Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912142C/20B37CFE1D8711E2BDEFF7DE08B02CD2/17A3B5D8DC3511E984B05D2FC4F9AE02.roa
File:                     17A3B5D8DC3511E984B05D2FC4F9AE02.roa (raw, json)
Hash identifier:          6UtTKNvsD29W5cA/2xb9ipPFgqMf9IBBD75jrhVCUOE=
Subject key identifier:   1B:4C:53:6F:4F:70:46:A8:70:20:A9:30:08:8D:6D:2E:D7:47:FC:0E
Certificate issuer:       /CN=A912142C/serialNumber=BF583FF07DA356FDE282819F47BCEE247513119A
Certificate serial:       2EF6
Authority key identifier: BF:58:3F:F0:7D:A3:56:FD:E2:82:81:9F:47:BC:EE:24:75:13:11:9A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1g_8H2jVv3igoGfR7zuJHUTEZo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912142C/20B37CFE1D8711E2BDEFF7DE08B02CD2/17A3B5D8DC3511E984B05D2FC4F9AE02.roa
Signing time:             Wed 16 Jun 2021 14:40:27 +0000
ROA not before:           Wed 16 Jun 2021 14:40:27 +0000
ROA not after:            Wed 31 Aug 2022 00:00:00 +0000
asID:                     10076
IP address blocks:        202.5.192.0/20 maxlen: 24
                          2404:ec80::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12022 (0x2ef6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912142C/serialNumber=BF583FF07DA356FDE282819F47BCEE247513119A
        Validity
            Not Before: Jun 16 14:40:27 2021 GMT
            Not After : Aug 31 00:00:00 2022 GMT
        Subject: CN=60ca0d5b-5a3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:dd:8e:86:6c:7a:b1:a4:86:3b:70:09:57:72:
                    df:86:73:6d:51:58:01:53:be:c3:54:59:f4:6f:e5:
                    41:7c:55:e7:4a:1f:82:3d:d5:ab:5e:0d:43:93:ff:
                    b9:65:01:03:f6:6a:58:f8:c3:0a:39:56:77:c9:2e:
                    0c:8e:4b:36:7b:cb:3c:c9:71:fc:29:c0:b6:db:f3:
                    9f:b3:34:65:b5:ab:a6:a7:8b:22:f5:7e:a8:37:93:
                    15:b2:e8:ad:87:4f:5d:e4:d9:39:fb:e6:ef:48:f0:
                    11:31:71:ee:bb:0e:f2:8d:d3:ee:5a:cb:36:fa:e3:
                    2d:5a:39:98:f9:fb:85:91:b4:b5:88:a9:9b:c5:a3:
                    09:b4:88:98:3e:b1:57:7d:37:17:0d:d1:4c:77:35:
                    1f:26:62:27:76:46:25:74:41:d7:51:33:07:b9:b6:
                    50:1f:16:14:cc:48:0f:c6:06:39:f8:b8:c2:94:05:
                    c0:78:b6:b0:73:5e:ec:7f:e0:0d:26:79:36:03:0c:
                    7c:03:fb:f4:ea:09:57:31:69:a7:32:88:2c:44:85:
                    ff:cf:1e:c2:d4:4c:9e:6c:86:8e:8c:19:6b:f7:53:
                    7a:37:f7:3f:33:1e:cf:9c:00:01:de:bd:2d:79:eb:
                    b0:d8:96:5e:08:ad:27:32:a4:e7:67:e8:64:27:21:
                    8a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:4C:53:6F:4F:70:46:A8:70:20:A9:30:08:8D:6D:2E:D7:47:FC:0E
            X509v3 Authority Key Identifier:
                keyid:BF:58:3F:F0:7D:A3:56:FD:E2:82:81:9F:47:BC:EE:24:75:13:11:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912142C/20B37CFE1D8711E2BDEFF7DE08B02CD2/v1g_8H2jVv3igoGfR7zuJHUTEZo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1g_8H2jVv3igoGfR7zuJHUTEZo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912142C/20B37CFE1D8711E2BDEFF7DE08B02CD2/17A3B5D8DC3511E984B05D2FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.5.192.0/20
                IPv6:
                  2404:ec80::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:6e:e9:73:cd:71:59:79:a2:a4:9e:95:6b:f3:60:5f:38:cd:
         a3:a4:c0:e3:57:d5:bf:65:c6:db:89:a3:0c:1f:47:c3:7e:ed:
         fa:ff:c3:f5:22:f7:f6:52:c5:3d:68:92:dc:3e:94:de:31:3a:
         6a:70:fc:7c:85:f9:15:0d:f8:14:e4:b2:df:01:1e:b6:2c:98:
         88:19:16:89:b2:85:04:e8:0e:48:97:b4:53:34:2b:56:8d:2e:
         54:aa:a8:4e:8b:7e:4b:d3:86:57:28:72:a7:fd:1e:d5:59:1c:
         1e:4c:dd:00:19:22:78:b2:14:a0:92:0f:f3:3b:e2:22:1c:5e:
         3e:e7:2b:c4:25:9c:bf:d1:9f:1b:43:f1:74:f9:1d:60:1d:30:
         96:85:d6:61:87:28:17:3a:5d:53:37:e8:f5:c9:4e:e6:fe:03:
         44:33:6b:a4:67:f9:b5:be:4e:ca:93:72:1f:9b:dc:90:a0:a2:
         d6:10:7c:42:d3:bd:2e:e0:f2:f3:b2:f6:7d:27:17:7b:36:17:
         61:ac:22:39:28:d4:e0:d7:95:36:1e:61:6b:95:62:6d:05:ac:
         b6:bd:39:93:0d:f1:a1:63:6e:47:71:ce:e2:d8:61:c6:1d:f2:
         72:8a:e6:28:71:90:68:a4:94:5c:1f:31:b4:e4:df:c4:f6:22:
         f9:7d:d0:19
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICLvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE0MkMxMTAvBgNVBAUTKEJGNTgzRkYwN0RBMzU2RkRFMjgyODE5RjQ3QkNFRTI0
NzUxMzExOUEwHhcNMjEwNjE2MTQ0MDI3WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGNhMGQ1Yi01YTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA692Ohmx6saSGO3AJV3LfhnNtUVgBU77DVFn0b+VBfFXnSh+CPdWrXg1Dk/+5
ZQED9mpY+MMKOVZ3yS4Mjks2e8s8yXH8KcC22/OfszRltaump4si9X6oN5MVsuit
h09d5Nk5++bvSPARMXHuuw7yjdPuWss2+uMtWjmY+fuFkbS1iKmbxaMJtIiYPrFX
fTcXDdFMdzUfJmIndkYldEHXUTMHubZQHxYUzEgPxgY5+LjClAXAeLawc17sf+AN
Jnk2Awx8A/v06glXMWmnMogsRIX/zx7C1EyebIaOjBlr91N6N/c/Mx7PnAAB3r0t
eeuw2JZeCK0nMqTnZ+hkJyGK3wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBtMU29P
cEaocCCpMAiNbS7XR/wOMB8GA1UdIwQYMBaAFL9YP/B9o1b94oKBn0e87iR1ExGa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTQyQy8yMEIzN0NGRTFE
ODcxMUUyQkRFRkY3REUwOEIwMkNEMi92MWdfOEgyalZ2M2lnb0dmUjd6dUpIVVRF
Wm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxZ184SDJqVnYzaWdvR2ZSN3p1SkhVVEVaby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE0MkMvMjBCMzdDRkUxRDg3MTFFMkJERUZGN0RFMDhCMDJDRDIvMTdBM0I1RDhE
QzM1MTFFOTg0QjA1RDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBATKBcAwDQQCAAIwBwMFACQE7IAwDQYJKoZIhvcNAQELBQAD
ggEBAIZu6XPNcVl5oqSelWvzYF84zaOkwONX1b9lxtuJowwfR8N+7fr/w/Ui9/ZS
xT1oktw+lN4xOmpw/HyF+RUN+BTkst8BHrYsmIgZFomyhQToDkiXtFM0K1aNLlSq
qE6LfkvThlcocqf9HtVZHB5M3QAZIniyFKCSD/M74iIcXj7nK8QlnL/RnxtD8XT5
HWAdMJaF1mGHKBc6XVM36PXJTub+A0Qza6Rn+bW+TsqTch+b3JCgotYQfELTvS7g
8vOy9n0nF3s2F2GsIjko1ODXlTYeYWuVYm0FrLa9OZMN8aFjbkdxzuLYYcYd8nKK
5ihxkGiklFwfMbTk38T2Ivl90Bk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org