Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/2B3F8F14208711EE93679414C4F9AE02.roa
File:                     2B3F8F14208711EE93679414C4F9AE02.roa (raw, json)
Hash identifier:          AqxEyK6R/i7axyUE7ikWqkARBUz9hKFH7S7xG1jC3rE=
Subject key identifier:   F1:6E:35:E1:EF:34:D2:C7:24:9D:9A:77:2D:03:E8:56:CD:4D:8A:44
Certificate issuer:       /CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
Certificate serial:       0753
Authority key identifier: 70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/2B3F8F14208711EE93679414C4F9AE02.roa
Signing time:             Wed 12 Jul 2023 07:39:01 +0000
ROA not before:           Wed 12 Jul 2023 07:39:01 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     57455
IP address blocks:        2400:5180::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1875 (0x753)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913CA4B/serialNumber=709210CF761EC67FB394EA5896A5C647B305EEF1
        Validity
            Not Before: Jul 12 07:39:01 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=64ae5895-a69f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9b:c6:70:d0:4e:c6:cc:dd:82:15:94:b3:73:
                    4c:5a:42:a9:a7:95:8f:62:34:02:fd:ba:0b:5a:d0:
                    f7:8d:d0:10:99:f6:38:69:ea:7c:37:08:6b:4c:a6:
                    8e:54:c2:3f:fc:7e:77:fc:6f:9f:dc:f8:82:95:05:
                    90:4c:db:f1:18:d6:56:8a:98:64:2e:eb:7f:df:b7:
                    07:5d:4d:94:27:d6:db:54:05:64:6a:dc:08:e8:50:
                    49:7b:c9:b4:1e:8e:89:8c:77:b4:02:42:30:c0:b8:
                    87:25:76:42:92:91:aa:5d:c8:29:d9:fb:7e:8a:db:
                    e5:ee:7e:d9:dd:72:e1:a1:51:d8:a7:3a:46:52:d4:
                    32:c2:21:93:70:19:91:9f:e5:74:ea:7c:e1:13:01:
                    a8:e3:f2:08:2a:1d:f1:86:4a:55:89:32:ea:c5:b7:
                    4f:db:e9:a9:ac:61:b2:93:da:a0:88:5c:9a:c1:25:
                    50:9f:8c:29:26:7c:a8:08:81:2f:1d:58:53:8f:ac:
                    de:bb:05:73:a4:3c:19:97:f2:1f:1d:6c:4d:bd:db:
                    72:a6:62:77:c8:1d:4c:ba:ba:1f:f2:5e:1a:a3:ea:
                    fe:73:d6:84:bf:40:9b:28:9f:60:8e:28:dc:2b:af:
                    15:e4:e8:d3:80:7e:77:09:83:92:01:61:71:13:59:
                    c2:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6E:35:E1:EF:34:D2:C7:24:9D:9A:77:2D:03:E8:56:CD:4D:8A:44
            X509v3 Authority Key Identifier:
                keyid:70:92:10:CF:76:1E:C6:7F:B3:94:EA:58:96:A5:C6:47:B3:05:EE:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/cJIQz3Yexn-zlOpYlqXGR7MF7vE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJIQz3Yexn-zlOpYlqXGR7MF7vE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CA4B/DC2F0432BF8011EA96FE4A68C4F9AE02/2B3F8F14208711EE93679414C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:5180::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:41:a8:70:27:14:7e:d0:19:ab:85:02:b0:ad:e3:3d:d5:35:
         df:8e:2c:49:13:61:0c:c0:92:cb:c3:56:4e:33:44:aa:31:4f:
         35:be:4b:7a:cc:bb:28:35:02:68:02:47:22:70:d6:db:68:88:
         23:66:7f:79:97:db:37:17:e9:f6:4b:d7:95:d3:9f:9a:bb:95:
         ca:50:f4:b1:d8:7a:71:c8:10:59:36:6e:72:f2:f7:04:65:11:
         b2:9a:b2:aa:68:de:b6:dc:08:b7:5e:c7:45:77:9f:25:0d:c7:
         6e:f2:7b:77:96:7b:1d:fc:d2:c4:f4:c8:d5:84:dd:c5:2b:c0:
         13:ea:60:7d:36:25:ca:92:e3:84:8b:b5:ec:2e:af:f5:0c:d2:
         4c:b0:95:b4:0a:f4:87:11:78:63:e2:99:67:a7:f3:d3:13:36:
         b8:e0:e5:86:f1:49:56:55:36:17:7d:55:38:47:40:72:bf:99:
         5b:d8:c8:e8:29:94:7d:79:84:57:e0:88:60:9c:18:f0:21:2a:
         5d:51:b0:5e:f5:80:5c:be:2c:95:47:ff:b5:5f:27:96:ed:17:
         46:35:f5:a6:75:34:06:31:78:a7:d8:19:5d:dc:c1:ab:bc:b7:
         a6:9b:2f:64:3a:7a:dd:5a:2a:eb:15:0e:98:08:21:f8:50:6e:
         12:e4:17:eb
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICB1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBNEIxMTAvBgNVBAUTKDcwOTIxMENGNzYxRUM2N0ZCMzk0RUE1ODk2QTVDNjQ3
QjMwNUVFRjEwHhcNMjMwNzEyMDczOTAxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFlNTg5NS1hNjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6JvGcNBOxszdghWUs3NMWkKpp5WPYjQC/boLWtD3jdAQmfY4aep8NwhrTKaO
VMI//H53/G+f3PiClQWQTNvxGNZWiphkLut/37cHXU2UJ9bbVAVkatwI6FBJe8m0
Ho6JjHe0AkIwwLiHJXZCkpGqXcgp2ft+itvl7n7Z3XLhoVHYpzpGUtQywiGTcBmR
n+V06nzhEwGo4/IIKh3xhkpViTLqxbdP2+mprGGyk9qgiFyawSVQn4wpJnyoCIEv
HVhTj6zeuwVzpDwZl/IfHWxNvdtypmJ3yB1Murof8l4ao+r+c9aEv0CbKJ9gjijc
K68V5OjTgH53CYOSAWFxE1nCiQIDAQABo4ICljCCApIwHQYDVR0OBBYEFPFuNeHv
NNLHJJ2ady0D6FbNTYpEMB8GA1UdIwQYMBaAFHCSEM92HsZ/s5TqWJalxkezBe7x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0E0Qi9EQzJGMDQzMkJG
ODAxMUVBOTZGRTRBNjhDNEY5QUUwMi9jSklRejNZZXhuLXpsT3BZbHFYR1I3TUY3
dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKSVF6M1lleG4temxPcFlscVhHUjdNRjd2RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0NBNEIvREMyRjA0MzJCRjgwMTFFQTk2RkU0QTY4QzRGOUFFMDIvMkIzRjhGMTQy
MDg3MTFFRTkzNjc5NDE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAFGAMA0GCSqGSIb3DQEBCwUAA4IBAQApQahwJxR+0Bmr
hQKwreM91TXfjixJE2EMwJLLw1ZOM0SqMU81vkt6zLsoNQJoAkcicNbbaIgjZn95
l9s3F+n2S9eV05+au5XKUPSx2HpxyBBZNm5y8vcEZRGymrKqaN623Ai3XsdFd58l
Dcdu8nt3lnsd/NLE9MjVhN3FK8AT6mB9NiXKkuOEi7XsLq/1DNJMsJW0CvSHEXhj
4plnp/PTEza44OWG8UlWVTYXfVU4R0Byv5lb2MjoKZR9eYRX4IhgnBjwISpdUbBe
9YBcviyVR/+1XyeW7RdGNfWmdTQGMXin2Bld3MGrvLemmy9kOnrdWirrFQ6YCCH4
UG4S5Bfr
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org