Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0C73/821457D2F13711EC97F74F0CC4F9AE02/36CF0E70BF1311ED81685C41C4F9AE02.roa
File:                     36CF0E70BF1311ED81685C41C4F9AE02.roa (raw, json)
Hash identifier:          A/+b9rBU8eOpgH0GmNqhWwjUiS+SGBe9t/mV3Xyvem0=
Subject key identifier:   68:80:A9:BA:CE:A1:90:A3:DD:AD:F5:83:A0:8C:F7:D8:60:C1:99:FB
Certificate issuer:       /CN=A91F0C73/serialNumber=5E709949BAA40A7D47D44D211690B377E051C45F
Certificate serial:       0122
Authority key identifier: 5E:70:99:49:BA:A4:0A:7D:47:D4:4D:21:16:90:B3:77:E0:51:C4:5F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnCZSbqkCn1H1E0hFpCzd-BRxF8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F0C73/821457D2F13711EC97F74F0CC4F9AE02/36CF0E70BF1311ED81685C41C4F9AE02.roa
Signing time:             Fri 10 Mar 2023 07:14:37 +0000
ROA not before:           Fri 10 Mar 2023 07:14:37 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        103.189.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 290 (0x122)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F0C73/serialNumber=5E709949BAA40A7D47D44D211690B377E051C45F
        Validity
            Not Before: Mar 10 07:14:37 2023 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=640ad8dc-f9ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a8:90:70:da:e3:c4:e9:88:fe:b8:1d:4c:b8:
                    04:4c:74:07:5e:21:a4:d5:3b:79:b7:e0:a5:23:4f:
                    ac:f1:dc:87:7f:e2:8e:df:e2:9f:cb:03:2f:ce:57:
                    8b:63:c5:8a:5f:b2:e2:4d:b6:53:92:22:d2:1d:ed:
                    95:c2:13:d5:41:36:b5:b1:5b:34:16:c3:43:28:61:
                    d0:08:27:7d:35:7f:ba:ca:bc:bc:d8:a9:31:19:4b:
                    33:ff:ba:bd:4c:0e:14:d2:89:a9:25:98:1d:00:8c:
                    78:77:df:0c:cb:11:3f:1c:a0:29:a1:e0:0c:30:34:
                    9a:4c:89:4b:76:d6:79:ad:9c:39:95:a1:2f:fd:6a:
                    63:d2:66:05:40:3b:73:60:b3:86:25:e8:cc:b3:03:
                    98:16:fd:50:1e:e5:df:43:42:9c:8b:20:c8:26:eb:
                    43:ce:0f:55:51:64:73:9b:37:33:72:00:c2:68:90:
                    50:15:e0:51:19:e4:4c:fb:57:d8:95:07:b2:9f:ea:
                    97:05:7a:7b:6e:4c:3b:8a:cd:9b:85:9c:d8:a8:f6:
                    08:be:1c:1b:12:e7:b6:e5:34:09:76:cb:49:8e:8b:
                    e7:e2:f2:51:f4:a5:68:3f:67:6f:5e:53:c9:97:c8:
                    81:30:5f:18:b3:d3:c1:03:ba:d6:85:f2:80:d4:c9:
                    26:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:80:A9:BA:CE:A1:90:A3:DD:AD:F5:83:A0:8C:F7:D8:60:C1:99:FB
            X509v3 Authority Key Identifier:
                keyid:5E:70:99:49:BA:A4:0A:7D:47:D4:4D:21:16:90:B3:77:E0:51:C4:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F0C73/821457D2F13711EC97F74F0CC4F9AE02/XnCZSbqkCn1H1E0hFpCzd-BRxF8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnCZSbqkCn1H1E0hFpCzd-BRxF8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0C73/821457D2F13711EC97F74F0CC4F9AE02/36CF0E70BF1311ED81685C41C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:17:8e:3c:6e:91:5f:3d:b1:9b:7a:ea:dc:10:2e:22:a6:71:
         7e:8b:ae:1a:4c:b7:5f:e5:ea:95:18:7a:99:11:41:03:a4:22:
         de:03:da:a4:74:3b:c0:27:7c:02:42:18:26:c6:85:0c:85:ef:
         4e:8c:2b:c4:00:73:5d:a9:a6:08:84:20:d5:27:ac:e2:7d:25:
         9f:ae:7b:e1:2c:7a:b8:40:d0:52:32:b5:dc:16:54:26:bb:1e:
         01:18:75:a1:c9:96:6f:8d:61:99:39:50:5d:9a:3c:6c:66:b4:
         67:e5:c1:ee:1f:13:b0:7f:29:58:c0:80:51:a9:96:d9:5c:43:
         e7:b1:f1:de:58:7e:5d:b1:ad:8a:d3:ef:84:49:b8:9c:ea:23:
         92:fa:82:47:59:c5:f1:19:ec:60:81:d7:ce:5a:13:25:af:cb:
         21:ac:7f:a8:ad:9c:b9:27:29:7c:66:0f:c9:f8:e7:ab:95:22:
         5f:d3:3e:9d:a9:e1:a3:50:20:e1:f7:74:c1:5d:f5:f3:b8:15:
         67:48:bd:54:8d:0f:0c:5d:08:6d:6f:00:77:c8:fd:36:2e:ff:
         57:94:ff:75:53:24:d4:14:82:15:77:8b:b0:a7:4e:de:bc:78:
         27:0c:35:a3:5f:80:5a:9d:ac:82:ee:40:35:39:26:da:eb:cf:
         ab:7c:2b:7c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjBDNzMxMTAvBgNVBAUTKDVFNzA5OTQ5QkFBNDBBN0Q0N0Q0NEQyMTE2OTBCMzc3
RTA1MUM0NUYwHhcNMjMwMzEwMDcxNDM3WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBhZDhkYy1mOWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoqiQcNrjxOmI/rgdTLgETHQHXiGk1Tt5t+ClI0+s8dyHf+KO3+KfywMvzleL
Y8WKX7LiTbZTkiLSHe2VwhPVQTa1sVs0FsNDKGHQCCd9NX+6yry82KkxGUsz/7q9
TA4U0ompJZgdAIx4d98MyxE/HKApoeAMMDSaTIlLdtZ5rZw5laEv/Wpj0mYFQDtz
YLOGJejMswOYFv1QHuXfQ0KciyDIJutDzg9VUWRzmzczcgDCaJBQFeBRGeRM+1fY
lQeyn+qXBXp7bkw7is2bhZzYqPYIvhwbEue25TQJdstJjovn4vJR9KVoP2dvXlPJ
l8iBMF8Ys9PBA7rWhfKA1MkmrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGiAqbrO
oZCj3a31g6CM99hgwZn7MB8GA1UdIwQYMBaAFF5wmUm6pAp9R9RNIRaQs3fgUcRf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEM3My84MjE0NTdEMkYx
MzcxMUVDOTdGNzRGMENDNEY5QUUwMi9YbkNaU2Jxa0NuMUgxRTBoRnBDemQtQlJ4
RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1huQ1pTYnFrQ24xSDFFMGhGcEN6ZC1CUnhGOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjBDNzMvODIxNDU3RDJGMTM3MTFFQzk3Rjc0RjBDQzRGOUFFMDIvMzZDRjBFNzBC
RjEzMTFFRDgxNjg1QzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnve4wDQYJKoZIhvcNAQELBQADggEBAMQXjjxukV89sZt6
6twQLiKmcX6LrhpMt1/l6pUYepkRQQOkIt4D2qR0O8AnfAJCGCbGhQyF706MK8QA
c12ppgiEINUnrOJ9JZ+ue+EserhA0FIytdwWVCa7HgEYdaHJlm+NYZk5UF2aPGxm
tGflwe4fE7B/KVjAgFGpltlcQ+ex8d5Yfl2xrYrT74RJuJzqI5L6gkdZxfEZ7GCB
185aEyWvyyGsf6itnLknKXxmD8n456uVIl/TPp2p4aNQIOH3dMFd9fO4FWdIvVSN
DwxdCG1vAHfI/TYu/1eU/3VTJNQUghV3i7CnTt68eCcMNaNfgFqdrILuQDU5Jtrr
z6t8K3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org