Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/CAC596F6B68711ED8D6A7523C4F9AE02.roa
File:                     CAC596F6B68711ED8D6A7523C4F9AE02.roa (raw, json)
Hash identifier:          90hzxWHrBZx8pBIq2N3e0mJorZibrAJMpRrWzYmDxWg=
Subject key identifier:   C3:F5:AE:C4:E4:3A:DA:9E:DD:C7:D1:3C:22:08:74:ED:45:F5:F3:C9
Certificate issuer:       /CN=A91F7506/serialNumber=FF6A7C2CB3DD2D77BDE68B36BA836C7958A9D4DA
Certificate serial:       02
Authority key identifier: FF:6A:7C:2C:B3:DD:2D:77:BD:E6:8B:36:BA:83:6C:79:58:A9:D4:DA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2p8LLPdLXe95os2uoNseVip1No.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/CAC596F6B68711ED8D6A7523C4F9AE02.roa
Signing time:             Mon 27 Feb 2023 10:16:26 +0000
ROA not before:           Mon 27 Feb 2023 10:16:26 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     134068
IP address blocks:        103.56.0.0/23 maxlen: 23
                          2001:df1:b540::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F7506/serialNumber=FF6A7C2CB3DD2D77BDE68B36BA836C7958A9D4DA
        Validity
            Not Before: Feb 27 10:16:26 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63fc82fa-aa87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:28:81:0a:52:48:cd:ac:cc:35:00:ee:64:f9:
                    27:d1:d8:13:84:67:65:f9:ee:b6:5a:ef:c0:c5:8a:
                    a0:79:9c:2a:a6:b4:69:8c:47:26:4e:5f:c8:2d:b9:
                    b4:c3:ab:d1:28:fd:0f:25:df:bf:9e:74:cf:11:a9:
                    5e:b6:40:a7:43:f4:31:01:4f:14:88:03:6e:7e:3a:
                    fd:ee:d6:af:84:4e:47:9e:60:4d:60:01:af:19:b4:
                    bb:aa:b5:f9:e4:b8:a6:fd:78:b8:3d:50:31:cf:44:
                    e7:63:4c:20:06:be:7f:d9:97:ea:00:12:bd:1d:fa:
                    6b:5b:e8:53:fe:ce:7a:4a:5e:74:47:0f:d4:40:8f:
                    ca:7b:a7:ad:22:87:c9:ab:6d:71:eb:f4:55:c8:17:
                    a3:90:9f:90:a8:c4:d0:49:0b:fe:c1:8c:65:8b:db:
                    9e:3c:69:6b:a3:93:94:11:91:a6:71:46:08:2c:02:
                    ed:46:ce:96:2b:18:a9:e1:7e:3e:f8:e5:cc:02:ae:
                    ee:61:82:77:93:0e:dc:b9:6b:bd:db:63:69:1c:4d:
                    88:f2:f8:14:23:d6:03:a6:b2:7f:5c:ff:ce:6d:06:
                    87:aa:d7:e7:79:75:fb:90:ae:7f:dd:26:03:a8:d2:
                    d0:20:9e:b9:33:fc:a2:b9:1f:4e:17:76:d1:4d:ed:
                    c1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F5:AE:C4:E4:3A:DA:9E:DD:C7:D1:3C:22:08:74:ED:45:F5:F3:C9
            X509v3 Authority Key Identifier:
                keyid:FF:6A:7C:2C:B3:DD:2D:77:BD:E6:8B:36:BA:83:6C:79:58:A9:D4:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/_2p8LLPdLXe95os2uoNseVip1No.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2p8LLPdLXe95os2uoNseVip1No.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/CAC596F6B68711ED8D6A7523C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.56.0.0/23
                IPv6:
                  2001:df1:b540::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:40:f9:a3:78:89:71:38:d1:72:82:e2:36:d3:5f:e5:a8:23:
         f6:ac:24:d3:29:e6:9c:b1:50:29:f9:e5:39:a3:6e:35:ba:60:
         11:b3:0d:f9:be:8b:e5:ed:38:92:b0:f1:79:50:78:08:d4:30:
         22:4e:17:25:6d:bc:ee:74:13:7a:86:fb:51:94:33:9e:dc:67:
         fd:0e:f1:22:f6:d9:83:32:ad:29:7d:ab:7f:7e:a0:79:cf:13:
         15:9c:32:42:e3:f5:92:08:c2:bd:66:8b:3b:8a:ce:af:fe:af:
         cf:c9:12:c0:d9:81:f0:ed:60:38:91:d6:fb:a9:f1:15:48:61:
         f6:41:fe:a1:d1:a9:e8:3d:05:87:27:46:52:be:bd:2d:d9:92:
         f0:d0:3d:76:27:57:ff:c2:74:b6:10:e0:10:6c:82:ea:40:80:
         42:7c:e3:1a:50:b3:a7:12:93:2c:25:a5:91:db:79:ae:36:30:
         0f:f9:5f:8e:1a:2d:16:99:86:96:bf:68:d8:f8:09:a2:26:e9:
         d9:81:77:71:0f:48:6b:c4:82:3f:3c:80:96:1e:40:ed:90:bc:
         f7:8e:85:50:dd:c1:a4:88:46:07:6e:1b:0c:12:c3:34:3e:5a:
         0f:37:48:15:e8:7d:c0:b7:f6:33:d4:1d:69:72:72:06:d4:ed:
         ad:fe:cb:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NzUwNjExMC8GA1UEBRMoRkY2QTdDMkNCM0REMkQ3N0JERTY4QjM2QkE4MzZDNzk1
OEE5RDREQTAeFw0yMzAyMjcxMDE2MjZaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZmM4MmZhLWFhODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMKIEKUkjNrMw1AO5k+SfR2BOEZ2X57rZa78DFiqB5nCqmtGmMRyZOX8gtubTD
q9Eo/Q8l37+edM8RqV62QKdD9DEBTxSIA25+Ov3u1q+ETkeeYE1gAa8ZtLuqtfnk
uKb9eLg9UDHPROdjTCAGvn/Zl+oAEr0d+mtb6FP+znpKXnRHD9RAj8p7p60ih8mr
bXHr9FXIF6OQn5CoxNBJC/7BjGWL2548aWujk5QRkaZxRggsAu1GzpYrGKnhfj74
5cwCru5hgneTDty5a73bY2kcTYjy+BQj1gOmsn9c/85tBoeq1+d5dfuQrn/dJgOo
0tAgnrkz/KK5H04XdtFN7cFfAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUw/WuxOQ6
2p7dx9E8Igh07UX188kwHwYDVR0jBBgwFoAU/2p8LLPdLXe95os2uoNseVip1Now
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY3NTA2Lzk1NTQyNjYyQjY4
MzExRUQ4QTE4NUMxREM0RjlBRTAyL18ycDhMTFBkTFhlOTVvczJ1b05zZVZpcDFO
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvXzJwOExMUGRMWGU5NW9zMnVvTnNlVmlwMU5vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NzUwNi85NTU0MjY2MkI2ODMxMUVEOEExODVDMURDNEY5QUUwMi9DQUM1OTZGNkI2
ODcxMUVEOEQ2QTc1MjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWc4ADAPBAIAAjAJAwcAIAEN8bVAMA0GCSqGSIb3DQEBCwUA
A4IBAQA7QPmjeIlxONFyguI201/lqCP2rCTTKeacsVAp+eU5o241umARsw35vovl
7TiSsPF5UHgI1DAiThclbbzudBN6hvtRlDOe3Gf9DvEi9tmDMq0pfat/fqB5zxMV
nDJC4/WSCMK9Zos7is6v/q/PyRLA2YHw7WA4kdb7qfEVSGH2Qf6h0anoPQWHJ0ZS
vr0t2ZLw0D12J1f/wnS2EOAQbILqQIBCfOMaULOnEpMsJaWR23muNjAP+V+OGi0W
mYaWv2jY+AmiJunZgXdxD0hrxII/PICWHkDtkLz3joVQ3cGkiEYHbhsMEsM0PloP
N0gV6H3At/Yz1B1pcnIG1O2t/svN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:39 2024 by rpki-client on console-ams.rpki-client.org