Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/41C79492477411EAB122950EC4F9AE02.roa
File:                     41C79492477411EAB122950EC4F9AE02.roa (raw, json)
Hash identifier:          IOcQWD5ZjcMiRfHDYeas7RgGNBT2JEykRZF4w9AFqW4=
Subject key identifier:   07:10:F5:58:52:3C:7C:5F:C4:80:64:62:F5:47:B6:D3:DD:59:69:B6
Certificate issuer:       /CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Certificate serial:       1543
Authority key identifier: 6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/41C79492477411EAB122950EC4F9AE02.roa
Signing time:             Wed 26 Oct 2022 17:44:14 +0000
ROA not before:           Wed 26 Oct 2022 17:44:14 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     203061
IP address blocks:        43.242.0.0/22 maxlen: 22
                          59.152.84.0/22 maxlen: 22
                          116.206.48.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5443 (0x1543)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
        Validity
            Not Before: Oct 26 17:44:14 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=635971ee-863c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c8:37:33:78:30:86:09:72:26:46:92:58:b7:
                    aa:06:7f:00:76:66:62:2e:53:9d:db:52:16:38:a4:
                    1c:1a:8e:9a:80:7b:59:82:4a:70:f9:4e:62:72:4a:
                    1a:07:56:a9:f2:6b:a7:81:09:6e:8a:fc:56:e7:1c:
                    e8:0e:37:15:2d:be:68:ff:16:23:c9:fd:15:67:5a:
                    0a:67:af:a0:be:1d:22:99:17:e2:8d:1e:1f:4a:27:
                    fa:83:5a:ad:7b:a1:83:90:0c:0c:31:f4:a8:97:33:
                    05:b0:72:8d:7c:41:96:15:0d:01:f8:3a:b2:c6:fc:
                    e0:9a:d5:95:19:cb:55:b8:f1:de:5c:0a:5a:65:92:
                    47:5f:57:bc:65:2d:30:d6:29:56:95:70:4f:39:93:
                    37:77:2b:67:13:cd:7a:17:0b:d1:47:20:a5:ec:8e:
                    4b:e2:e5:d4:dd:34:74:08:4b:a1:33:dc:16:05:63:
                    aa:bf:09:eb:09:fc:af:67:a7:bc:d6:6c:2c:19:f1:
                    7c:d5:14:87:93:0e:7f:14:24:62:a1:23:5c:ba:48:
                    27:02:da:77:bf:f8:ef:96:23:ed:96:3b:09:ea:28:
                    ba:cc:20:d8:83:6e:11:7b:54:10:30:f7:44:53:83:
                    90:62:02:ea:80:cd:22:7e:e6:ed:e1:bd:a5:50:fd:
                    07:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:10:F5:58:52:3C:7C:5F:C4:80:64:62:F5:47:B6:D3:DD:59:69:B6
            X509v3 Authority Key Identifier:
                keyid:6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/41C79492477411EAB122950EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.242.0.0/22
                  59.152.84.0/22
                  116.206.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:9f:01:9d:ee:7a:c8:5e:b4:26:56:22:4a:f5:54:62:bd:ff:
         bd:5a:85:ab:c6:84:59:6e:f6:ac:c4:1c:b0:2b:26:8d:45:84:
         ad:f6:e9:95:45:63:17:a9:cd:f8:aa:c7:b4:5c:f7:79:49:5d:
         58:f2:b3:e9:46:6a:22:e0:12:a8:3a:c6:e1:15:c2:a4:e2:aa:
         5b:87:4a:ab:8e:1d:10:60:1f:95:75:d4:b3:44:74:d1:80:58:
         f9:65:31:c2:07:d7:e5:a3:c4:2e:fc:dd:88:dc:d8:c5:31:61:
         a2:43:b2:9b:a0:03:14:3c:2f:f5:0c:a7:37:a0:05:07:21:e4:
         a2:66:61:ce:ee:95:17:9e:59:16:bf:c1:fc:20:5d:f3:22:22:
         93:e3:fe:12:c9:7c:91:10:53:47:0c:0e:d2:46:7d:05:ec:a6:
         83:7f:51:4d:05:a3:c6:96:86:88:c5:80:92:b2:2f:49:d5:f8:
         4f:05:6a:98:90:05:a3:31:c4:f1:e1:f2:dd:13:d0:6d:f0:20:
         56:95:26:6b:bd:66:cc:a3:ea:ae:b6:2e:a3:de:84:d8:34:d2:
         d4:ba:e1:02:31:71:15:67:a4:28:2a:6e:b7:2f:4f:1a:70:44:
         80:15:a4:7f:23:e9:6c:56:d8:e9:7e:cc:93:f5:ac:f3:a8:cf:
         e1:6b:28:7f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc4QzIxMTAvBgNVBAUTKDZENEFFODlGQTk3QTcxNkEyRDkyNjYxRkYyQ0Y1QkQz
Q0NEQzI5RkMwHhcNMjIxMDI2MTc0NDE0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU5NzFlZS04NjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusg3M3gwhglyJkaSWLeqBn8AdmZiLlOd21IWOKQcGo6agHtZgkpw+U5ickoa
B1ap8mungQluivxW5xzoDjcVLb5o/xYjyf0VZ1oKZ6+gvh0imRfijR4fSif6g1qt
e6GDkAwMMfSolzMFsHKNfEGWFQ0B+DqyxvzgmtWVGctVuPHeXApaZZJHX1e8ZS0w
1ilWlXBPOZM3dytnE816FwvRRyCl7I5L4uXU3TR0CEuhM9wWBWOqvwnrCfyvZ6e8
1mwsGfF81RSHkw5/FCRioSNcukgnAtp3v/jvliPtljsJ6ii6zCDYg24Re1QQMPdE
U4OQYgLqgM0ifubt4b2lUP0HGwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAcQ9VhS
PHxfxIBkYvVHttPdWWm2MB8GA1UdIwQYMBaAFG1K6J+penFqLZJmH/LPW9PM3Cn8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhDMi9FRDJCQkM3MEY4
ODcxMUU3OTIxRjg2NjhDNEY5QUUwMi9iVXJvbjZsNmNXb3RrbVlmOHM5YjA4emNL
ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JVcm9uNmw2Y1dvdGttWWY4czliMDh6Y0tmdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc4QzIvRUQyQkJDNzBGODg3MTFFNzkyMUY4NjY4QzRGOUFFMDIvNDFDNzk0OTI0
Nzc0MTFFQUIxMjI5NTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIr8gADBAI7mFQDBAJ0zjAwDQYJKoZIhvcNAQELBQADggEB
AC2fAZ3ueshetCZWIkr1VGK9/71ahavGhFlu9qzEHLArJo1FhK326ZVFYxepzfiq
x7Rc93lJXVjys+lGaiLgEqg6xuEVwqTiqluHSquOHRBgH5V11LNEdNGAWPllMcIH
1+WjxC783Yjc2MUxYaJDspugAxQ8L/UMpzegBQch5KJmYc7ulReeWRa/wfwgXfMi
IpPj/hLJfJEQU0cMDtJGfQXspoN/UU0Fo8aWhojFgJKyL0nV+E8FapiQBaMxxPHh
8t0T0G3wIFaVJmu9Zsyj6q62LqPehNg00tS64QIxcRVnpCgqbrcvTxpwRIAVpH8j
6WxW2Ol+zJP1rPOoz+FrKH8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org