Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/D263039A06E611ED819D663AC4F9AE02.roa
File:                     D263039A06E611ED819D663AC4F9AE02.roa (raw, json)
Hash identifier:          Lo/7tzqyWQWxVTdAD87hK+W5zi6IXmqGIPcg/V7rmOE=
Subject key identifier:   8B:B9:B5:2D:0E:6E:48:90:31:56:EE:61:86:31:E1:8F:AE:6D:C8:9C
Certificate issuer:       /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial:       01B6
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/D263039A06E611ED819D663AC4F9AE02.roa
Signing time:             Tue 11 Oct 2022 04:53:55 +0000
ROA not before:           Tue 11 Oct 2022 04:53:55 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        223.29.128.0/22 maxlen: 22
                          223.29.132.0/22 maxlen: 22
                          223.29.136.0/22 maxlen: 22
                          223.29.140.0/22 maxlen: 22
                          223.29.144.0/22 maxlen: 22
                          223.29.148.0/22 maxlen: 22
                          223.29.152.0/22 maxlen: 22
                          223.29.156.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 438 (0x1b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
        Validity
            Not Before: Oct 11 04:53:55 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=6344f6e2-f02c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f8:4f:9b:ae:a1:37:63:ae:05:9d:b5:20:c7:
                    2e:ed:87:bf:67:b0:df:c3:2b:e3:41:3c:3d:48:5f:
                    fd:8e:f4:d2:d4:f7:ba:a9:20:71:e7:2b:d2:b6:cc:
                    bb:8c:6c:c1:64:90:15:82:1f:35:e3:30:6a:80:14:
                    d7:c7:2e:5d:74:84:b9:09:df:45:76:60:f1:41:a9:
                    62:56:df:10:53:4f:50:20:8d:59:31:99:03:8e:01:
                    13:be:81:48:a7:7a:83:eb:c8:58:a5:bf:a3:fe:07:
                    4a:ee:99:24:4a:dc:1c:fd:77:a7:c9:03:f4:96:95:
                    e7:2c:54:1a:de:cc:d3:ca:09:19:78:c9:e6:83:e2:
                    0f:fa:73:f8:df:17:05:3d:06:f9:ff:92:a5:b8:ed:
                    29:eb:85:4c:c6:9b:fe:cd:1e:bf:c2:26:4a:7c:cf:
                    9d:20:9e:18:b3:6f:b0:92:3a:d5:6d:f7:cd:8d:86:
                    e0:71:b0:a3:36:0f:08:3b:fa:1a:6a:86:d1:6b:82:
                    ab:ac:53:dd:e0:92:c3:b8:e2:87:5d:7a:12:e2:13:
                    c6:df:aa:77:1b:3b:b5:72:4d:fd:7c:de:1e:28:0b:
                    31:ed:34:b7:04:c4:26:9d:2f:10:ae:de:41:a3:79:
                    70:d2:28:e4:19:76:44:44:57:dc:d2:b9:ab:07:68:
                    b0:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:B9:B5:2D:0E:6E:48:90:31:56:EE:61:86:31:E1:8F:AE:6D:C8:9C
            X509v3 Authority Key Identifier:
                keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/D263039A06E611ED819D663AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.29.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         03:3b:20:ee:d1:8d:80:d8:f0:24:0d:ce:ff:45:0c:9a:a5:e9:
         b6:6d:77:85:6e:eb:78:34:9f:95:28:66:52:2e:68:33:3d:fe:
         05:43:53:e7:56:47:8b:97:b6:05:dd:74:e4:a8:ad:0f:98:6a:
         6e:16:6f:33:64:ae:03:3c:dc:1e:51:99:a5:b6:11:0f:5f:d0:
         7b:06:d2:aa:30:7f:88:8b:74:1f:30:b6:d8:3f:b2:b6:71:7e:
         90:06:36:58:fd:7b:b4:c9:40:74:a3:b0:be:ef:40:3d:63:32:
         ad:84:1e:7a:47:60:63:ed:8f:11:6d:d0:69:26:01:03:ea:f9:
         e8:1b:d9:27:86:00:08:48:47:65:a1:0c:14:0b:b9:c0:82:38:
         a4:fe:8d:04:c8:14:ac:f3:5e:a4:3e:3b:b0:4e:a6:25:44:57:
         08:65:a5:38:59:3a:44:bf:82:2e:e0:7f:08:8a:b2:e8:4c:a6:
         cc:99:b9:9c:26:39:ae:74:ac:49:f6:61:b0:dd:c0:56:58:74:
         40:28:b1:c1:ca:ca:51:4b:04:4a:b9:7e:1f:92:b2:64:47:22:
         03:6a:76:7d:b8:cb:fa:68:4b:a7:8e:e9:54:f3:05:69:b8:06:
         98:c9:d2:7f:02:58:ab:e6:82:ed:8f:6c:64:b3:91:ee:a0:9c:
         8a:a4:0a:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjIxMDExMDQ1MzU1WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ0ZjZlMi1mMDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0vhPm66hN2OuBZ21IMcu7Ye/Z7DfwyvjQTw9SF/9jvTS1Pe6qSBx5yvStsy7
jGzBZJAVgh814zBqgBTXxy5ddIS5Cd9FdmDxQaliVt8QU09QII1ZMZkDjgETvoFI
p3qD68hYpb+j/gdK7pkkStwc/XenyQP0lpXnLFQa3szTygkZeMnmg+IP+nP43xcF
PQb5/5KluO0p64VMxpv+zR6/wiZKfM+dIJ4Ys2+wkjrVbffNjYbgcbCjNg8IO/oa
aobRa4KrrFPd4JLDuOKHXXoS4hPG36p3Gzu1ck39fN4eKAsx7TS3BMQmnS8Qrt5B
o3lw0ijkGXZERFfc0rmrB2iwmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIu5tS0O
bkiQMVbuYYYx4Y+ubcicMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvRDI2MzAzOUEw
NkU2MTFFRDgxOUQ2NjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXfHYAwDQYJKoZIhvcNAQELBQADggEBAAM7IO7RjYDY8CQN
zv9FDJql6bZtd4Vu63g0n5UoZlIuaDM9/gVDU+dWR4uXtgXddOSorQ+Yam4WbzNk
rgM83B5RmaW2EQ9f0HsG0qowf4iLdB8wttg/srZxfpAGNlj9e7TJQHSjsL7vQD1j
Mq2EHnpHYGPtjxFt0GkmAQPq+egb2SeGAAhIR2WhDBQLucCCOKT+jQTIFKzzXqQ+
O7BOpiVEVwhlpThZOkS/gi7gfwiKsuhMpsyZuZwmOa50rEn2YbDdwFZYdEAoscHK
ylFLBEq5fh+SsmRHIgNqdn24y/poS6eO6VTzBWm4BpjJ0n8CWKvmgu2PbGSzke6g
nIqkCtA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org