Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/421255608DD711E997186D5EC4F9AE02.roa
File:                     421255608DD711E997186D5EC4F9AE02.roa (raw, json)
Hash identifier:          HKgCn46vvyxMLPfDDmj6SWvZOdheuKE+vti5RUE+jZk=
Subject key identifier:   30:B2:19:A6:10:87:20:F2:55:E8:0D:AA:2C:48:C2:7E:26:4D:A0:8E
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0A89
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/421255608DD711E997186D5EC4F9AE02.roa
Signing time:             Sun 08 Aug 2021 07:15:08 +0000
ROA not before:           Sun 08 Aug 2021 07:15:08 +0000
ROA not after:            Fri 30 Sep 2022 00:00:00 +0000
asID:                     139226
IP address blocks:        2404:f4c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2697 (0xa89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  8 07:15:08 2021 GMT
            Not After : Sep 30 00:00:00 2022 GMT
        Subject: CN=610f847c-9509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:63:68:1d:eb:a0:74:4d:46:b6:1a:8d:8a:40:
                    7a:e1:aa:eb:c3:97:36:f3:aa:a9:6f:14:f2:56:80:
                    2f:cb:15:d7:d5:68:3d:27:d2:58:3c:31:d9:da:ea:
                    72:1d:aa:18:e2:62:e1:3a:e0:a5:59:23:eb:c8:da:
                    a3:b3:ff:52:f0:e1:7c:d7:42:72:26:40:45:f4:42:
                    9e:12:43:7a:73:e3:da:6d:1b:3a:2f:11:a9:dc:e7:
                    4d:22:25:7a:a2:04:bf:15:eb:12:48:af:2e:0e:b8:
                    b4:97:6a:ca:7a:fb:64:01:be:3a:29:9f:40:ac:18:
                    9a:2f:08:ad:ce:c6:2d:e5:43:b5:ba:71:3c:2b:66:
                    db:1f:1e:9e:d8:f5:52:10:7d:09:e5:9d:d9:0f:e6:
                    a7:8e:8b:a1:1a:59:c5:d6:29:b1:92:ad:57:d6:77:
                    d4:11:e0:67:52:36:6e:25:f3:50:3b:a6:4b:42:46:
                    60:df:9d:2c:78:34:11:a4:99:36:bd:24:d0:39:4a:
                    4e:9d:a1:ea:23:c2:73:79:da:ce:1e:74:f4:73:38:
                    45:b4:19:f1:8a:ee:f3:bc:c9:cc:1e:37:dd:41:23:
                    e7:f2:79:ca:c0:37:96:c7:97:53:8f:90:59:ee:e6:
                    03:c1:57:82:eb:42:81:c9:97:ee:5c:09:c0:ca:f7:
                    b7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B2:19:A6:10:87:20:F2:55:E8:0D:AA:2C:48:C2:7E:26:4D:A0:8E
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/421255608DD711E997186D5EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:98:81:23:a5:4c:5a:b5:77:2f:a9:32:2a:ae:bf:b4:36:08:
         75:26:f2:f1:c1:9a:59:7f:e1:f7:f0:31:e8:bd:26:1f:3f:e6:
         40:4b:b7:e7:45:00:e3:5e:35:7d:e9:c4:68:f6:52:a1:81:c8:
         de:3d:82:8d:24:2b:60:24:fd:8b:57:08:df:10:3e:6c:c0:19:
         40:0f:ab:8d:e9:ca:77:14:20:61:15:e2:a1:8d:7f:d5:5d:d1:
         13:88:03:fe:1e:b5:a4:87:29:fb:d6:83:09:ba:76:b8:6c:3a:
         e3:b6:00:c0:db:13:45:1f:5c:46:13:f1:66:76:5a:c0:37:3c:
         a8:6f:a6:10:5f:8e:2f:71:46:85:82:98:29:86:db:05:d5:c3:
         ec:83:d4:01:16:31:e4:9b:2c:ee:40:13:ac:e2:05:21:6f:c2:
         73:7b:8e:59:d0:45:54:d5:ca:a8:8b:92:7e:0b:e7:25:62:b8:
         ab:cf:cb:a9:7b:2c:4e:b0:1e:a7:eb:75:10:cf:d1:0a:22:7a:
         3c:2f:db:c5:0b:db:37:25:ce:12:e7:60:72:ec:1f:b0:f6:84:
         fa:52:09:20:bc:42:a4:8a:67:6e:7f:45:a4:ae:94:ae:c4:ae:
         61:ac:3c:b0:dc:4f:9a:c0:43:90:b0:50:17:c1:71:47:bf:d8:
         db:65:12:a8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjEwODA4MDcxNTA4WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTBmODQ3Yy05NTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA62NoHeugdE1GthqNikB64arrw5c286qpbxTyVoAvyxXX1Wg9J9JYPDHZ2upy
HaoY4mLhOuClWSPryNqjs/9S8OF810JyJkBF9EKeEkN6c+PabRs6LxGp3OdNIiV6
ogS/FesSSK8uDri0l2rKevtkAb46KZ9ArBiaLwitzsYt5UO1unE8K2bbHx6e2PVS
EH0J5Z3ZD+anjouhGlnF1imxkq1X1nfUEeBnUjZuJfNQO6ZLQkZg350seDQRpJk2
vSTQOUpOnaHqI8JzedrOHnT0czhFtBnxiu7zvMnMHjfdQSPn8nnKwDeWx5dTj5BZ
7uYDwVeC60KByZfuXAnAyve32wIDAQABo4ICljCCApIwHQYDVR0OBBYEFDCyGaYQ
hyDyVegNqixIwn4mTaCOMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvNDIxMjU1NjA4
REQ3MTFFOTk3MTg2RDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBPTAMA0GCSqGSIb3DQEBCwUAA4IBAQBTmIEjpUxatXcv
qTIqrr+0Ngh1JvLxwZpZf+H38DHovSYfP+ZAS7fnRQDjXjV96cRo9lKhgcjePYKN
JCtgJP2LVwjfED5swBlAD6uN6cp3FCBhFeKhjX/VXdETiAP+HrWkhyn71oMJuna4
bDrjtgDA2xNFH1xGE/FmdlrANzyob6YQX44vcUaFgpgphtsF1cPsg9QBFjHkmyzu
QBOs4gUhb8Jze45Z0EVU1cqoi5J+C+clYrirz8upeyxOsB6n63UQz9EKIno8L9vF
C9s3Jc4S52By7B+w9oT6UgkgvEKkimduf0WkrpSuxK5hrDyw3E+awEOQsFAXwXFH
v9jbZRKo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org