C4F9AE02.roa
Signing time:             Sun 15 Jan 2023 09:40:41 +0000
ROA not before:           Sun 15 Jan 2023 09:40:41 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     6939
IP address blocks:        103.230.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13176 (0x3378)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
        Validity
            Not Before: Jan 15 09:40:41 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=63c3ca19-f506
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:01:75:fe:2c:1c:32:10:44:b8:43:ac:c5:95:
                    38:44:ff:e4:f6:e6:1e:e6:af:4c:ba:88:3a:1e:4f:
                    10:0c:b9:25:2b:7e:f1:2a:66:86:28:ef:31:6c:17:
                    fc:8d:e1:17:96:23:15:5c:a2:80:ac:cc:63:90:ba:
                    82:d4:82:61:9c:c5:b5:16:77:1b:39:97:06:7b:16:
                    3c:c2:fb:35:57:8e:80:9f:6e:6e:31:82:b9:64:c4:
                    21:f5:e0:2e:b0:f9:39:bc:46:07:d5:23:f8:e7:90:
                    66:18:a6:7b:50:4d:43:6f:32:87:4c:16:28:c0:72:
                    93:8c:a3:7f:9a:3e:56:b5:86:6e:eb:79:a9:56:f5:
                    c0:9c:c3:f6:eb:7a:13:e9:0f:49:d1:ae:e7:f4:68:
                    98:65:41:21:05:04:ec:e0:f1:58:08:c0:14:7a:63:
                    9c:73:3a:59:91:38:75:21:4a:5a:74:29:21:a9:4a:
                    d4:14:dc:a1:6d:16:3c:b2:ef:2d:c1:ca:dc:b7:25:
                    0a:aa:6f:da:ab:15:f0:4b:62:0f:c4:7d:be:02:fc:
                    28:4d:41:ed:b5:c0:f7:f8:5b:90:f2:b4:9a:27:b7:
                    08:e7:1a:1c:ca:f9:7c:ec:bf:4c:12:ad:d2:e5:5f:
                    e2:a4:9c:76:d7:39:7a:14:fe:4b:dd:aa:ce:0a:8f:
                    7c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A4:5F:8B:97:03:DA:0D:4A:B5:B2:94:42:E2:BE:75:CA:3A:CD:4E
            X509v3 Authority Key Identifier:
                keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/ACB57B3694B811EDB9841674C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:66:ff:88:9f:37:64:ce:8e:65:67:1c:a7:76:b6:5d:18:b6:
         22:45:d7:31:f3:b0:82:cc:d8:66:6c:e7:34:f5:c8:0b:d9:e1:
         6d:7e:83:8d:32:5f:a4:07:53:0a:42:8d:7c:d6:9e:5b:6a:07:
         74:8c:92:df:08:37:8e:e0:dd:24:ac:0b:ef:eb:46:ab:17:8a:
         ec:79:00:8e:ae:9b:0f:0c:57:30:7a:65:44:5e:e1:6e:30:73:
         df:c8:24:25:1f:ec:98:a4:a8:15:39:8e:d0:77:1f:9c:02:af:
         fa:28:8b:e8:b3:b5:e5:bc:ff:15:ba:ce:74:a4:09:34:2d:46:
         3a:48:2a:b9:83:26:01:69:10:4f:c5:32:5a:2d:f6:8c:fe:d7:
         15:80:3a:b7:32:db:c9:32:94:3b:d5:d4:ff:e9:1e:60:1c:1f:
         b5:be:6c:d6:16:1b:b8:eb:ee:59:89:b0:10:80:f2:31:5d:7f:
         fd:31:55:7e:7a:59:9a:b9:69:d1:b3:52:a8:6e:68:eb:77:c8:
         f0:4b:66:c1:38:6b:ee:01:31:f3:a1:e8:13:fc:46:1a:c8:ed:
         e4:34:86:aa:9c:2b:69:1e:6d:98:72:01:b8:f4:52:a3:f8:f4:
         b0:1b:d6:f5:62:53:21:e8:16:d0:dd:f7:10:e9:9e:37:6e:fb:
         2a:2a:69:1c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjMwMTE1MDk0MDQxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MzY2ExOS1mNTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4wF1/iwcMhBEuEOsxZU4RP/k9uYe5q9Muog6Hk8QDLklK37xKmaGKO8xbBf8
jeEXliMVXKKArMxjkLqC1IJhnMW1FncbOZcGexY8wvs1V46An25uMYK5ZMQh9eAu
sPk5vEYH1SP455BmGKZ7UE1DbzKHTBYowHKTjKN/mj5WtYZu63mpVvXAnMP263oT
6Q9J0a7n9GiYZUEhBQTs4PFYCMAUemOcczpZkTh1IUpadCkhqUrUFNyhbRY8su8t
wcrctyUKqm/aqxXwS2IPxH2+AvwoTUHttcD3+FuQ8rSaJ7cI5xocyvl87L9MEq3S
5V/ipJx21zl6FP5L3arOCo98nwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFikX4uX
A9oNSrWylELivnXKOs1OMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvQUNCNTdCMzY5
NEI4MTFFREI5ODQxNjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn5kQwDQYJKoZIhvcNAQELBQADggEBAFhm/4ifN2TOjmVn
HKd2tl0YtiJF1zHzsILM2GZs5zT1yAvZ4W1+g40yX6QHUwpCjXzWnltqB3SMkt8I
N47g3SSsC+/rRqsXiux5AI6umw8MVzB6ZURe4W4wc9/IJCUf7JikqBU5jtB3H5wC
r/ooi+izteW8/xW6znSkCTQtRjpIKrmDJgFpEE/FMlot9oz+1xWAOrcy28kylDvV
1P/pHmAcH7W+bNYWG7jr7lmJsBCA8jFdf/0xVX56WZq5adGzUqhuaOt3yPBLZsE4
a+4BMfOh6BP8RhrI7eQ0hqqcK2kebZhyAbj0UqP49LAb1vViUyHoFtDd9xDpnjdu
+yoqaRw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org