Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/88FD2AFC889C11EA85428B4CC4F9AE02.roa
File:                     88FD2AFC889C11EA85428B4CC4F9AE02.roa (raw, json)
Hash identifier:          n2gqGVmbb1a87WT7BLH5hcKgFKzXO3siuuT3dbBDuTs=
Subject key identifier:   F8:37:EA:92:C4:3F:9C:A9:A6:05:B7:A9:26:0E:B8:87:8C:38:99:FB
Certificate issuer:       /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Certificate serial:       07B8
Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/88FD2AFC889C11EA85428B4CC4F9AE02.roa
Signing time:             Fri 01 Jul 2022 09:28:33 +0000
ROA not before:           Fri 01 Jul 2022 09:28:33 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     136561
IP address blocks:        2401:21c0::/32 maxlen: 35

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1976 (0x7b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
        Validity
            Not Before: Jul  1 09:28:33 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62bebe41-5b0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:21:11:0c:5c:bd:f0:d1:26:a1:51:af:b8:5d:
                    18:49:ce:76:f5:fb:c5:dd:00:15:4b:8f:1e:65:a6:
                    4b:f6:9e:e2:2b:37:9e:88:46:2f:bd:10:77:a9:0d:
                    23:f8:71:7d:bb:12:44:33:35:e4:43:c9:01:a4:8b:
                    27:4a:a8:71:a6:05:f9:5d:a3:f8:94:4a:6f:c8:28:
                    7a:cc:42:19:0b:62:10:ef:37:59:0f:a7:21:3b:ec:
                    72:47:11:ae:a4:7e:d3:1b:f3:33:ac:c6:b0:7a:2a:
                    12:c9:cd:ec:27:75:75:67:c4:48:47:d6:c5:30:17:
                    f3:e1:9d:40:90:ee:9c:91:8d:43:8b:6b:48:bc:fc:
                    f6:7c:50:16:3d:fe:3c:a6:e1:2c:ac:72:ab:79:69:
                    a8:66:7b:88:8a:eb:bc:24:0f:62:28:7d:7c:7d:33:
                    a2:6b:38:18:4c:a5:ab:90:1e:2f:17:42:01:c6:0c:
                    81:68:6f:33:da:f7:12:a9:0d:b9:fd:bb:b6:a7:76:
                    5f:1a:a0:cd:da:14:d5:be:d9:99:a7:06:d7:62:24:
                    98:4b:a2:87:09:a7:d8:0e:ed:bb:9d:fb:c9:35:e5:
                    6d:6e:ad:ec:ff:d0:f0:dd:30:df:3f:67:42:1a:a1:
                    10:cc:21:fa:3a:68:fa:ea:0d:2e:ac:ed:84:e0:40:
                    0e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:37:EA:92:C4:3F:9C:A9:A6:05:B7:A9:26:0E:B8:87:8C:38:99:FB
            X509v3 Authority Key Identifier:
                keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/88FD2AFC889C11EA85428B4CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:21c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9d:be:f0:97:9b:82:e4:b5:d6:b4:17:1d:91:bb:35:9b:95:7f:
         9f:e2:e3:8b:19:21:b5:37:51:87:a7:d5:8e:75:f3:f2:5a:2a:
         5f:2b:c7:63:72:db:74:77:29:dc:ed:7c:42:79:c0:07:c0:89:
         af:03:38:d7:b5:34:49:a0:66:fd:55:6e:b5:bb:29:5c:25:36:
         31:86:f0:c9:aa:70:86:af:05:2f:f5:fa:55:f9:a3:60:11:8d:
         28:d0:01:13:51:24:b7:30:53:28:6a:6a:25:9b:3f:28:f0:2a:
         5d:f8:70:25:ae:cc:e2:b2:33:aa:ef:5a:0b:18:14:be:be:96:
         39:bb:f8:d4:8e:29:ee:bc:11:01:69:a2:fc:27:7b:14:f3:2e:
         46:c5:a0:5d:77:53:c0:f0:fa:64:3a:8b:97:45:8c:59:95:93:
         ae:39:7d:a6:86:83:b9:01:9e:71:e6:de:b0:d7:49:0f:f7:4c:
         b7:f3:d6:d6:2b:d9:75:a5:2a:59:4f:74:14:b6:f1:03:cc:b1:
         c0:80:17:04:4e:e6:bc:61:47:9e:87:82:77:92:08:e0:df:f6:
         b4:f7:b8:48:cb:44:3c:50:ce:a4:ec:ea:0b:d1:b2:77:bc:c7:
         59:21:aa:75:7c:be:ad:53:f4:b0:3b:2b:b7:e4:40:49:21:ed:
         3f:f3:d4:c4
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICB7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2
RTRBQkYwOTMwHhcNMjIwNzAxMDkyODMzWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJlYmU0MS01YjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlCERDFy98NEmoVGvuF0YSc529fvF3QAVS48eZaZL9p7iKzeeiEYvvRB3qQ0j
+HF9uxJEMzXkQ8kBpIsnSqhxpgX5XaP4lEpvyCh6zEIZC2IQ7zdZD6chO+xyRxGu
pH7TG/MzrMaweioSyc3sJ3V1Z8RIR9bFMBfz4Z1AkO6ckY1Di2tIvPz2fFAWPf48
puEsrHKreWmoZnuIiuu8JA9iKH18fTOiazgYTKWrkB4vF0IBxgyBaG8z2vcSqQ25
/bu2p3ZfGqDN2hTVvtmZpwbXYiSYS6KHCafYDu27nfvJNeVtbq3s/9Dw3TDfP2dC
GqEQzCH6Omj66g0urO2E4EAOJwIDAQABo4ICljCCApIwHQYDVR0OBBYEFPg36pLE
P5yppgW3qSYOuIeMOJn7MB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2
OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvODhGRDJBRkM4
ODlDMTFFQTg1NDI4QjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkASHAMA0GCSqGSIb3DQEBCwUAA4IBAQCdvvCXm4Lktda0
Fx2RuzWblX+f4uOLGSG1N1GHp9WOdfPyWipfK8djctt0dync7XxCecAHwImvAzjX
tTRJoGb9VW61uylcJTYxhvDJqnCGrwUv9fpV+aNgEY0o0AETUSS3MFMoamolmz8o
8Cpd+HAlrszisjOq71oLGBS+vpY5u/jUjinuvBEBaaL8J3sU8y5GxaBdd1PA8Ppk
OouXRYxZlZOuOX2mhoO5AZ5x5t6w10kP90y389bWK9l1pSpZT3QUtvEDzLHAgBcE
Tua8YUeeh4J3kgjg3/a097hIy0Q8UM6k7OoL0bJ3vMdZIap1fL6tU/SwOyu35EBJ
Ie0/89TE
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org