Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119DCB/E4C0F56C187F11EBAE29692EC4F9AE02/27B3089C25FF11EBAF634966C4F9AE02.roa
File:                     27B3089C25FF11EBAF634966C4F9AE02.roa (raw, json)
Hash identifier:          GABZdNCQg8Jj2CRhj/adeaxrXffjqiTBhaKhp7nvZXg=
Subject key identifier:   96:0A:51:43:CE:82:44:41:76:02:10:03:D2:2B:6C:A2:81:8A:79:E6
Certificate issuer:       /CN=A9119DCB/serialNumber=1723DCB41A04268A587AACE8CFD9DAE5F9F51DF7
Certificate serial:       0472
Authority key identifier: 17:23:DC:B4:1A:04:26:8A:58:7A:AC:E8:CF:D9:DA:E5:F9:F5:1D:F7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FyPctBoEJopYeqzoz9na5fn1Hfc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119DCB/E4C0F56C187F11EBAE29692EC4F9AE02/27B3089C25FF11EBAF634966C4F9AE02.roa
Signing time:             Tue 10 May 2022 12:31:29 +0000
ROA not before:           Tue 10 May 2022 12:31:29 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     10310
IP address blocks:        27.123.32.0/22 maxlen: 22
                          183.177.76.0/22 maxlen: 22
                          202.43.216.0/23 maxlen: 23
                          202.43.216.0/24 maxlen: 24
                          202.43.216.0/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1138 (0x472)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119DCB/serialNumber=1723DCB41A04268A587AACE8CFD9DAE5F9F51DF7
        Validity
            Not Before: May 10 12:31:29 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627a5b21-5d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6b:4d:4c:91:ca:3f:cf:78:cf:6e:20:b1:2a:
                    b2:af:66:99:3f:a3:46:70:80:43:02:cc:f4:e1:4b:
                    24:ab:0c:80:63:6c:6b:d0:b6:99:89:51:c6:23:e6:
                    6c:f9:02:ca:6c:c4:e4:f3:59:57:1f:71:35:f5:d5:
                    f2:fe:6b:5f:7a:a6:a3:a9:3a:87:66:d5:dc:34:f8:
                    31:a5:d4:d2:de:02:4b:a4:6a:14:59:f1:05:05:b7:
                    33:e4:1c:4e:4e:67:bf:76:29:8b:6a:bc:25:57:ee:
                    cd:e5:14:78:a2:18:2a:a8:99:b0:56:c0:74:6c:14:
                    11:62:32:a0:58:1d:b9:b5:67:95:02:d0:0e:87:5a:
                    61:3f:92:aa:db:21:35:58:7e:0d:16:01:ab:66:d6:
                    1b:71:52:e4:50:2f:8e:e8:3f:42:0e:12:dd:bb:db:
                    47:b3:f8:79:d6:9c:4f:49:c4:dd:75:35:51:9b:e4:
                    9d:6d:68:14:52:4f:ca:56:ba:b7:d4:c5:16:9c:35:
                    1b:59:27:2c:58:5e:42:d8:2d:22:26:09:fd:66:d5:
                    bd:3b:9e:91:1c:54:e2:9e:a7:dd:41:1b:96:6f:2f:
                    02:a5:6e:bd:71:1c:9d:a9:a3:c4:43:65:5c:55:f4:
                    84:a9:73:8b:e4:35:34:a4:98:59:24:ae:79:46:7e:
                    ce:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:0A:51:43:CE:82:44:41:76:02:10:03:D2:2B:6C:A2:81:8A:79:E6
            X509v3 Authority Key Identifier:
                keyid:17:23:DC:B4:1A:04:26:8A:58:7A:AC:E8:CF:D9:DA:E5:F9:F5:1D:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119DCB/E4C0F56C187F11EBAE29692EC4F9AE02/FyPctBoEJopYeqzoz9na5fn1Hfc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FyPctBoEJopYeqzoz9na5fn1Hfc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119DCB/E4C0F56C187F11EBAE29692EC4F9AE02/27B3089C25FF11EBAF634966C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.123.32.0/22
                  183.177.76.0/22
                  202.43.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:94:a6:53:3a:9e:66:c8:b0:d1:3e:2c:9b:2b:b5:e1:01:1b:
         76:42:f3:4a:1b:29:e2:e6:fa:c7:4a:38:5b:5d:8b:7e:ef:be:
         14:67:cc:07:63:76:24:d5:25:7e:82:42:e1:d0:6c:bd:25:12:
         a1:72:ce:c7:9b:af:59:e9:0f:bc:66:ee:51:7c:9f:21:44:57:
         da:9c:af:69:32:92:a6:34:b3:74:87:1d:c1:ff:4f:be:4d:83:
         c6:95:1b:bf:60:fd:6d:bd:0a:ec:e4:b0:a7:ae:e5:5e:9f:85:
         a6:1e:2a:66:f8:9f:c6:95:51:60:29:94:85:7b:40:97:f2:60:
         21:9d:26:15:b3:09:d9:3d:69:38:07:77:52:5c:e2:be:fe:94:
         8c:2e:af:cc:37:f5:64:10:4e:b5:44:1d:63:a9:65:25:e8:2a:
         08:85:83:b7:6a:7e:08:4c:08:b2:f9:71:e1:67:f1:7a:95:8b:
         e2:32:33:a5:7d:1a:45:b7:23:bb:12:3e:6f:97:12:64:64:a1:
         e6:0d:3d:bb:49:4e:32:ed:c8:01:12:55:81:41:0b:95:b7:a3:
         ae:8a:88:14:f6:14:5e:05:11:ab:14:81:69:75:be:f8:ef:be:
         32:b8:4e:95:61:a0:af:5e:cb:3e:3d:73:fa:a7:f9:4f:b6:f4:
         93:5d:01:75
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlEQ0IxMTAvBgNVBAUTKDE3MjNEQ0I0MUEwNDI2OEE1ODdBQUNFOENGRDlEQUU1
RjlGNTFERjcwHhcNMjIwNTEwMTIzMTI5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdhNWIyMS01ZDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2tNTJHKP894z24gsSqyr2aZP6NGcIBDAsz04UskqwyAY2xr0LaZiVHGI+Zs
+QLKbMTk81lXH3E19dXy/mtfeqajqTqHZtXcNPgxpdTS3gJLpGoUWfEFBbcz5BxO
Tme/dimLarwlV+7N5RR4ohgqqJmwVsB0bBQRYjKgWB25tWeVAtAOh1phP5Kq2yE1
WH4NFgGrZtYbcVLkUC+O6D9CDhLdu9tHs/h51pxPScTddTVRm+SdbWgUUk/KVrq3
1MUWnDUbWScsWF5C2C0iJgn9ZtW9O56RHFTinqfdQRuWby8CpW69cRydqaPEQ2Vc
VfSEqXOL5DU0pJhZJK55Rn7O3QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJYKUUPO
gkRBdgIQA9IrbKKBinnmMB8GA1UdIwQYMBaAFBcj3LQaBCaKWHqs6M/Z2uX59R33
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOURDQi9FNEMwRjU2QzE4
N0YxMUVCQUUyOTY5MkVDNEY5QUUwMi9GeVBjdEJvRUpvcFllcXpvejluYTVmbjFI
ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Z5UGN0Qm9FSm9wWWVxem96OW5hNWZuMUhmYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTlEQ0IvRTRDMEY1NkMxODdGMTFFQkFFMjk2OTJFQzRGOUFFMDIvMjdCMzA4OUMy
NUZGMTFFQkFGNjM0OTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIbeyADBAK3sUwDBAHKK9gwDQYJKoZIhvcNAQELBQADggEB
ABCUplM6nmbIsNE+LJsrteEBG3ZC80obKeLm+sdKOFtdi37vvhRnzAdjdiTVJX6C
QuHQbL0lEqFyzsebr1npD7xm7lF8nyFEV9qcr2kykqY0s3SHHcH/T75Ng8aVG79g
/W29CuzksKeu5V6fhaYeKmb4n8aVUWAplIV7QJfyYCGdJhWzCdk9aTgHd1Jc4r7+
lIwur8w39WQQTrVEHWOpZSXoKgiFg7dqfghMCLL5ceFn8XqVi+IyM6V9GkW3I7sS
Pm+XEmRkoeYNPbtJTjLtyAESVYFBC5W3o66KiBT2FF4FEasUgWl1vvjvvjK4TpVh
oK9eyz49c/qn+U+29JNdAXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org