Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912E791/19C68D063A0511ECA944051BC4F9AE02/336570849DCC11EDA9F10954C4F9AE02.roa
File:                     336570849DCC11EDA9F10954C4F9AE02.roa (raw, json)
Hash identifier:          Kn0UhzIIDyKBSi6vhstRLVZPcn/flwLzLstiZtvhXcg=
Subject key identifier:   3A:77:3E:E9:EA:9B:3E:94:AF:0C:E4:D4:0B:07:B6:3F:CC:22:F4:F3
Certificate issuer:       /CN=A912E791/serialNumber=C4D7B94B9DFB64F5C189272330DBDCAD2A7D016E
Certificate serial:       02EF
Authority key identifier: C4:D7:B9:4B:9D:FB:64:F5:C1:89:27:23:30:DB:DC:AD:2A:7D:01:6E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNe5S537ZPXBiScjMNvcrSp9AW4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912E791/19C68D063A0511ECA944051BC4F9AE02/336570849DCC11EDA9F10954C4F9AE02.roa
Signing time:             Thu 26 Jan 2023 22:53:08 +0000
ROA not before:           Thu 26 Jan 2023 22:53:08 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     147066
IP address blocks:        2400:7360::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 751 (0x2ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912E791/serialNumber=C4D7B94B9DFB64F5C189272330DBDCAD2A7D016E
        Validity
            Not Before: Jan 26 22:53:08 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63d30454-e1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:86:11:f0:74:e8:2e:83:c4:8e:19:2e:10:d1:
                    2c:9d:f0:7f:35:14:5f:6d:ea:84:95:5b:2a:c4:39:
                    30:b0:54:58:1e:05:b0:8c:ed:9c:e4:bd:d5:50:ae:
                    a6:b9:ec:85:8c:0c:99:a5:0e:77:32:b3:16:01:f9:
                    2d:33:2a:27:cd:08:cb:6e:2e:0a:1e:12:62:f5:66:
                    1d:d5:e7:91:83:d0:ff:c8:9c:d1:3e:81:8e:07:37:
                    ed:c6:6e:da:12:ea:46:df:66:49:52:e0:1a:f6:72:
                    22:73:dd:a5:d8:97:de:39:bb:b0:05:5d:da:11:ad:
                    45:ae:b0:5d:dc:b9:15:03:d8:38:bb:fe:26:b4:74:
                    da:81:5d:c2:25:c6:0e:32:5b:58:a0:7f:38:da:6d:
                    22:e5:95:2b:f7:4b:8b:f1:32:8d:56:ca:95:31:de:
                    b3:95:1b:6e:75:66:19:f8:4a:a1:a1:23:b1:9a:8b:
                    ad:44:28:1a:04:0a:b4:d3:4e:a8:97:98:5f:eb:e2:
                    dc:d3:6a:7a:73:68:d8:87:e9:21:3e:7c:d7:51:45:
                    11:4e:e4:4e:2c:90:6c:19:ab:87:1d:3f:41:73:4d:
                    5d:c4:a3:72:79:b3:17:67:03:f2:69:5a:68:d9:c0:
                    b4:07:fb:57:32:1b:c4:1a:0d:0c:b8:21:11:42:97:
                    fd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:77:3E:E9:EA:9B:3E:94:AF:0C:E4:D4:0B:07:B6:3F:CC:22:F4:F3
            X509v3 Authority Key Identifier:
                keyid:C4:D7:B9:4B:9D:FB:64:F5:C1:89:27:23:30:DB:DC:AD:2A:7D:01:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912E791/19C68D063A0511ECA944051BC4F9AE02/xNe5S537ZPXBiScjMNvcrSp9AW4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xNe5S537ZPXBiScjMNvcrSp9AW4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E791/19C68D063A0511ECA944051BC4F9AE02/336570849DCC11EDA9F10954C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:7360::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:5c:13:93:37:79:f5:66:42:a7:44:b3:d3:2d:f4:04:fb:72:
         74:60:6f:b4:bf:97:01:f8:15:b9:d0:49:5c:5f:7d:22:a7:62:
         ca:5b:ff:48:46:cd:3e:01:17:04:42:85:c7:b0:98:1f:88:50:
         9b:d1:bb:6b:2f:a6:76:bd:38:98:26:c6:1a:55:68:da:b5:1e:
         1e:60:9d:80:55:13:24:c4:bb:17:3b:1f:c4:4b:bd:90:77:32:
         e2:f9:c2:08:be:b9:a0:4b:63:5f:67:9d:de:bb:c2:69:5e:be:
         8f:14:46:46:df:ee:31:6a:88:cb:dd:58:f5:ce:54:bc:df:9e:
         10:a2:50:7e:7f:8a:52:12:14:4a:3f:fc:70:c3:9e:00:79:20:
         92:ef:b1:f9:31:8e:e2:7b:27:ff:eb:d7:85:80:1b:90:40:59:
         3e:28:d9:08:29:c6:53:65:18:15:77:a8:82:30:c2:1d:4a:8d:
         c3:5c:74:e4:ba:5b:c0:aa:3a:aa:f3:99:58:f0:f2:f5:3b:8d:
         51:34:48:3a:e4:1b:86:59:74:95:ac:10:35:82:1e:24:be:54:
         93:6f:cf:e7:1b:95:12:69:26:01:fa:a3:c9:0a:33:c7:b3:8f:
         c1:02:23:41:99:5b:bb:8f:c1:97:16:46:9d:51:83:41:ab:23:
         ca:3e:16:87
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU3OTExMTAvBgNVBAUTKEM0RDdCOTRCOURGQjY0RjVDMTg5MjcyMzMwREJEQ0FE
MkE3RDAxNkUwHhcNMjMwMTI2MjI1MzA4WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzMDQ1NC1lMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs4YR8HToLoPEjhkuENEsnfB/NRRfbeqElVsqxDkwsFRYHgWwjO2c5L3VUK6m
ueyFjAyZpQ53MrMWAfktMyonzQjLbi4KHhJi9WYd1eeRg9D/yJzRPoGOBzftxm7a
EupG32ZJUuAa9nIic92l2JfeObuwBV3aEa1FrrBd3LkVA9g4u/4mtHTagV3CJcYO
MltYoH842m0i5ZUr90uL8TKNVsqVMd6zlRtudWYZ+EqhoSOxmoutRCgaBAq0006o
l5hf6+Lc02p6c2jYh+khPnzXUUURTuROLJBsGauHHT9Bc01dxKNyebMXZwPyaVpo
2cC0B/tXMhvEGg0MuCERQpf9TQIDAQABo4ICljCCApIwHQYDVR0OBBYEFDp3Punq
mz6Urwzk1AsHtj/MIvTzMB8GA1UdIwQYMBaAFMTXuUud+2T1wYknIzDb3K0qfQFu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTc5MS8xOUM2OEQwNjNB
MDUxMUVDQTk0NDA1MUJDNEY5QUUwMi94TmU1UzUzN1pQWEJpU2NqTU52Y3JTcDlB
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hOZTVTNTM3WlBYQmlTY2pNTnZjclNwOUFXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU3OTEvMTlDNjhEMDYzQTA1MTFFQ0E5NDQwNTFCQzRGOUFFMDIvMzM2NTcwODQ5
RENDMTFFREE5RjEwOTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAHNgMA0GCSqGSIb3DQEBCwUAA4IBAQA4XBOTN3n1ZkKn
RLPTLfQE+3J0YG+0v5cB+BW50ElcX30ip2LKW/9IRs0+ARcEQoXHsJgfiFCb0btr
L6Z2vTiYJsYaVWjatR4eYJ2AVRMkxLsXOx/ES72QdzLi+cIIvrmgS2NfZ53eu8Jp
Xr6PFEZG3+4xaojL3Vj1zlS8354QolB+f4pSEhRKP/xww54AeSCS77H5MY7ieyf/
69eFgBuQQFk+KNkIKcZTZRgVd6iCMMIdSo3DXHTkulvAqjqq85lY8PL1O41RNEg6
5BuGWXSVrBA1gh4kvlSTb8/nG5USaSYB+qPJCjPHs4/BAiNBmVu7j8GXFkadUYNB
qyPKPhaH
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org