Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/637CC6741D4211ED99608059C4F9AE02.roa
File:                     637CC6741D4211ED99608059C4F9AE02.roa (raw, json)
Hash identifier:          ABSykpo9CT0TmtgRKbNbCKSZFZZs36FwFdYqNv89OmQ=
Subject key identifier:   20:D6:16:C6:B0:9C:3B:37:72:B9:64:0C:44:3A:3E:69:11:D2:C2:C8
Certificate issuer:       /CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Certificate serial:       1A
Authority key identifier: E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/637CC6741D4211ED99608059C4F9AE02.roa
Signing time:             Wed 17 Aug 2022 08:24:33 +0000
ROA not before:           Wed 17 Aug 2022 08:24:32 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     3491
IP address blocks:        2400:9ce0:100::/40 maxlen: 40
                          2400:9ce0:1000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26 (0x1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
        Validity
            Not Before: Aug 17 08:24:32 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=62fca5c0-6e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:67:11:e5:a7:01:96:f0:a0:7a:55:c1:e7:17:
                    d2:f1:7d:73:ef:31:22:fb:e9:4f:56:3c:57:46:41:
                    d0:b5:c3:88:be:e4:1e:23:c6:47:57:1e:a5:ef:cc:
                    8f:18:87:26:a5:f4:48:da:5d:40:dd:59:eb:d9:3b:
                    ac:6e:af:cc:51:67:76:4d:00:60:c8:fb:64:61:11:
                    1a:7b:fb:55:e1:d4:0d:5b:73:77:b5:3f:a1:cb:18:
                    7d:63:9d:ce:77:cb:d1:17:06:5c:bf:17:94:ce:3d:
                    9d:c3:a7:4f:cf:3c:bf:77:93:24:de:38:11:db:ca:
                    c9:30:fd:b9:f4:bf:49:ac:1d:2f:b8:9d:94:35:f5:
                    0e:ef:72:05:59:46:e2:3d:d8:8f:09:6a:b7:9d:e7:
                    6c:03:e3:ad:f4:61:a4:f9:3d:62:4b:3b:d6:12:76:
                    ae:a4:9d:fc:db:7c:03:a8:a5:ac:9a:20:d5:38:d1:
                    8d:5d:4f:b8:07:be:85:13:07:60:bf:01:b4:cb:76:
                    15:03:77:ca:39:bb:a5:5b:aa:79:08:93:d9:6c:5c:
                    42:1a:08:5c:32:47:8d:44:f7:f8:ea:37:af:70:78:
                    f4:a5:7d:9e:03:4c:63:ab:b5:0d:8e:10:75:9e:fa:
                    3e:be:9f:f3:bb:e6:75:76:eb:54:a0:65:21:8e:be:
                    17:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:D6:16:C6:B0:9C:3B:37:72:B9:64:0C:44:3A:3E:69:11:D2:C2:C8
            X509v3 Authority Key Identifier:
                keyid:E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/4QiBh_ZAlCY92mdJqV9zqmwasGM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/637CC6741D4211ED99608059C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:9ce0:100::/40
                  2400:9ce0:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         ad:7a:10:14:e9:02:e2:64:5d:a1:32:82:23:1a:41:64:10:bb:
         a3:cc:b4:32:88:6e:f9:a9:2f:42:fb:9b:94:d3:3a:20:b0:91:
         22:97:97:54:91:88:59:9e:c5:57:0a:1a:7c:47:a7:ff:33:c4:
         e3:ec:51:bb:ca:1d:d7:d9:68:b2:53:44:ab:7e:d5:7f:c9:4f:
         f1:4f:66:9c:f5:14:b3:8b:67:0f:1c:04:ba:9e:29:62:24:80:
         99:8e:7d:fc:74:bb:ba:6a:1c:4f:9e:c1:1d:f9:91:92:0f:42:
         c2:10:bf:91:8f:a2:30:7c:63:cc:1b:bc:49:7d:05:ca:4e:2e:
         d4:ce:67:e3:27:3c:e2:82:7a:3d:08:46:b4:cd:98:48:a9:18:
         a9:c4:08:b6:e3:fc:2c:8f:b3:6b:1e:80:46:ae:84:d6:b9:94:
         4c:a7:7e:ca:4a:d9:98:5f:a6:a6:7f:5b:7a:64:fa:07:eb:9e:
         17:9f:69:af:20:ce:ec:6d:7f:c4:e1:6b:0c:9f:ad:eb:d8:63:
         f8:3a:36:4e:b1:82:a2:ed:a9:9f:10:69:76:52:18:40:bf:f0:
         43:81:07:5a:0f:ac:88:8b:31:60:94:54:16:62:90:1c:1b:f8:
         63:a5:15:65:2e:48:3f:42:a1:e0:a1:23:1f:ed:55:82:65:e5:
         88:35:ab:74
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QkFDNTExMC8GA1UEBRMoRTEwODgxODdGNjQwOTQyNjNEREE2NzQ5QTk1RjczQUE2
QzFBQjA2MzAeFw0yMjA4MTcwODI0MzJaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZmNhNWMwLTZlOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZZxHlpwGW8KB6VcHnF9LxfXPvMSL76U9WPFdGQdC1w4i+5B4jxkdXHqXvzI8Y
hyal9EjaXUDdWevZO6xur8xRZ3ZNAGDI+2RhERp7+1Xh1A1bc3e1P6HLGH1jnc53
y9EXBly/F5TOPZ3Dp0/PPL93kyTeOBHbyskw/bn0v0msHS+4nZQ19Q7vcgVZRuI9
2I8Jared52wD4630YaT5PWJLO9YSdq6knfzbfAOopayaINU40Y1dT7gHvoUTB2C/
AbTLdhUDd8o5u6VbqnkIk9lsXEIaCFwyR41E9/jqN69wePSlfZ4DTGOrtQ2OEHWe
+j6+n/O75nV261SgZSGOvhcRAgMBAAGjggKfMIICmzAdBgNVHQ4EFgQUINYWxrCc
OzdyuWQMRDo+aRHSwsgwHwYDVR0jBBgwFoAU4QiBh/ZAlCY92mdJqV9zqmwasGMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCQUM1LzQ3MEE2MjA0MTUz
MDExRURCQUEzRDAyN0M0RjlBRTAyLzRRaUJoX1pBbENZOTJtZEpxVjl6cW13YXNH
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNFFpQmhfWkFsQ1k5Mm1kSnFWOXpxbXdhc0dNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QkFDNS80NzBBNjIwNDE1MzAxMUVEQkFBM0QwMjdDNEY5QUUwMi82MzdDQzY3NDFE
NDIxMUVEOTk2MDgwNTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDApBggrBgEFBQcBBwEB/wQa
MBgwFgQCAAIwEAMGACQAnOABAwYEJACc4BAwDQYJKoZIhvcNAQELBQADggEBAK16
EBTpAuJkXaEygiMaQWQQu6PMtDKIbvmpL0L7m5TTOiCwkSKXl1SRiFmexVcKGnxH
p/8zxOPsUbvKHdfZaLJTRKt+1X/JT/FPZpz1FLOLZw8cBLqeKWIkgJmOffx0u7pq
HE+ewR35kZIPQsIQv5GPojB8Y8wbvEl9BcpOLtTOZ+MnPOKCej0IRrTNmEipGKnE
CLbj/CyPs2segEauhNa5lEynfspK2ZhfpqZ/W3pk+gfrnhefaa8gzuxtf8Thawyf
revYY/g6Nk6xgqLtqZ8QaXZSGEC/8EOBB1oPrIiLMWCUVBZikBwb+GOlFWUuSD9C
oeChIx/tVYJl5Yg1q3Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org