Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/9979A97A18A711EEAF93E734C4F9AE02.roa
File:                     9979A97A18A711EEAF93E734C4F9AE02.roa (raw, json)
Hash identifier:          QYfXWCobU0y63Niv0Pszm5DsfN0LwTkTNDxDIy33IL8=
Subject key identifier:   4D:A0:60:A9:51:32:87:AC:57:F7:12:C0:AF:B1:30:23:BB:B1:58:DF
Certificate issuer:       /CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Certificate serial:       0393
Authority key identifier: 46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/9979A97A18A711EEAF93E734C4F9AE02.roa
Signing time:             Sun 02 Jul 2023 07:11:01 +0000
ROA not before:           Sun 02 Jul 2023 07:11:01 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     151338
IP address blocks:        2407:d840:20::/48 maxlen: 48
                          2407:d840:21::/48 maxlen: 48
                          2407:d840:200::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 915 (0x393)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
        Validity
            Not Before: Jul  2 07:11:01 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=64a12305-34e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a9:46:9a:16:50:22:06:9f:7d:01:b2:6b:93:
                    50:c4:22:4c:5f:a4:d8:57:ac:9b:a6:bb:99:70:ca:
                    b0:90:13:ac:18:31:3a:1d:04:25:95:b1:a4:71:07:
                    32:98:58:b3:2a:7d:25:19:5c:6e:6f:a0:24:35:c0:
                    75:fe:39:d5:3c:6f:b8:fc:41:26:e6:44:06:20:a1:
                    9e:0f:63:c9:b0:24:8d:67:1e:3b:f7:9e:ca:8c:de:
                    1c:21:61:9d:67:9b:91:a4:51:77:ea:bf:4c:94:7b:
                    b5:98:7b:4f:c6:c3:42:9e:ca:b5:12:26:3e:3e:53:
                    72:31:21:f1:bc:a6:f9:48:ff:20:7c:2c:e8:7d:8c:
                    c1:e8:ac:6d:8c:ba:8d:eb:6d:2b:a0:b3:39:fa:cc:
                    1f:ba:a1:c4:41:ee:29:f5:12:8b:65:1c:a9:1a:d9:
                    b8:f5:c1:22:77:fa:bc:f2:75:47:54:29:46:74:65:
                    65:64:3b:b6:4c:74:5e:ca:8e:f9:8c:05:89:3f:21:
                    be:c1:4c:61:68:3c:d4:bc:a1:c4:44:d0:87:f3:f9:
                    bb:89:53:7e:18:f7:64:dd:dd:1a:8d:b0:6b:05:6a:
                    ae:cc:69:0c:54:1c:7b:ac:85:9d:92:e9:21:46:45:
                    64:c5:46:3b:93:c7:7c:d0:2f:88:ec:ca:d4:ed:80:
                    2d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:A0:60:A9:51:32:87:AC:57:F7:12:C0:AF:B1:30:23:BB:B1:58:DF
            X509v3 Authority Key Identifier:
                keyid:46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/RpIsVlRABAvZmv1OMp7Z3rb5JXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/9979A97A18A711EEAF93E734C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:d840:20::/47
                  2407:d840:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         77:d2:b6:f1:5c:91:b7:0f:d7:d9:7a:91:df:80:ae:c8:52:d9:
         a3:8a:c9:15:9c:2b:56:dc:25:eb:bc:29:50:cf:24:6d:e2:d8:
         d7:a4:df:4f:f7:8b:ce:24:70:3a:d8:1b:c4:3a:53:bc:fe:de:
         4e:85:c0:02:e2:67:a0:29:85:c2:38:c7:d3:f1:0d:86:dc:58:
         2c:9f:e8:6b:b9:e5:2b:fe:db:b5:b2:23:2d:24:6b:db:6b:86:
         c7:9c:93:15:c4:ef:56:19:be:85:05:25:9b:45:f1:d2:01:cc:
         9b:7f:9a:4d:92:6e:a0:e6:da:15:69:90:45:a4:bb:01:2f:7d:
         3c:d8:19:dc:26:94:d7:47:bf:48:36:f9:7e:c1:e8:f6:32:6c:
         5e:dd:85:e2:1f:91:e2:c1:3b:ba:2f:20:3e:33:7f:ed:96:f7:
         5e:18:90:25:ec:fa:17:63:54:8a:d2:2c:eb:bb:3b:37:34:fe:
         58:e5:68:25:ab:9d:92:29:90:60:6e:03:f1:62:1c:f3:67:b4:
         dd:95:10:8f:c4:fb:b6:f7:fe:8d:2a:3c:1c:f8:1b:ae:b7:b3:
         34:e8:73:ea:df:69:fb:dc:27:f5:d0:d6:0b:30:72:c7:74:a7:
         2e:b6:3e:d2:9b:a0:4b:4d:3a:75:f9:7b:14:f5:ae:a4:fb:a0:
         6f:df:86:59
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICA5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUIyRUMxMTAvBgNVBAUTKDQ2OTIyQzU2NTQ0MDA0MEJEOTlBRkQ0RTMyOUVEOURF
QjZGOTI1NzMwHhcNMjMwNzAyMDcxMTAxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGExMjMwNS0zNGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAualGmhZQIgaffQGya5NQxCJMX6TYV6ybpruZcMqwkBOsGDE6HQQllbGkcQcy
mFizKn0lGVxub6AkNcB1/jnVPG+4/EEm5kQGIKGeD2PJsCSNZx47957KjN4cIWGd
Z5uRpFF36r9MlHu1mHtPxsNCnsq1EiY+PlNyMSHxvKb5SP8gfCzofYzB6KxtjLqN
620roLM5+swfuqHEQe4p9RKLZRypGtm49cEid/q88nVHVClGdGVlZDu2THReyo75
jAWJPyG+wUxhaDzUvKHERNCH8/m7iVN+GPdk3d0ajbBrBWquzGkMVBx7rIWdkukh
RkVkxUY7k8d80C+I7MrU7YAtqQIDAQABo4ICoDCCApwwHQYDVR0OBBYEFE2gYKlR
MoesV/cSwK+xMCO7sVjfMB8GA1UdIwQYMBaAFEaSLFZUQAQL2Zr9TjKe2d62+SVz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjJFQy84NDI3NTk1NjJC
MDkxMUVDODUxQjk4MEVDNEY5QUUwMi9ScElzVmxSQUJBdlptdjFPTXA3WjNyYjVK
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JwSXNWbFJBQkF2Wm12MU9NcDdaM3JiNUpYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUIyRUMvODQyNzU5NTYyQjA5MTFFQzg1MUI5ODBFQzRGOUFFMDIvOTk3OUE5N0Ex
OEE3MTFFRUFGOTNFNzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwEkB9hAACADBgAkB9hAAjANBgkqhkiG9w0BAQsFAAOCAQEA
d9K28VyRtw/X2XqR34CuyFLZo4rJFZwrVtwl67wpUM8kbeLY16TfT/eLziRwOtgb
xDpTvP7eToXAAuJnoCmFwjjH0/ENhtxYLJ/oa7nlK/7btbIjLSRr22uGx5yTFcTv
Vhm+hQUlm0Xx0gHMm3+aTZJuoObaFWmQRaS7AS99PNgZ3CaU10e/SDb5fsHo9jJs
Xt2F4h+R4sE7ui8gPjN/7Zb3XhiQJez6F2NUitIs67s7NzT+WOVoJaudkimQYG4D
8WIc82e03ZUQj8T7tvf+jSo8HPgbrrezNOhz6t9p+9wn9dDWCzByx3SnLrY+0pug
S006dfl7FPWupPugb9+GWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org