Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/35189B269CC811E9912AEF85C4F9AE02.roa
File:                     35189B269CC811E9912AEF85C4F9AE02.roa (raw, json)
Hash identifier:          lEZmO6dczt5bEK3iSm0BKaIwwPFf5ItGhMiJ+j5nnoo=
Subject key identifier:   67:36:F4:ED:AD:2E:71:22:67:46:94:C7:AE:54:24:B4:54:9B:EB:FB
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0DDA
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/35189B269CC811E9912AEF85C4F9AE02.roa
Signing time:             Wed 03 Aug 2022 19:05:39 +0000
ROA not before:           Wed 03 Aug 2022 19:05:39 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     139216
IP address blocks:        2404:f4c0:f100::/43 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3546 (0xdda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  3 19:05:39 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62eac703-2902
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ea:05:e3:37:96:da:5d:b6:11:79:8e:1f:b7:
                    b0:88:0d:26:c2:fc:e6:40:28:65:79:98:f4:77:4a:
                    14:36:fd:a4:cd:d5:9e:33:fd:50:27:74:1e:2d:db:
                    9c:d8:92:06:2a:38:eb:e1:ab:fa:6a:30:42:d3:e4:
                    48:8c:69:17:9c:9d:e4:69:25:31:10:71:c5:d7:93:
                    c9:ba:f0:0f:9a:73:88:31:b3:07:b7:9b:0a:cf:59:
                    6f:12:6f:43:0b:f8:c4:2d:ed:5c:51:cc:45:e4:91:
                    2c:08:4a:43:25:dd:e5:f4:5b:0a:1a:bc:1e:bb:69:
                    4f:a0:c4:42:93:75:47:90:c2:ad:1e:fb:18:3e:51:
                    05:ae:f0:10:cc:65:62:c6:5b:dd:70:be:4d:ec:e3:
                    d6:a3:cb:7f:81:a5:e2:0e:ae:58:2a:26:e4:52:fb:
                    6e:cf:0d:77:43:01:f6:9a:a6:f2:00:81:14:cc:f9:
                    6a:84:02:fa:ee:ca:28:68:95:ca:b5:c7:0b:8f:f9:
                    3f:13:fa:ed:e8:41:a8:3c:e2:f6:b2:2a:6a:9d:e6:
                    73:b0:1d:e6:d5:43:4d:44:6f:25:a1:65:b9:ed:e3:
                    ff:ca:63:81:d6:56:55:be:04:0e:2c:bb:8b:72:85:
                    14:9f:21:f5:f0:91:3c:a9:3d:60:1a:f9:f7:e6:02:
                    18:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:36:F4:ED:AD:2E:71:22:67:46:94:C7:AE:54:24:B4:54:9B:EB:FB
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/35189B269CC811E9912AEF85C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0:f100::/43

    Signature Algorithm: sha256WithRSAEncryption
         1b:7c:24:cc:00:4d:b1:b6:34:da:42:50:36:01:6c:c6:8e:7f:
         d6:84:5d:23:6a:c4:8d:60:65:ac:16:6d:27:46:04:61:eb:72:
         5b:95:b9:d7:e8:9d:e7:22:3c:70:13:2f:ff:bc:5f:1e:59:72:
         d9:82:da:e1:19:de:1a:23:91:90:9f:ad:ad:67:55:6f:b9:23:
         98:c8:7c:fc:36:46:0d:cb:d4:f3:6d:36:50:a3:ad:e8:b3:71:
         da:e2:16:16:c2:6b:c8:a3:ac:cc:ef:0b:93:9e:86:ed:24:21:
         11:68:bb:fc:ec:71:b7:98:f6:da:6a:6c:f4:96:66:6f:dc:0c:
         71:c1:32:72:75:37:d3:e8:9c:e3:1c:3d:d4:48:6d:c6:04:3f:
         d3:76:e4:92:1a:d9:12:3b:0e:b1:f9:26:0f:4e:9a:12:ab:b6:
         c2:af:b5:d7:3a:ac:5e:ff:ee:b4:fb:49:62:ab:45:15:cb:8e:
         32:50:78:f2:2b:d5:17:ed:52:b6:26:25:ce:98:1e:98:b3:d6:
         ef:0a:e1:89:aa:30:64:18:6b:9d:62:46:c0:9a:0d:55:ad:c6:
         4d:b6:0e:75:e0:9c:89:06:45:62:22:fa:82:60:7d:e9:e9:bb:
         27:b0:6a:aa:09:4f:32:02:7a:a6:3a:0c:ab:e5:6a:72:45:ff:
         26:bd:8e:40
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNTM5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcwMy0yOTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+oF4zeW2l22EXmOH7ewiA0mwvzmQChleZj0d0oUNv2kzdWeM/1QJ3QeLduc
2JIGKjjr4av6ajBC0+RIjGkXnJ3kaSUxEHHF15PJuvAPmnOIMbMHt5sKz1lvEm9D
C/jELe1cUcxF5JEsCEpDJd3l9FsKGrweu2lPoMRCk3VHkMKtHvsYPlEFrvAQzGVi
xlvdcL5N7OPWo8t/gaXiDq5YKibkUvtuzw13QwH2mqbyAIEUzPlqhAL67sooaJXK
tccLj/k/E/rt6EGoPOL2sipqneZzsB3m1UNNRG8loWW57eP/ymOB1lZVvgQOLLuL
coUUnyH18JE8qT1gGvn35gIYEQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGc29O2t
LnEiZ0aUx65UJLRUm+v7MB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvMzUxODlCMjY5
Q0M4MTFFOTkxMkFFRjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwUkBPTA8QAwDQYJKoZIhvcNAQELBQADggEBABt8JMwATbG2
NNpCUDYBbMaOf9aEXSNqxI1gZawWbSdGBGHrcluVudfoneciPHATL/+8Xx5ZctmC
2uEZ3hojkZCfra1nVW+5I5jIfPw2Rg3L1PNtNlCjreizcdriFhbCa8ijrMzvC5Oe
hu0kIRFou/zscbeY9tpqbPSWZm/cDHHBMnJ1N9PonOMcPdRIbcYEP9N25JIa2RI7
DrH5Jg9OmhKrtsKvtdc6rF7/7rT7SWKrRRXLjjJQePIr1RftUrYmJc6YHpiz1u8K
4YmqMGQYa51iRsCaDVWtxk22DnXgnIkGRWIi+oJgfenpuyewaqoJTzICeqY6DKvl
anJF/ya9jkA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org