Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/2ED87ADCCA0C11E7AAF3DF3EC4F9AE02.roa
File:                     2ED87ADCCA0C11E7AAF3DF3EC4F9AE02.roa (raw, json)
Hash identifier:          1MwLf05otCkKUnPVLRSQ0xLhHnlFtO2KVwhCwq2m52s=
Subject key identifier:   F2:D2:0B:B6:3D:1B:60:A5:4F:5F:FE:2E:DE:E2:04:80:97:1A:39:7E
Certificate issuer:       /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial:       1416
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/2ED87ADCCA0C11E7AAF3DF3EC4F9AE02.roa
Signing time:             Mon 07 Feb 2022 17:43:38 +0000
ROA not before:           Mon 07 Feb 2022 17:43:38 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     23966
IP address blocks:        203.128.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5142 (0x1416)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
        Validity
            Not Before: Feb  7 17:43:38 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=62015a49-c285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:40:2e:45:82:56:be:a3:46:02:de:62:05:b9:
                    96:75:ee:fb:b5:2f:a6:29:a6:af:b3:b1:4d:9d:3d:
                    3b:e4:b2:19:02:4f:ef:d1:f0:6a:42:93:39:e5:a5:
                    bd:07:7d:1c:6e:31:85:d9:d7:6d:99:e5:17:ea:78:
                    ae:aa:77:05:bc:72:c1:44:57:e2:7c:21:c2:d4:59:
                    20:98:89:cd:73:e4:b0:dc:93:a4:4d:c1:d2:00:e7:
                    71:10:2b:9c:a2:dd:0f:8e:be:a5:81:7d:f1:e6:2d:
                    0e:38:b9:c2:0b:92:2e:54:19:74:26:44:fa:9e:23:
                    50:35:b8:12:93:46:f4:8b:79:d4:9c:83:b3:1d:9c:
                    68:de:4a:95:d1:03:40:70:32:6e:53:12:29:c5:31:
                    ee:02:7e:3b:0e:57:2d:dd:42:e6:08:46:c7:d4:41:
                    53:03:e0:2f:62:d6:fc:4f:69:c8:48:1f:25:cd:26:
                    36:58:df:b2:cb:5b:2d:11:08:d2:0a:68:2e:56:78:
                    c9:86:ca:e4:29:44:ab:9b:69:73:3e:58:17:5e:ab:
                    f7:82:00:6c:b4:d7:ce:c4:6f:0b:38:41:37:f8:51:
                    48:fc:89:76:e5:e7:b0:21:55:38:d5:0e:b7:84:ff:
                    d3:39:58:4c:a7:51:05:ab:14:a9:36:2e:3c:5c:25:
                    09:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:D2:0B:B6:3D:1B:60:A5:4F:5F:FE:2E:DE:E2:04:80:97:1A:39:7E
            X509v3 Authority Key Identifier:
                keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/2ED87ADCCA0C11E7AAF3DF3EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.128.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:ae:b2:03:5d:0b:ae:d0:3a:2f:c0:3d:57:74:2d:e5:cd:a1:
         9e:15:2d:3b:83:d2:55:11:de:db:17:f6:02:86:3a:2c:3d:c6:
         ea:ae:20:e8:4a:47:60:c3:34:0e:ea:89:2b:60:ec:e9:e9:a5:
         19:76:5d:3f:fd:c7:1a:48:1c:28:0b:76:ce:c7:09:9c:2a:25:
         95:3c:cf:7d:22:25:dc:aa:45:44:4d:85:49:ce:60:83:02:15:
         c8:37:14:52:df:9d:17:95:9d:79:29:df:34:50:86:7e:5c:ba:
         f3:f3:09:5d:de:27:74:60:f4:d1:93:00:0e:e8:17:f3:42:8d:
         5a:72:b0:89:06:d2:33:90:51:ff:bd:78:bf:fd:16:e6:1c:ce:
         5f:34:4c:b7:71:9e:d6:c8:6c:18:4a:d6:ed:e1:a5:19:60:c9:
         3e:d8:b6:d5:87:cb:94:84:0a:c1:1f:3d:57:e5:25:8c:62:70:
         ef:e8:38:2d:15:5f:78:25:30:d5:4f:34:b1:8f:f7:da:a5:7f:
         38:1a:4b:81:bb:68:b2:cb:3a:8f:be:d0:8a:69:50:f0:21:b4:
         a2:f0:04:03:a7:f3:44:ca:92:fd:7f:07:58:ac:5b:2d:89:9f:
         99:48:1d:f9:01:7f:15:53:56:b9:b0:49:99:60:8a:91:e1:8d:
         30:e8:49:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjIwMjA3MTc0MzM4WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAxNWE0OS1jMjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoUAuRYJWvqNGAt5iBbmWde77tS+mKaavs7FNnT075LIZAk/v0fBqQpM55aW9
B30cbjGF2ddtmeUX6niuqncFvHLBRFfifCHC1FkgmInNc+Sw3JOkTcHSAOdxECuc
ot0Pjr6lgX3x5i0OOLnCC5IuVBl0JkT6niNQNbgSk0b0i3nUnIOzHZxo3kqV0QNA
cDJuUxIpxTHuAn47Dlct3ULmCEbH1EFTA+AvYtb8T2nISB8lzSY2WN+yy1stEQjS
CmguVnjJhsrkKUSrm2lzPlgXXqv3ggBstNfOxG8LOEE3+FFI/Il25eewIVU41Q63
hP/TOVhMp1EFqxSpNi48XCUJPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPLSC7Y9
G2ClT1/+Lt7iBICXGjl+MB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvMkVEODdBREND
QTBDMTFFN0FBRjNERjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLgAgwDQYJKoZIhvcNAQELBQADggEBAJKusgNdC67QOi/A
PVd0LeXNoZ4VLTuD0lUR3tsX9gKGOiw9xuquIOhKR2DDNA7qiStg7OnppRl2XT/9
xxpIHCgLds7HCZwqJZU8z30iJdyqRURNhUnOYIMCFcg3FFLfnReVnXkp3zRQhn5c
uvPzCV3eJ3Rg9NGTAA7oF/NCjVpysIkG0jOQUf+9eL/9FuYczl80TLdxntbIbBhK
1u3hpRlgyT7YttWHy5SECsEfPVflJYxicO/oOC0VX3glMNVPNLGP99qlfzgaS4G7
aLLLOo++0IppUPAhtKLwBAOn80TKkv1/B1isWy2Jn5lIHfkBfxVTVrmwSZlgipHh
jTDoSXg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org