Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/46104428801E11ED8289C868C4F9AE02.roa
File:                     46104428801E11ED8289C868C4F9AE02.roa (raw, json)
Hash identifier:          MUjcPwnjIm6o/2F7doTq3ys4AQvjhDDwupyhSxw98H8=
Subject key identifier:   6B:5E:14:AB:59:F8:02:52:46:F4:D9:02:1A:CC:81:9B:77:EC:C0:EB
Certificate issuer:       /CN=A917BED0/serialNumber=692EBD3D03F258746E6843B6128DD209C51222E6
Certificate serial:       03
Authority key identifier: 69:2E:BD:3D:03:F2:58:74:6E:68:43:B6:12:8D:D2:09:C5:12:22:E6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aS69PQPyWHRuaEO2Eo3SCcUSIuY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/46104428801E11ED8289C868C4F9AE02.roa
Signing time:             Tue 20 Dec 2022 04:25:03 +0000
ROA not before:           Tue 20 Dec 2022 04:25:03 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     7600
IP address blocks:        203.5.13.0/24 maxlen: 24
                          203.25.134.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917BED0/serialNumber=692EBD3D03F258746E6843B6128DD209C51222E6
        Validity
            Not Before: Dec 20 04:25:03 2022 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63a1391f-e32d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a6:68:42:37:3b:ed:d9:b2:a8:2f:20:21:73:
                    01:83:b0:6f:c1:26:e1:7e:e6:ad:c7:b7:40:09:55:
                    0f:0c:73:c1:8e:b9:f3:da:34:bb:eb:fc:dc:61:b8:
                    7c:6c:58:2b:2d:cd:5a:eb:7c:ce:16:b1:56:ac:c4:
                    aa:f4:c8:5b:c2:9c:36:dc:37:5f:bd:f3:9e:ec:ef:
                    5d:e6:13:c7:4c:f3:00:31:a2:7b:70:4b:35:d4:60:
                    96:30:f5:2d:34:bd:ec:4e:18:46:17:8c:b5:eb:4a:
                    e3:86:3b:f4:92:14:08:b1:cb:f5:3d:b1:22:21:e9:
                    7f:8b:37:c1:44:81:a8:58:d4:0e:ae:cc:c3:e3:47:
                    4d:fd:5d:61:3e:d0:db:c8:02:c5:84:1f:97:be:98:
                    e8:78:0b:f8:53:74:3a:c5:23:c7:16:5d:8c:ac:44:
                    6b:e7:52:52:ca:8d:63:62:17:24:3d:0b:bc:02:19:
                    93:c3:66:06:b4:57:d6:07:3d:1c:14:92:f7:8e:03:
                    87:8b:b3:94:4b:96:e5:57:9a:e2:e1:58:b0:d9:34:
                    ae:b3:3e:3a:fd:b3:a5:3d:1e:0f:94:12:ac:f4:ae:
                    50:9c:ab:54:36:bc:5e:95:39:da:d9:0a:c8:57:5f:
                    c8:72:fa:14:42:94:f7:3e:22:de:68:21:da:84:06:
                    2c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:5E:14:AB:59:F8:02:52:46:F4:D9:02:1A:CC:81:9B:77:EC:C0:EB
            X509v3 Authority Key Identifier:
                keyid:69:2E:BD:3D:03:F2:58:74:6E:68:43:B6:12:8D:D2:09:C5:12:22:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/aS69PQPyWHRuaEO2Eo3SCcUSIuY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aS69PQPyWHRuaEO2Eo3SCcUSIuY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/46104428801E11ED8289C868C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.5.13.0/24
                  203.25.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:02:dd:24:29:66:52:0f:77:18:6a:aa:9b:05:b9:cb:aa:9f:
         7c:c3:32:41:3e:54:0b:d7:cd:2d:94:cd:f8:f3:73:f0:65:8d:
         43:ff:13:4d:8b:1c:33:81:7f:35:59:fd:fa:85:97:67:45:68:
         52:bf:39:cc:9c:28:02:19:f8:89:d5:97:bb:23:31:91:da:3d:
         1a:9f:60:e1:59:fd:3f:91:e7:e2:cf:ed:a7:70:30:e8:7c:95:
         0a:1d:f7:00:41:34:1f:f2:0e:44:d6:26:83:35:7c:e5:28:f1:
         69:a5:33:7e:40:94:9f:15:35:9e:b9:5c:64:ae:0a:ee:47:cd:
         a6:1c:33:96:dd:02:ab:00:63:1f:5e:49:01:42:b6:ab:4a:35:
         12:29:6d:f7:50:b1:a5:bb:08:20:7d:4b:c9:c4:4a:3c:07:53:
         b5:1a:ad:78:35:9b:6a:4c:11:c6:2a:cd:cd:bd:84:76:31:2f:
         7b:c5:2e:26:07:c9:7f:8e:e7:b2:41:fd:00:6c:46:22:25:1d:
         c6:82:16:c4:aa:58:fd:dd:ce:43:12:b9:4c:17:a5:fa:bc:f6:
         03:8d:05:00:48:df:f2:94:d1:2a:2c:a4:9a:de:c3:ec:a1:44:
         b8:60:b4:84:20:41:2c:34:47:f5:b7:64:75:e8:fc:44:cc:20:
         e1:a8:9b:13
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QkVEMDExMC8GA1UEBRMoNjkyRUJEM0QwM0YyNTg3NDZFNjg0M0I2MTI4REQyMDlD
NTEyMjJFNjAeFw0yMjEyMjAwNDI1MDNaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYTEzOTFmLWUzMmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDpmhCNzvt2bKoLyAhcwGDsG/BJuF+5q3Ht0AJVQ8Mc8GOufPaNLvr/NxhuHxs
WCstzVrrfM4WsVasxKr0yFvCnDbcN1+9857s713mE8dM8wAxontwSzXUYJYw9S00
vexOGEYXjLXrSuOGO/SSFAixy/U9sSIh6X+LN8FEgahY1A6uzMPjR039XWE+0NvI
AsWEH5e+mOh4C/hTdDrFI8cWXYysRGvnUlLKjWNiFyQ9C7wCGZPDZga0V9YHPRwU
kveOA4eLs5RLluVXmuLhWLDZNK6zPjr9s6U9Hg+UEqz0rlCcq1Q2vF6VOdrZCshX
X8hy+hRClPc+It5oIdqEBiyJAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUa14Uq1n4
AlJG9NkCGsyBm3fswOswHwYDVR0jBBgwFoAUaS69PQPyWHRuaEO2Eo3SCcUSIuYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCRUQwL0REQjU4OUEwODAx
OTExRURCQkJFMzA2RUM0RjlBRTAyL2FTNjlQUVB5V0hSdWFFTzJFbzNTQ2NVU0l1
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYVM2OVBRUHlXSFJ1YUVPMkVvM1NDY1VTSXVZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QkVEMC9EREI1ODlBMDgwMTkxMUVEQkJCRTMwNkVDNEY5QUUwMi80NjEwNDQyODgw
MUUxMUVEODI4OUM4NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMsFDQMEAMsZhjANBgkqhkiG9w0BAQsFAAOCAQEAWQLdJClm
Ug93GGqqmwW5y6qffMMyQT5UC9fNLZTN+PNz8GWNQ/8TTYscM4F/NVn9+oWXZ0Vo
Ur85zJwoAhn4idWXuyMxkdo9Gp9g4Vn9P5Hn4s/tp3Aw6HyVCh33AEE0H/IORNYm
gzV85SjxaaUzfkCUnxU1nrlcZK4K7kfNphwzlt0CqwBjH15JAUK2q0o1Eilt91Cx
pbsIIH1LycRKPAdTtRqteDWbakwRxirNzb2EdjEve8UuJgfJf47nskH9AGxGIiUd
xoIWxKpY/d3OQxK5TBel+rz2A40FAEjf8pTRKiykmt7D7KFEuGC0hCBBLDRH9bdk
dej8RMwg4aibEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org