Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/BD529870152511ECAD055780C4F9AE02.roa
File:                     BD529870152511ECAD055780C4F9AE02.roa (raw, json)
Hash identifier:          9zwJJOdEWW7YOdRznuOstz8i5YCc0MuVKRmHHKFsdsI=
Subject key identifier:   48:F9:43:FC:04:DF:52:48:10:00:1A:90:DA:F5:3E:C5:DA:1F:85:E6
Certificate issuer:       /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Certificate serial:       0358
Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/BD529870152511ECAD055780C4F9AE02.roa
Signing time:             Tue 21 Jun 2022 05:07:48 +0000
ROA not before:           Tue 21 Jun 2022 05:07:48 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     9231
IP address blocks:        58.82.194.0/23 maxlen: 24
                          58.82.240.0/20 maxlen: 24
                          182.239.112.0/20 maxlen: 24
                          203.142.97.0/24 maxlen: 24
                          223.122.0.0/18 maxlen: 24
                          2401:3000::/36 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 856 (0x358)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
        Validity
            Not Before: Jun 21 05:07:48 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62b15224-c197
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:da:5a:24:41:7c:a6:8a:6f:69:c9:ff:c8:0a:
                    67:dc:a7:28:ef:36:47:68:5b:4e:21:32:ae:65:16:
                    16:90:a8:c2:d0:48:fa:76:92:7e:61:07:b6:df:cb:
                    1a:66:55:c4:b0:96:6b:8a:76:f9:e1:a4:c1:e8:a9:
                    18:c1:78:b3:d1:f5:a9:5a:d8:ec:64:a4:e3:22:6c:
                    06:e1:dd:1a:24:e6:92:22:09:74:be:1a:1c:27:47:
                    5d:35:b5:eb:77:ee:9e:9a:58:c9:24:a4:1a:79:d4:
                    4f:24:b8:e2:57:bc:b8:9a:ba:58:58:70:db:be:d7:
                    05:4d:37:a8:af:8c:2a:a0:30:e3:d6:37:9d:cd:c7:
                    ad:73:ea:38:d7:27:81:13:5d:c3:52:f9:c6:16:95:
                    6a:af:0f:d7:55:18:0a:b6:f1:ce:9c:62:f5:3c:26:
                    b7:22:74:c7:bd:99:1b:4e:ea:99:ca:49:da:ba:65:
                    02:3f:8a:8c:81:2c:89:79:6b:0b:bd:45:e0:02:69:
                    3a:57:4a:dd:8f:a7:04:24:ad:1d:60:47:cd:e0:04:
                    b4:77:ac:33:2c:90:77:86:38:85:60:97:30:30:43:
                    10:63:95:6c:bc:5a:f4:02:27:57:45:84:03:46:e4:
                    e3:83:cd:2b:6f:aa:90:b0:32:8e:23:78:21:29:45:
                    7f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:F9:43:FC:04:DF:52:48:10:00:1A:90:DA:F5:3E:C5:DA:1F:85:E6
            X509v3 Authority Key Identifier:
                keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/BD529870152511ECAD055780C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.82.194.0/23
                  58.82.240.0/20
                  182.239.112.0/20
                  203.142.97.0/24
                  223.122.0.0/18
                IPv6:
                  2401:3000::/36

    Signature Algorithm: sha256WithRSAEncryption
         43:2b:16:b5:9f:cb:01:fc:ca:77:9a:f5:f6:ff:3d:f3:0b:b1:
         2d:17:73:4a:6f:8b:d5:10:96:28:d7:87:98:1e:ff:42:6f:44:
         47:e9:61:24:e5:25:bf:cd:64:5e:c5:8c:93:8f:82:76:2f:33:
         d7:65:7e:9a:bb:9e:ae:1f:23:db:c5:de:33:76:9a:e9:f7:ea:
         e4:1d:71:ef:46:5d:f4:05:5f:cf:63:dd:35:9a:90:5e:e3:8a:
         42:6a:9a:30:b7:44:89:31:6d:a4:04:1f:f6:39:08:c5:dd:ed:
         a5:84:cb:81:d2:08:b7:6e:56:43:12:09:68:f0:da:6d:21:74:
         23:e9:72:f1:02:6c:44:94:5b:cb:c3:cc:27:14:a8:33:b5:0d:
         5b:1d:57:02:4e:22:9f:dd:36:93:2b:55:da:89:62:aa:92:76:
         5e:77:cc:1b:fd:9b:81:34:df:08:aa:11:ea:d0:4b:66:f0:34:
         5d:58:71:ce:df:93:40:5c:a8:bc:25:44:56:2e:da:63:ad:1c:
         69:27:c2:79:fb:cb:99:75:5e:54:ab:5f:63:6f:80:7c:8e:b7:
         1d:cd:59:f4:a2:42:69:30:c4:3a:44:4d:61:84:0b:07:d4:4d:
         0d:d3:e6:7e:1a:4d:4d:71:c8:a8:5f:f4:b1:99:08:07:93:c5:
         c8:a7:25:ec
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICA1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3
Q0ZGRTc3RUYwHhcNMjIwNjIxMDUwNzQ4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIxNTIyNC1jMTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNpaJEF8popvacn/yApn3Kco7zZHaFtOITKuZRYWkKjC0Ej6dpJ+YQe238sa
ZlXEsJZrinb54aTB6KkYwXiz0fWpWtjsZKTjImwG4d0aJOaSIgl0vhocJ0ddNbXr
d+6emljJJKQaedRPJLjiV7y4mrpYWHDbvtcFTTeor4wqoDDj1jedzcetc+o41yeB
E13DUvnGFpVqrw/XVRgKtvHOnGL1PCa3InTHvZkbTuqZyknaumUCP4qMgSyJeWsL
vUXgAmk6V0rdj6cEJK0dYEfN4AS0d6wzLJB3hjiFYJcwMEMQY5VsvFr0AidXRYQD
RuTjg80rb6qQsDKOI3ghKUV/CQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEj5Q/wE
31JIEAAakNr1PsXaH4XmMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy
MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvQkQ1Mjk4NzAx
NTI1MTFFQ0FEMDU1NzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MCQEAgABMB4DBAE6UsIDBAQ6UvADBAS273ADBADLjmEDBAbfegAwDgQCAAIw
CAMGBCQBMAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBDKxa1n8sB/Mp3mvX2/z3zC7Et
F3NKb4vVEJYo14eYHv9Cb0RH6WEk5SW/zWRexYyTj4J2LzPXZX6au56uHyPbxd4z
dprp9+rkHXHvRl30BV/PY901mpBe44pCapowt0SJMW2kBB/2OQjF3e2lhMuB0gi3
blZDEglo8NptIXQj6XLxAmxElFvLw8wnFKgztQ1bHVcCTiKf3TaTK1XaiWKqknZe
d8wb/ZuBNN8IqhHq0Etm8DRdWHHO35NAXKi8JURWLtpjrRxpJ8J5+8uZdV5Uq19j
b4B8jrcdzVn0okJpMMQ6RE1hhAsH1E0N0+Z+Gk1NccioX/SxmQgHk8XIpyXs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org