Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/614F7C9A386F11EEABE0D331C4F9AE02.roa
File:                     614F7C9A386F11EEABE0D331C4F9AE02.roa (raw, json)
Hash identifier:          nYhRBuEIwsNNY9LZIwIFbFZ2JrD0Uh054iW91D5i47I=
Subject key identifier:   B2:17:4C:E9:34:6F:3A:DC:4F:27:53:82:92:1B:1B:AD:B0:FF:FF:1F
Certificate issuer:       /CN=A91FF428/serialNumber=BE852A8B3B7EA5C5AC5A52AACB852A01A4CDD082
Certificate serial:       02F2
Authority key identifier: BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/614F7C9A386F11EEABE0D331C4F9AE02.roa
Signing time:             Fri 11 Aug 2023 17:49:12 +0000
ROA not before:           Fri 11 Aug 2023 17:49:12 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     149289
IP address blocks:        103.178.26.0/24 maxlen: 24
                          2001:df0:31c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 754 (0x2f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FF428/serialNumber=BE852A8B3B7EA5C5AC5A52AACB852A01A4CDD082
        Validity
            Not Before: Aug 11 17:49:12 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64d67498-27e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ee:91:bc:39:c3:d0:72:41:07:6a:8d:c1:ab:
                    76:3e:3f:4f:88:d9:c1:32:ee:01:ab:ee:ba:6f:5a:
                    c1:ff:6a:f5:78:9c:db:5f:b8:49:e4:92:84:2f:15:
                    c2:df:b1:7e:6c:61:89:71:f8:e0:dc:dd:b6:59:4b:
                    b9:18:3d:8e:66:e6:cc:4a:36:f1:47:3e:91:21:05:
                    0a:d4:2d:6d:26:89:19:7a:8d:b0:1f:35:c5:fe:a5:
                    81:f8:6a:44:08:d6:e8:aa:1c:81:7d:b8:73:d3:34:
                    0f:56:35:a4:4a:79:82:95:e2:61:44:c4:89:7e:5c:
                    c4:72:96:5c:d8:74:a7:d2:8f:01:67:54:cc:be:f9:
                    23:f3:95:a1:ca:3b:0f:f6:89:bc:04:20:45:97:03:
                    a4:d8:f5:e1:62:57:b4:df:c3:24:40:1e:fa:ce:58:
                    de:c5:4e:bc:85:f3:04:e2:8f:56:e6:17:51:cd:b4:
                    2c:7f:cd:00:01:a2:30:41:79:e0:19:74:4a:65:e9:
                    14:9b:ed:af:1e:88:34:d2:ca:0f:ce:6f:dc:30:0c:
                    fa:7c:25:38:62:b6:ad:78:66:94:e4:3e:24:b7:89:
                    93:04:9d:9a:d2:a0:2f:1f:7e:18:47:ff:54:55:68:
                    bc:c8:1e:ed:85:ff:3d:c1:6d:9c:4f:c1:32:54:18:
                    18:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:17:4C:E9:34:6F:3A:DC:4F:27:53:82:92:1B:1B:AD:B0:FF:FF:1F
            X509v3 Authority Key Identifier:
                keyid:BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/voUqizt-pcWsWlKqy4UqAaTN0II.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/614F7C9A386F11EEABE0D331C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.26.0/24
                IPv6:
                  2001:df0:31c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:7b:a5:5b:48:09:19:3c:ba:5f:14:1d:36:e3:8f:1b:72:89:
         f2:b7:3c:c7:f4:79:8b:f1:a7:d1:44:86:4d:3a:40:72:d4:32:
         0e:f5:69:3c:64:d1:bd:d7:5e:a1:a6:2f:77:0b:81:f3:3d:e5:
         15:14:20:67:4c:59:6b:08:ca:b4:68:a8:21:6c:16:36:78:6f:
         52:b9:eb:2f:60:b5:2e:33:ae:72:a8:73:f6:8e:f2:54:4e:80:
         fd:f7:ca:1e:be:74:43:10:a9:d8:f3:24:e5:7a:3c:ea:31:7b:
         2c:c2:5a:8a:09:07:e1:a9:a3:fd:27:c0:6a:19:28:1c:7e:bc:
         cf:c1:1d:74:88:50:20:c2:05:ae:16:9e:8c:a1:4e:85:3e:44:
         96:47:da:2b:00:16:92:38:d3:8e:50:93:1b:6d:b6:17:1f:20:
         bc:35:2d:7d:e4:ab:a8:c4:85:63:41:42:fd:55:a2:0f:f1:3f:
         5b:94:86:cc:6a:2c:26:57:e4:45:28:92:1b:66:0e:0a:6c:12:
         c4:a0:9e:d6:83:cf:08:fb:a6:a2:8d:57:04:0e:11:2c:1b:db:
         a5:76:77:03:90:1b:e2:a4:40:96:87:36:76:a0:e1:c2:8f:ee:
         c3:cf:bf:95:e0:ca:58:29:28:14:36:e4:eb:e7:67:5c:38:46:
         13:11:4c:31
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY0MjgxMTAvBgNVBAUTKEJFODUyQThCM0I3RUE1QzVBQzVBNTJBQUNCODUyQTAx
QTRDREQwODIwHhcNMjMwODExMTc0OTEyWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2NzQ5OC0yN2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAne6RvDnD0HJBB2qNwat2Pj9PiNnBMu4Bq+66b1rB/2r1eJzbX7hJ5JKELxXC
37F+bGGJcfjg3N22WUu5GD2OZubMSjbxRz6RIQUK1C1tJokZeo2wHzXF/qWB+GpE
CNboqhyBfbhz0zQPVjWkSnmCleJhRMSJflzEcpZc2HSn0o8BZ1TMvvkj85WhyjsP
9om8BCBFlwOk2PXhYle038MkQB76zljexU68hfME4o9W5hdRzbQsf80AAaIwQXng
GXRKZekUm+2vHog00soPzm/cMAz6fCU4YrateGaU5D4kt4mTBJ2a0qAvH34YR/9U
VWi8yB7thf89wW2cT8EyVBgYvQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLIXTOk0
bzrcTydTgpIbG62w//8fMB8GA1UdIwQYMBaAFL6FKos7fqXFrFpSqsuFKgGkzdCC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjQyOC8zNUVCMTM0ODVE
RDgxMUVDQjlCNEQ2MzBDNEY5QUUwMi92b1VxaXp0LXBjV3NXbEtxeTRVcUFhVE4w
SUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZvVXFpenQtcGNXc1dsS3F5NFVxQWFUTjBJSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY0MjgvMzVFQjEzNDg1REQ4MTFFQ0I5QjRENjMwQzRGOUFFMDIvNjE0RjdDOUEz
ODZGMTFFRUFCRTBEMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnshowDwQCAAIwCQMHACABDfAxwDANBgkqhkiG9w0BAQsF
AAOCAQEAlnulW0gJGTy6XxQdNuOPG3KJ8rc8x/R5i/Gn0USGTTpActQyDvVpPGTR
vddeoaYvdwuB8z3lFRQgZ0xZawjKtGioIWwWNnhvUrnrL2C1LjOucqhz9o7yVE6A
/ffKHr50QxCp2PMk5Xo86jF7LMJaigkH4amj/SfAahkoHH68z8EddIhQIMIFrhae
jKFOhT5ElkfaKwAWkjjTjlCTG222Fx8gvDUtfeSrqMSFY0FC/VWiD/E/W5SGzGos
JlfkRSiSG2YOCmwSxKCe1oPPCPumoo1XBA4RLBvbpXZ3A5Ab4qRAloc2dqDhwo/u
w8+/leDKWCkoFDbk6+dnXDhGExFMMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org