Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/756A06D8929211ED82840B2EC4F9AE02.roa
File:                     756A06D8929211ED82840B2EC4F9AE02.roa (raw, json)
Hash identifier:          C+fLl2eQecQq4SIieVNw/GOPQZOStL9aQsqxpe/3cgI=
Subject key identifier:   0E:15:1E:4A:FC:96:C8:01:31:EA:19:6D:82:42:84:32:41:94:50:11
Certificate issuer:       /CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Certificate serial:       04FC
Authority key identifier: ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/756A06D8929211ED82840B2EC4F9AE02.roa
Signing time:             Thu 12 Jan 2023 16:02:05 +0000
ROA not before:           Thu 12 Jan 2023 16:02:05 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     35758
IP address blocks:        36.255.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1276 (0x4fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
        Validity
            Not Before: Jan 12 16:02:05 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=63c02efd-4f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:51:e3:7d:52:5e:82:74:95:52:f2:f8:f0:07:
                    07:70:8d:98:64:5c:19:ae:9b:f9:a4:0c:4b:f4:d7:
                    74:12:17:23:97:51:10:49:4a:2d:f0:ad:bb:d6:dd:
                    08:86:22:cf:c3:f5:f3:ee:74:35:b4:46:1a:7a:f2:
                    4f:e5:60:e1:15:2b:5d:8b:ff:d5:d6:dd:c2:47:a1:
                    52:fc:ed:92:3a:ba:fa:96:21:d6:af:65:1c:cc:14:
                    01:6c:b0:b6:2c:cb:ce:aa:44:77:f2:46:fe:79:4b:
                    b0:4c:91:f0:e1:6a:7c:a2:aa:98:12:ef:1d:91:7e:
                    86:40:c7:43:cd:08:5f:93:49:74:4e:8e:43:0b:85:
                    b0:0f:37:f2:b4:54:7e:27:86:8d:09:4d:1f:0f:1a:
                    96:71:18:38:4c:75:ae:07:08:7a:7e:ad:0e:ae:2f:
                    46:3c:ec:a6:a7:1e:7e:a4:d3:59:bb:34:36:00:88:
                    74:52:18:34:37:8f:29:e2:88:13:77:44:b6:5a:33:
                    ec:f5:20:39:9d:ce:dd:e1:da:77:d0:f6:d0:fd:d8:
                    e6:57:00:87:7c:29:e8:a3:59:4a:29:5b:a0:ff:a6:
                    08:5c:67:0d:ed:71:7e:f2:1d:4f:aa:7d:06:d8:78:
                    71:b8:fe:5e:12:26:5f:d8:ba:b1:e1:26:60:7f:cc:
                    0c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:15:1E:4A:FC:96:C8:01:31:EA:19:6D:82:42:84:32:41:94:50:11
            X509v3 Authority Key Identifier:
                keyid:ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7euW8EyNPtzL7rpAxCQpIqgTa1M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/756A06D8929211ED82840B2EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.255.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:28:3e:b6:85:b9:3d:6f:e1:c2:a0:5b:35:2b:37:e6:c7:55:
         8a:39:a4:d8:68:13:58:08:11:d0:98:8b:07:c7:79:ed:e2:7d:
         68:e6:e2:85:1c:55:a9:65:0d:c3:86:78:e0:a8:e7:9c:ab:e7:
         0e:d1:4f:bf:75:db:5f:f6:60:06:95:bd:e2:0a:65:7f:36:95:
         cf:50:6f:95:0c:4a:67:b5:0f:67:9a:be:6e:b7:b6:e1:b4:67:
         dc:e6:6f:18:8f:de:e5:66:2d:6b:ac:f4:97:e6:22:7f:28:a3:
         9c:eb:82:89:c5:99:40:24:0e:eb:bd:79:68:bd:ae:22:b6:93:
         ba:2c:51:2d:6c:ad:0c:c3:4e:59:ce:be:23:0d:0e:07:d8:8d:
         b1:96:cc:79:7b:d7:66:62:34:8d:54:d9:08:36:f6:c5:f3:81:
         3d:f3:27:07:ea:1a:45:dd:08:8e:22:aa:b8:dc:18:04:29:2f:
         56:2a:8d:b6:4e:41:28:7f:bc:69:74:f4:f3:1e:e3:4b:0d:c6:
         28:04:5b:91:c0:89:4a:c7:73:15:42:52:70:be:66:9a:9e:d8:
         16:6f:bf:3b:2b:6e:a5:8f:52:3a:f7:e9:0a:77:1e:d0:45:2e:
         e7:14:e3:84:18:bb:1f:94:ba:6c:ff:dd:bf:69:32:5c:a9:83:
         bf:68:da:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxRkUxMTAvBgNVBAUTKEVERUI5NkYwNEM4RDNFRENDQkVFQkE0MEM0MjQyOTIy
QTgxMzZCNTMwHhcNMjMwMTEyMTYwMjA1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MwMmVmZC00ZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvVHjfVJegnSVUvL48AcHcI2YZFwZrpv5pAxL9Nd0Ehcjl1EQSUot8K271t0I
hiLPw/Xz7nQ1tEYaevJP5WDhFStdi//V1t3CR6FS/O2SOrr6liHWr2UczBQBbLC2
LMvOqkR38kb+eUuwTJHw4Wp8oqqYEu8dkX6GQMdDzQhfk0l0To5DC4WwDzfytFR+
J4aNCU0fDxqWcRg4THWuBwh6fq0Ori9GPOympx5+pNNZuzQ2AIh0Uhg0N48p4ogT
d0S2WjPs9SA5nc7d4dp30PbQ/djmVwCHfCnoo1lKKVug/6YIXGcN7XF+8h1Pqn0G
2HhxuP5eEiZf2Lqx4SZgf8wMDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA4VHkr8
lsgBMeoZbYJChDJBlFARMB8GA1UdIwQYMBaAFO3rlvBMjT7cy+66QMQkKSKoE2tT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTFGRS8zODYyMzVGMDZG
ODgxMUVCQTg2QkY2NEFDNEY5QUUwMi83ZXVXOEV5TlB0ekw3cnBBeENRcElxZ1Rh
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdldVc4RXlOUHR6TDdycEF4Q1FwSXFnVGExTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxRkUvMzg2MjM1RjA2Rjg4MTFFQkE4NkJGNjRBQzRGOUFFMDIvNzU2QTA2RDg5
MjkyMTFFRDgyODQwQjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAk/8cwDQYJKoZIhvcNAQELBQADggEBAGEoPraFuT1v4cKg
WzUrN+bHVYo5pNhoE1gIEdCYiwfHee3ifWjm4oUcVallDcOGeOCo55yr5w7RT791
21/2YAaVveIKZX82lc9Qb5UMSme1D2eavm63tuG0Z9zmbxiP3uVmLWus9JfmIn8o
o5zrgonFmUAkDuu9eWi9riK2k7osUS1srQzDTlnOviMNDgfYjbGWzHl712ZiNI1U
2Qg29sXzgT3zJwfqGkXdCI4iqrjcGAQpL1YqjbZOQSh/vGl09PMe40sNxigEW5HA
iUrHcxVCUnC+Zpqe2BZvvzsrbqWPUjr36Qp3HtBFLucU44QYux+Uumz/3b9pMlyp
g79o2jA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org