Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/74D31BC642F811EEBCBA9981C4F9AE02.roa
File:                     74D31BC642F811EEBCBA9981C4F9AE02.roa (raw, json)
Hash identifier:          WkoUcddZajtTCPzaT9QOgE+Da74L+BuxJN0Txr5EXCU=
Subject key identifier:   23:3B:BB:70:9C:CB:D3:DA:DA:D5:4E:D5:6D:CD:7E:E6:F0:90:3B:D3
Certificate issuer:       /CN=A9164F45/serialNumber=24320EAFF9A820B8EDA59E03E40555C5F34FEFCC
Certificate serial:       06
Authority key identifier: 24:32:0E:AF:F9:A8:20:B8:ED:A5:9E:03:E4:05:55:C5:F3:4F:EF:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JDIOr_moILjtpZ4D5AVVxfNP78w.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/74D31BC642F811EEBCBA9981C4F9AE02.roa
Signing time:             Fri 25 Aug 2023 03:35:38 +0000
ROA not before:           Fri 25 Aug 2023 03:35:38 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     10118
IP address blocks:        203.145.72.0/21 maxlen: 21
                          203.145.75.0/24 maxlen: 24
                          203.145.79.0/24 maxlen: 24
                          203.145.80.0/20 maxlen: 20
                          203.145.80.0/23 maxlen: 24
                          203.145.83.0/24 maxlen: 24
                          203.145.84.0/22 maxlen: 22
                          203.145.84.0/24 maxlen: 24
                          203.145.85.0/24 maxlen: 24
                          203.145.86.0/23 maxlen: 23
                          203.145.88.0/21 maxlen: 21
                          203.145.88.0/23 maxlen: 24
                          203.145.90.0/24 maxlen: 24
                          203.145.91.0/24 maxlen: 24
                          203.145.92.0/24 maxlen: 24
                          203.145.94.0/24 maxlen: 24
                          203.145.95.0/24 maxlen: 24
                          2407:3100::/32 maxlen: 32
                          2407:3100::/36 maxlen: 36
                          2407:3100:1000::/36 maxlen: 36
                          2407:3100:2000::/36 maxlen: 36
                          2407:3100:3000::/36 maxlen: 36
                          2407:3100:4000::/36 maxlen: 36
                          2407:3100:5000::/36 maxlen: 36
                          2407:3100:6000::/36 maxlen: 36
                          2407:3100:7000::/36 maxlen: 36
                          2407:3100:8000::/36 maxlen: 36
                          2407:3100:8113::/48 maxlen: 48
                          2407:3100:9000::/36 maxlen: 36
                          2407:3100:a000::/36 maxlen: 36
                          2407:3100:b000::/36 maxlen: 36
                          2407:3100:c000::/36 maxlen: 36
                          2407:3100:d000::/36 maxlen: 36
                          2407:3100:e000::/36 maxlen: 36
                          2407:3100:f000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9164F45/serialNumber=24320EAFF9A820B8EDA59E03E40555C5F34FEFCC
        Validity
            Not Before: Aug 25 03:35:38 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=64e82189-7931
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f2:3c:bf:96:5d:93:65:bc:d1:fc:ef:99:48:
                    a2:5b:3a:9c:1b:c7:29:11:77:0f:ef:ce:fc:c3:5c:
                    88:f0:38:cd:5a:0a:77:dc:a5:e0:6a:42:de:f5:ef:
                    ed:83:09:bb:e0:a8:27:ac:11:b6:20:0b:84:77:2d:
                    fe:12:7b:69:ad:60:a7:1d:c9:c2:c2:c9:a5:47:2f:
                    fe:0b:0e:2c:e8:43:e7:48:d9:97:a5:2e:c9:4b:a8:
                    47:75:f6:6e:b3:52:ed:60:66:30:2b:73:15:2a:2f:
                    56:1d:08:b2:e2:49:b6:f9:9a:4e:31:fa:7b:b8:9e:
                    1e:6a:bc:58:eb:bb:d1:5e:b9:f0:84:88:f5:a3:94:
                    9c:63:89:01:de:27:a1:83:dd:3b:05:45:db:df:f6:
                    74:6e:59:85:82:93:f9:af:86:5a:3e:34:1b:35:3a:
                    bc:3e:60:f1:fa:24:0f:c6:7d:3e:74:cb:75:f0:0b:
                    3c:69:80:a0:f3:d1:ce:04:b5:9b:b5:99:59:27:78:
                    81:d0:0a:86:73:31:9f:24:a0:4f:a9:41:d0:b9:9f:
                    f1:0d:0d:95:9e:8f:bd:59:8b:3a:ce:d2:1e:72:c8:
                    5e:b1:d5:f4:41:b0:3e:1f:ed:d9:76:e1:4d:16:d0:
                    5f:d9:94:f8:43:be:7a:4b:27:aa:1a:b4:b3:8f:fc:
                    96:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3B:BB:70:9C:CB:D3:DA:DA:D5:4E:D5:6D:CD:7E:E6:F0:90:3B:D3
            X509v3 Authority Key Identifier:
                keyid:24:32:0E:AF:F9:A8:20:B8:ED:A5:9E:03:E4:05:55:C5:F3:4F:EF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/JDIOr_moILjtpZ4D5AVVxfNP78w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JDIOr_moILjtpZ4D5AVVxfNP78w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164F45/336119C442F611EEA2524D63C4F9AE02/74D31BC642F811EEBCBA9981C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.145.72.0-203.145.95.255
                IPv6:
                  2407:3100::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:16:f8:e9:00:63:ee:df:25:c2:e7:a4:01:cb:9f:db:bb:19:
         64:c4:53:51:15:50:38:11:1e:ad:d7:45:a8:5b:43:25:aa:ec:
         33:4b:49:26:2b:e6:ff:e7:e0:33:f7:e0:96:95:3e:d0:1a:98:
         10:5d:7e:73:f7:85:0b:b1:c8:00:ee:a6:b4:cf:88:29:19:6b:
         e1:d5:fe:d7:75:f3:f0:c2:71:d3:1d:fb:b0:1b:fe:0a:6b:cc:
         f7:f4:79:08:07:5a:f3:7e:c9:f4:48:a1:76:0b:1b:ef:5f:b2:
         0d:20:b0:d4:20:4a:39:bf:9b:6b:be:e0:06:8e:2f:71:c0:75:
         f2:54:1c:5f:ff:5f:cf:72:0e:91:06:f0:78:4e:fd:54:7b:08:
         f4:0a:f8:2c:e6:61:cf:4e:e2:c1:32:37:da:62:70:81:10:c9:
         fe:00:23:c8:f4:02:a1:3b:91:ef:d0:c7:c7:22:c3:0e:c6:37:
         ba:9d:f5:df:9a:92:c4:97:fc:77:9e:ee:3b:65:fa:5e:1c:90:
         ac:fe:b4:93:7a:04:e5:46:02:05:aa:bd:ac:12:2f:76:41:c8:
         4c:34:ec:c4:76:1a:e0:b1:e0:5e:31:c6:7b:1e:17:4c:96:5b:
         32:8e:0e:d5:64:23:5f:1d:87:84:f6:f2:a6:98:1e:e1:fe:c7:
         76:39:09:02
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
NEY0NTExMC8GA1UEBRMoMjQzMjBFQUZGOUE4MjBCOEVEQTU5RTAzRTQwNTU1QzVG
MzRGRUZDQzAeFw0yMzA4MjUwMzM1MzhaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTgyMTg5LTc5MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM8jy/ll2TZbzR/O+ZSKJbOpwbxykRdw/vzvzDXIjwOM1aCnfcpeBqQt717+2D
CbvgqCesEbYgC4R3Lf4Se2mtYKcdycLCyaVHL/4LDizoQ+dI2ZelLslLqEd19m6z
Uu1gZjArcxUqL1YdCLLiSbb5mk4x+nu4nh5qvFjru9FeufCEiPWjlJxjiQHeJ6GD
3TsFRdvf9nRuWYWCk/mvhlo+NBs1Orw+YPH6JA/GfT50y3XwCzxpgKDz0c4EtZu1
mVkneIHQCoZzMZ8koE+pQdC5n/ENDZWej71ZizrO0h5yyF6x1fRBsD4f7dl24U0W
0F/ZlPhDvnpLJ6oatLOP/JYJAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUIzu7cJzL
09ra1U7Vbc1+5vCQO9MwHwYDVR0jBBgwFoAUJDIOr/moILjtpZ4D5AVVxfNP78ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY0RjQ1LzMzNjExOUM0NDJG
NjExRUVBMjUyNEQ2M0M0RjlBRTAyL0pESU9yX21vSUxqdHBaNEQ1QVZWeGZOUDc4
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSkRJT3JfbW9JTGp0cFo0RDVBVlZ4Zk5QNzh3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NEY0NS8zMzYxMTlDNDQyRjYxMUVFQTI1MjRENjNDNEY5QUUwMi83NEQzMUJDNjQy
RjgxMUVFQkNCQTk5ODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwFAQCAAEwDjAMAwQDy5FIAwQFy5FAMA0EAgACMAcDBQAkBzEAMA0GCSqGSIb3
DQEBCwUAA4IBAQCJFvjpAGPu3yXC56QBy5/buxlkxFNRFVA4ER6t10WoW0Mlquwz
S0kmK+b/5+Az9+CWlT7QGpgQXX5z94ULscgA7qa0z4gpGWvh1f7XdfPwwnHTHfuw
G/4Ka8z39HkIB1rzfsn0SKF2CxvvX7INILDUIEo5v5trvuAGji9xwHXyVBxf/1/P
cg6RBvB4Tv1Uewj0Cvgs5mHPTuLBMjfaYnCBEMn+ACPI9AKhO5Hv0MfHIsMOxje6
nfXfmpLEl/x3nu47ZfpeHJCs/rSTegTlRgIFqr2sEi92QchMNOzEdhrgseBeMcZ7
HhdMllsyjg7VZCNfHYeE9vKmmB7h/sd2OQkC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org