Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914589A/ACD6FB8A7D9411E7938BCF4EC4F9AE02/6D5E503EEE0A11ECA4DCE367C4F9AE02.roa
File:                     6D5E503EEE0A11ECA4DCE367C4F9AE02.roa (raw, json)
Hash identifier:          +SFq0tYjZz5EFekycyk9TUqcFWfUt6Vt0+wd7mqljvw=
Subject key identifier:   B4:72:71:3C:7C:AB:7B:BB:0B:A5:B9:C4:0B:0E:60:EA:B6:8A:87:B1
Certificate issuer:       /CN=A914589A/serialNumber=262790CD914CEA8EC11E25869B898DE0001FBD09
Certificate serial:       1775
Authority key identifier: 26:27:90:CD:91:4C:EA:8E:C1:1E:25:86:9B:89:8D:E0:00:1F:BD:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JieQzZFM6o7BHiWGm4mN4AAfvQk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914589A/ACD6FB8A7D9411E7938BCF4EC4F9AE02/6D5E503EEE0A11ECA4DCE367C4F9AE02.roa
Signing time:             Thu 06 Oct 2022 17:24:01 +0000
ROA not before:           Thu 06 Oct 2022 17:24:01 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     23893
IP address blocks:        180.210.128.0/19 maxlen: 21
                          180.210.128.0/22 maxlen: 24
                          180.210.132.0/23 maxlen: 24
                          180.210.134.0/23 maxlen: 24
                          180.210.136.0/21 maxlen: 24
                          180.210.144.0/20 maxlen: 24
                          2404:b00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6005 (0x1775)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914589A/serialNumber=262790CD914CEA8EC11E25869B898DE0001FBD09
        Validity
            Not Before: Oct  6 17:24:01 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=633f0f30-2930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:55:b3:9d:b0:59:a4:a8:c4:b8:a5:22:29:17:
                    05:7d:2a:89:2e:ac:f8:b8:90:81:ae:b1:5a:ff:bd:
                    db:66:93:53:7a:f2:98:3a:7f:e0:91:fe:76:54:f1:
                    48:65:ab:7b:00:3d:75:cc:06:81:20:85:3b:5a:6b:
                    6e:e1:11:08:b5:c8:6e:66:a1:9a:50:60:94:79:ba:
                    59:03:c7:cd:37:05:f3:0f:3a:4c:60:72:e1:98:a9:
                    13:d9:b9:a6:1e:22:9d:da:e9:9d:d4:3e:6e:3d:64:
                    f9:33:f4:df:ba:1b:4b:03:bf:4e:80:d0:41:1c:a0:
                    dc:38:d3:58:46:0c:9e:ea:58:fe:46:30:82:42:cc:
                    e5:f0:ac:fb:fa:c0:6f:bf:db:fd:55:01:84:3d:4f:
                    44:c6:62:5c:14:61:9c:bd:2a:3b:bc:ef:8c:b0:17:
                    6c:40:02:66:1a:7d:ac:5c:7f:de:cc:28:9d:d5:0d:
                    1a:57:73:4c:7b:dc:8f:5f:38:52:d9:b9:08:d5:4a:
                    f4:e5:10:6a:57:46:ae:07:d1:f9:89:7e:ef:4e:2a:
                    5e:07:c8:12:f2:15:de:06:4f:e7:75:58:db:20:f1:
                    b9:b7:50:19:23:c4:ad:a2:09:03:09:59:2a:f2:33:
                    17:ad:f1:c3:3c:d8:71:1c:d0:c6:da:9f:87:b6:2c:
                    71:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:72:71:3C:7C:AB:7B:BB:0B:A5:B9:C4:0B:0E:60:EA:B6:8A:87:B1
            X509v3 Authority Key Identifier:
                keyid:26:27:90:CD:91:4C:EA:8E:C1:1E:25:86:9B:89:8D:E0:00:1F:BD:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914589A/ACD6FB8A7D9411E7938BCF4EC4F9AE02/JieQzZFM6o7BHiWGm4mN4AAfvQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JieQzZFM6o7BHiWGm4mN4AAfvQk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914589A/ACD6FB8A7D9411E7938BCF4EC4F9AE02/6D5E503EEE0A11ECA4DCE367C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.210.128.0/19
                IPv6:
                  2404:b00::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:f3:39:97:16:85:9d:0d:1c:20:45:b0:44:36:29:b5:c5:67:
         d1:13:0c:8b:dd:81:39:28:39:40:b1:54:f2:b7:28:bd:34:42:
         bb:df:5b:78:16:f3:00:fe:3f:82:02:f2:76:11:83:32:6a:e4:
         f3:91:63:16:11:4c:d7:a4:38:d5:32:e0:ef:e9:bf:1c:c7:9b:
         13:79:c8:d1:4f:65:b3:48:15:e8:f2:0e:23:85:b6:75:d3:62:
         eb:c8:e4:89:f3:b6:0d:8e:ad:bb:7e:d1:d1:8b:09:c9:5a:f6:
         48:24:be:f7:40:34:18:a4:67:31:2e:27:e9:f6:46:ea:3d:8f:
         7c:f1:eb:4c:82:e1:6a:a9:8c:3a:42:2b:7c:e2:1f:10:76:f2:
         a1:65:e1:a1:c9:8d:bb:34:96:6c:00:7d:7a:bc:17:af:32:2f:
         91:ea:77:ab:00:9a:0c:29:54:15:20:6c:12:41:98:05:81:49:
         7b:5b:9a:d1:cf:01:79:64:9e:83:d5:96:a5:1f:9d:63:fa:03:
         3b:34:90:cb:79:44:23:53:05:09:54:22:74:0d:35:ef:2b:37:
         89:c9:6e:8b:d3:68:f2:04:54:b0:28:42:08:ac:c4:7d:e6:5a:
         47:3a:d7:cb:b4:8b:1a:6c:88:f5:b3:55:54:d2:73:33:ef:6d:
         93:81:79:28
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICF3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU4OUExMTAvBgNVBAUTKDI2Mjc5MENEOTE0Q0VBOEVDMTFFMjU4NjlCODk4REUw
MDAxRkJEMDkwHhcNMjIxMDA2MTcyNDAxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNmMGYzMC0yOTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFWznbBZpKjEuKUiKRcFfSqJLqz4uJCBrrFa/73bZpNTevKYOn/gkf52VPFI
Zat7AD11zAaBIIU7Wmtu4REItchuZqGaUGCUebpZA8fNNwXzDzpMYHLhmKkT2bmm
HiKd2umd1D5uPWT5M/TfuhtLA79OgNBBHKDcONNYRgye6lj+RjCCQszl8Kz7+sBv
v9v9VQGEPU9ExmJcFGGcvSo7vO+MsBdsQAJmGn2sXH/ezCid1Q0aV3NMe9yPXzhS
2bkI1Ur05RBqV0auB9H5iX7vTipeB8gS8hXeBk/ndVjbIPG5t1AZI8StogkDCVkq
8jMXrfHDPNhxHNDG2p+HtixxdQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLRycTx8
q3u7C6W5xAsOYOq2ioexMB8GA1UdIwQYMBaAFCYnkM2RTOqOwR4lhpuJjeAAH70J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTg5QS9BQ0Q2RkI4QTdE
OTQxMUU3OTM4QkNGNEVDNEY5QUUwMi9KaWVRelpGTTZvN0JIaVdHbTRtTjRBQWZ2
UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ppZVF6WkZNNm83QkhpV0dtNG1ONEFBZnZRay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU4OUEvQUNENkZCOEE3RDk0MTFFNzkzOEJDRjRFQzRGOUFFMDIvNkQ1RTUwM0VF
RTBBMTFFQ0E0RENFMzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAW00oAwDQQCAAIwBwMFACQECwAwDQYJKoZIhvcNAQELBQAD
ggEBAKnzOZcWhZ0NHCBFsEQ2KbXFZ9ETDIvdgTkoOUCxVPK3KL00QrvfW3gW8wD+
P4IC8nYRgzJq5PORYxYRTNekONUy4O/pvxzHmxN5yNFPZbNIFejyDiOFtnXTYuvI
5Inztg2Orbt+0dGLCcla9kgkvvdANBikZzEuJ+n2Ruo9j3zx60yC4WqpjDpCK3zi
HxB28qFl4aHJjbs0lmwAfXq8F68yL5Hqd6sAmgwpVBUgbBJBmAWBSXtbmtHPAXlk
noPVlqUfnWP6Azs0kMt5RCNTBQlUInQNNe8rN4nJbovTaPIEVLAoQgisxH3mWkc6
18u0ixpsiPWzVVTSczPvbZOBeSg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org