Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91105F6/E820026AB3FB11EDBBDB3022C4F9AE02/BD56E97855C611EEB6D43F14C4F9AE02.roa
File:                     BD56E97855C611EEB6D43F14C4F9AE02.roa (raw, json)
Hash identifier:          ie6opONnQ4Uh8caaOq+iNNjbFDoRtR/B5Ki54Y185Yg=
Subject key identifier:   73:8C:C1:43:33:EC:CB:93:08:5A:E4:66:A8:D6:FD:46:42:14:BC:85
Certificate issuer:       /CN=A91105F6/serialNumber=69C56E26D764F1AE4F468628E57531D3734AC027
Certificate serial:       71
Authority key identifier: 69:C5:6E:26:D7:64:F1:AE:4F:46:86:28:E5:75:31:D3:73:4A:C0:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acVuJtdk8a5PRoYo5XUx03NKwCc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91105F6/E820026AB3FB11EDBBDB3022C4F9AE02/BD56E97855C611EEB6D43F14C4F9AE02.roa
Signing time:             Mon 18 Sep 2023 02:22:37 +0000
ROA not before:           Mon 18 Sep 2023 02:22:37 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     141400
IP address blocks:        163.233.0.0/16 maxlen: 16
                          163.233.128.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113 (0x71)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91105F6/serialNumber=69C56E26D764F1AE4F468628E57531D3734AC027
        Validity
            Not Before: Sep 18 02:22:37 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=6507b46d-938d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cb:68:b9:63:0d:ea:75:ec:d2:0f:b3:4c:aa:
                    25:9c:2c:a5:48:8f:09:d2:d8:43:62:cd:db:8a:53:
                    b3:81:5b:b5:a8:a0:d9:ce:c8:79:1e:34:5d:37:78:
                    f7:86:ce:59:17:6f:2e:d3:83:e1:39:37:37:16:d5:
                    87:45:ef:02:34:7f:f0:d6:76:7c:3c:47:40:df:ee:
                    bf:81:59:39:5b:9e:40:76:86:27:89:34:21:4b:f8:
                    a8:30:6a:81:45:82:a9:57:4c:1e:be:a1:52:f1:0b:
                    99:6d:a6:07:2e:99:a1:11:33:2b:89:8c:63:e0:72:
                    e9:6e:87:97:b1:90:da:0c:22:c8:5c:0c:02:8d:81:
                    4c:71:f1:bb:fd:03:46:01:3c:06:78:29:00:d7:38:
                    02:4d:cf:1a:1a:8c:05:7e:f0:e1:28:7d:88:59:a0:
                    58:e7:98:11:39:71:2e:16:0e:57:41:f8:fc:be:45:
                    e6:a8:1e:3f:ec:10:de:f3:71:c4:e1:19:f4:c6:b9:
                    12:4d:d2:f2:ec:ef:6c:18:c1:c2:fa:63:dc:aa:3f:
                    2a:fd:61:cb:4f:13:f3:28:87:46:6a:7b:fc:be:b7:
                    3f:b4:e5:1c:c5:5c:81:a8:a5:71:eb:ad:66:1c:66:
                    ab:31:ee:7d:09:ce:1d:14:06:1c:57:4a:d2:42:9b:
                    2c:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:8C:C1:43:33:EC:CB:93:08:5A:E4:66:A8:D6:FD:46:42:14:BC:85
            X509v3 Authority Key Identifier:
                keyid:69:C5:6E:26:D7:64:F1:AE:4F:46:86:28:E5:75:31:D3:73:4A:C0:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91105F6/E820026AB3FB11EDBBDB3022C4F9AE02/acVuJtdk8a5PRoYo5XUx03NKwCc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acVuJtdk8a5PRoYo5XUx03NKwCc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91105F6/E820026AB3FB11EDBBDB3022C4F9AE02/BD56E97855C611EEB6D43F14C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.233.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2b:49:e4:8a:91:c8:41:28:93:4d:f4:e9:05:a4:0c:8e:6e:5c:
         61:c6:1f:35:d7:c8:dd:d9:7d:32:60:48:8f:96:f7:39:eb:52:
         a2:83:7b:f8:7a:16:e8:10:04:f0:de:ec:be:ab:2e:55:fb:be:
         13:cb:68:79:5e:ef:40:cd:f7:e6:d5:e1:93:14:d0:c3:f4:d8:
         ac:f8:6b:da:06:02:fe:3b:e5:08:61:f1:fa:16:ca:85:1f:cd:
         a1:2e:0c:91:2f:d0:11:ae:f4:ce:a5:57:a0:2d:1c:84:eb:30:
         67:7e:e2:a6:94:8c:c6:5c:4f:67:25:4c:fc:4a:00:65:14:0e:
         0c:f3:37:43:e7:61:24:5f:51:76:a0:e4:63:87:75:77:3e:15:
         d9:84:f9:7a:6d:cb:f8:51:44:33:22:6d:db:c9:e4:b8:6a:0d:
         97:e7:a3:7d:74:00:52:14:ae:80:d3:1b:f3:0e:15:aa:ac:83:
         85:f2:93:46:f4:f1:61:99:da:a4:d9:6c:b6:49:30:f8:aa:02:
         e4:fe:89:33:6d:2d:3e:07:88:48:3e:e4:78:03:6a:f8:3e:16:
         fe:a1:7f:b4:be:fa:10:e7:30:15:28:b3:70:8e:30:4c:f0:b1:
         1a:63:3a:94:cb:b4:67:a9:07:d8:12:34:3d:17:2b:48:41:55:
         09:f4:46:f3
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MDVGNjExMC8GA1UEBRMoNjlDNTZFMjZENzY0RjFBRTRGNDY4NjI4RTU3NTMxRDM3
MzRBQzAyNzAeFw0yMzA5MTgwMjIyMzdaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDdiNDZkLTkzOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIy2i5Yw3qdezSD7NMqiWcLKVIjwnS2ENizduKU7OBW7WooNnOyHkeNF03ePeG
zlkXby7Tg+E5NzcW1YdF7wI0f/DWdnw8R0Df7r+BWTlbnkB2hieJNCFL+KgwaoFF
gqlXTB6+oVLxC5ltpgcumaERMyuJjGPgculuh5exkNoMIshcDAKNgUxx8bv9A0YB
PAZ4KQDXOAJNzxoajAV+8OEofYhZoFjnmBE5cS4WDldB+Py+ReaoHj/sEN7zccTh
GfTGuRJN0vLs72wYwcL6Y9yqPyr9YctPE/Moh0Zqe/y+tz+05RzFXIGopXHrrWYc
Zqsx7n0Jzh0UBhxXStJCmywJAgMBAAGjggKUMIICkDAdBgNVHQ4EFgQUc4zBQzPs
y5MIWuRmqNb9RkIUvIUwHwYDVR0jBBgwFoAUacVuJtdk8a5PRoYo5XUx03NKwCcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwNUY2L0U4MjAwMjZBQjNG
QjExRURCQkRCMzAyMkM0RjlBRTAyL2FjVnVKdGRrOGE1UFJvWW81WFV4MDNOS3dD
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYWNWdUp0ZGs4YTVQUm9ZbzVYVXgwM05Ld0NjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDVGNi9FODIwMDI2QUIzRkIxMUVEQkJEQjMwMjJDNEY5QUUwMi9CRDU2RTk3ODU1
QzYxMUVFQjZENDNGMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAKPpMA0GCSqGSIb3DQEBCwUAA4IBAQArSeSKkchBKJNN9OkF
pAyOblxhxh8118jd2X0yYEiPlvc561Kig3v4ehboEATw3uy+qy5V+74Ty2h5Xu9A
zffm1eGTFNDD9Nis+GvaBgL+O+UIYfH6FsqFH82hLgyRL9ARrvTOpVegLRyE6zBn
fuKmlIzGXE9nJUz8SgBlFA4M8zdD52EkX1F2oORjh3V3PhXZhPl6bcv4UUQzIm3b
yeS4ag2X56N9dABSFK6A0xvzDhWqrIOF8pNG9PFhmdqk2Wy2STD4qgLk/okzbS0+
B4hIPuR4A2r4Phb+oX+0vvoQ5zAVKLNwjjBM8LEaYzqUy7RnqQfYEjQ9FytIQVUJ
9Ebz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-ams.rpki-client.org