Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/2BCAB312A20811EDAFA66369C4F9AE02.roa
File:                     2BCAB312A20811EDAFA66369C4F9AE02.roa (raw, json)
Hash identifier:          x49byKSZHbUWhcsNPTvgk4M8XRDTlTzGh7uBRzGc5sI=
Subject key identifier:   2C:4A:A4:D2:2F:1E:F6:8C:01:70:58:20:0B:45:11:4C:39:9D:60:D9
Certificate issuer:       /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14
Certificate serial:       04B4
Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/2BCAB312A20811EDAFA66369C4F9AE02.roa
Signing time:             Wed 01 Feb 2023 08:12:30 +0000
ROA not before:           Wed 01 Feb 2023 08:12:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64831
IP address blocks:        103.42.208.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1204 (0x4b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14
        Validity
            Not Before: Feb  1 08:12:30 2023 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=63da1eed-04e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3d:8c:a0:d4:2d:12:4a:28:23:88:37:f8:f1:
                    1b:a8:31:b4:6f:ec:da:c5:6a:90:9d:e3:62:e9:ad:
                    38:f1:5f:4d:b6:3d:3d:30:4e:a1:c1:54:e9:17:9d:
                    ea:05:53:89:12:ee:8d:61:bc:b5:6c:f4:4e:d7:2d:
                    ce:bc:1e:18:62:57:39:b5:fa:96:c7:f9:0b:03:e5:
                    ef:c0:83:34:d6:e7:95:d2:ae:fb:5f:6f:5e:1f:09:
                    05:d3:f4:e6:d5:cb:e7:d2:2f:24:06:95:0e:78:fa:
                    d3:46:d5:23:32:9d:7b:47:7c:c8:07:13:fa:5b:1e:
                    ca:f5:95:b7:ea:0f:3b:64:af:d9:76:06:63:0f:6f:
                    c8:71:7e:65:9f:4c:90:19:97:5d:40:1f:77:cf:31:
                    75:bb:a3:fd:e4:27:53:19:89:6d:7d:8a:1c:87:be:
                    49:1c:4b:52:4e:42:22:96:5d:81:0c:27:98:48:db:
                    58:97:74:6e:48:c4:02:c6:0a:99:85:ee:b8:c7:1d:
                    2b:f0:42:12:2e:13:b0:50:41:eb:c0:78:ad:48:d9:
                    c6:73:71:18:db:f1:12:08:a5:30:16:8e:a4:2f:fc:
                    9f:00:3b:43:f0:1a:7b:e4:00:45:6d:a5:be:04:0a:
                    e0:32:f3:05:87:ea:a3:04:bb:d7:5b:1e:27:a7:1d:
                    3d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4A:A4:D2:2F:1E:F6:8C:01:70:58:20:0B:45:11:4C:39:9D:60:D9
            X509v3 Authority Key Identifier:
                keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/2BCAB312A20811EDAFA66369C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.42.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b7:ad:d6:30:11:09:20:18:e5:3f:d8:9a:2e:45:09:63:fb:16:
         c9:17:9c:54:a0:5d:cb:d2:e7:26:34:e6:aa:67:42:b1:af:40:
         5c:bc:df:c9:bb:b0:04:53:9f:4b:39:0d:bc:ed:6c:bd:ff:3b:
         76:65:f8:a8:f1:b7:e4:1d:7b:cb:30:64:ce:2b:4d:4d:d0:3f:
         ba:14:38:fb:ae:7d:1d:45:1b:77:91:a7:cf:3c:1b:ff:12:f1:
         63:cf:f0:fc:71:63:97:2d:b7:cc:9e:f3:6d:1b:0e:72:8a:c3:
         8f:cb:45:56:8e:2f:8c:9b:d4:75:ad:f9:a6:11:d5:03:e4:d8:
         62:ed:5f:d6:df:3a:58:80:22:38:f6:86:7a:fc:9f:d9:34:c9:
         34:76:69:65:32:24:31:39:58:2b:bd:d5:3f:13:1e:04:1b:ca:
         6e:ac:ee:d2:9a:39:4b:70:da:2f:e2:82:4c:08:88:65:63:ce:
         0d:af:d4:f2:2f:b3:a7:4d:c7:37:9f:a0:31:4e:ad:04:bb:1c:
         13:24:6f:ed:e0:1a:bb:b4:6c:61:8e:2a:c3:1e:19:14:e0:0b:
         4a:46:f0:8a:d3:96:b4:dc:27:14:40:1e:6b:c7:84:8b:51:4a:
         5f:d7:47:c3:c0:e7:8e:86:7b:3c:7c:10:6d:ca:0a:a8:0b:07:
         39:a0:ae:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD
NTBCNUJBMTQwHhcNMjMwMjAxMDgxMjMwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RhMWVlZC0wNGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2T2MoNQtEkooI4g3+PEbqDG0b+zaxWqQneNi6a048V9Ntj09ME6hwVTpF53q
BVOJEu6NYby1bPRO1y3OvB4YYlc5tfqWx/kLA+XvwIM01ueV0q77X29eHwkF0/Tm
1cvn0i8kBpUOePrTRtUjMp17R3zIBxP6Wx7K9ZW36g87ZK/ZdgZjD2/IcX5ln0yQ
GZddQB93zzF1u6P95CdTGYltfYoch75JHEtSTkIill2BDCeYSNtYl3RuSMQCxgqZ
he64xx0r8EISLhOwUEHrwHitSNnGc3EY2/ESCKUwFo6kL/yfADtD8Bp75ABFbaW+
BArgMvMFh+qjBLvXWx4npx09ewIDAQABo4IClTCCApEwHQYDVR0OBBYEFCxKpNIv
HvaMAXBYIAtFEUw5nWDZMB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3
QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1
aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvMkJDQUIzMTJB
MjA4MTFFREFGQTY2MzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKtAwDQYJKoZIhvcNAQELBQADggEBALet1jARCSAY5T/Y
mi5FCWP7FskXnFSgXcvS5yY05qpnQrGvQFy838m7sARTn0s5DbztbL3/O3Zl+Kjx
t+Qde8swZM4rTU3QP7oUOPuufR1FG3eRp888G/8S8WPP8PxxY5ctt8ye820bDnKK
w4/LRVaOL4yb1HWt+aYR1QPk2GLtX9bfOliAIjj2hnr8n9k0yTR2aWUyJDE5WCu9
1T8THgQbym6s7tKaOUtw2i/igkwIiGVjzg2v1PIvs6dNxzefoDFOrQS7HBMkb+3g
Gru0bGGOKsMeGRTgC0pG8IrTlrTcJxRAHmvHhItRSl/XR8PA546Gezx8EG3KCqgL
BzmgrlI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org