Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/58F200AC8FE711E9AA978562C4F9AE02.roa
File:                     58F200AC8FE711E9AA978562C4F9AE02.roa (raw, json)
Hash identifier:          JSeAP5eMvY0Bxn7wTKS2E8TaKuu3E7hg/SkfPZUllow=
Subject key identifier:   0B:51:76:C3:84:CD:5F:54:30:7C:16:11:61:C0:F5:0A:1B:B6:98:22
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0E03
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/58F200AC8FE711E9AA978562C4F9AE02.roa
Signing time:             Wed 03 Aug 2022 19:06:24 +0000
ROA not before:           Wed 03 Aug 2022 19:06:24 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     48301
IP address blocks:        2404:f4c0:f800::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3587 (0xe03)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  3 19:06:24 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62eac72f-9bdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:0c:25:90:3c:59:87:79:2a:d3:0f:e5:a8:fc:
                    c2:59:0b:50:ee:63:8f:1c:45:aa:c6:09:e0:70:db:
                    ad:60:65:b6:ce:a1:90:de:3d:2f:ea:67:9e:42:08:
                    3d:5a:43:e8:89:9b:77:65:84:4b:65:72:22:ff:1f:
                    f1:d9:c0:71:fa:3c:44:fa:79:5c:c3:b0:45:b2:4b:
                    2a:0e:94:06:46:4d:31:de:a0:e4:74:fe:23:cc:76:
                    57:e4:26:31:9e:20:15:22:31:97:71:48:c2:ea:3e:
                    86:48:8a:39:c6:54:30:72:08:41:59:01:fa:aa:32:
                    fe:0c:e0:bd:ce:0f:f1:a4:17:66:f0:92:ec:7c:76:
                    75:45:a9:28:66:17:fd:4a:3b:5f:51:4c:34:69:fa:
                    cc:f5:a8:36:03:df:f1:25:8c:3d:63:4d:e5:32:42:
                    2a:3b:cf:9f:df:36:13:9b:aa:20:d8:6b:aa:04:ef:
                    ab:de:c5:66:b8:12:f6:fa:f2:c7:44:2b:38:a5:b8:
                    c4:b4:61:da:bd:ef:d1:4a:cf:29:21:85:03:8e:87:
                    ee:72:26:2f:0f:e4:4c:06:ae:2d:43:b6:97:f5:1f:
                    01:ec:b5:3c:4f:4e:b2:42:64:21:85:bb:95:8b:18:
                    a9:76:94:99:97:66:bf:88:32:31:c4:3f:cc:11:3b:
                    ed:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:51:76:C3:84:CD:5F:54:30:7C:16:11:61:C0:F5:0A:1B:B6:98:22
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/58F200AC8FE711E9AA978562C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0:f800::/44

    Signature Algorithm: sha256WithRSAEncryption
         c3:98:7c:6e:e9:35:56:08:0e:59:eb:d4:2f:81:6f:4b:78:e7:
         b2:07:1d:a3:2d:c2:92:2a:97:6e:02:b6:8c:8c:04:ae:fd:4c:
         70:31:56:01:45:61:54:d1:4b:3f:56:04:cc:a0:57:48:05:35:
         ae:48:1c:35:6d:cb:ae:d8:70:2e:c6:ed:88:21:6f:3f:ac:ce:
         f7:ea:6e:21:04:16:35:5c:62:44:59:85:1b:17:6c:82:e0:8e:
         d9:43:b5:a9:e5:91:8f:64:0c:db:d2:36:6f:66:1c:16:9a:a8:
         4b:a6:83:57:be:5d:93:42:84:15:df:43:dc:38:b9:8f:c5:52:
         3f:7c:dd:74:ed:80:65:c4:94:0a:32:aa:b1:c4:89:bf:e5:ba:
         e6:f6:39:f7:17:2c:30:5f:32:b8:34:69:9c:cc:11:4a:fd:09:
         e9:69:4a:e1:69:db:69:8c:20:96:76:4a:b7:5c:5f:6e:da:ea:
         cb:b8:b3:c1:89:85:80:88:f8:fb:dd:5f:d5:4a:89:dd:a2:da:
         e0:b1:76:92:a4:8d:b2:fa:60:10:b3:1e:53:4a:e4:db:64:e2:
         8f:0f:6f:b1:92:34:d3:77:47:c4:b7:b4:5c:cd:be:15:23:35:
         8c:75:0b:6d:5b:57:cb:0f:8e:38:83:57:02:ac:d0:67:18:3b:
         32:3c:f6:52
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNjI0WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcyZi05YmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1wwlkDxZh3kq0w/lqPzCWQtQ7mOPHEWqxgngcNutYGW2zqGQ3j0v6meeQgg9
WkPoiZt3ZYRLZXIi/x/x2cBx+jxE+nlcw7BFsksqDpQGRk0x3qDkdP4jzHZX5CYx
niAVIjGXcUjC6j6GSIo5xlQwcghBWQH6qjL+DOC9zg/xpBdm8JLsfHZ1RakoZhf9
SjtfUUw0afrM9ag2A9/xJYw9Y03lMkIqO8+f3zYTm6og2GuqBO+r3sVmuBL2+vLH
RCs4pbjEtGHave/RSs8pIYUDjofuciYvD+RMBq4tQ7aX9R8B7LU8T06yQmQhhbuV
ixipdpSZl2a/iDIxxD/METvtBQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAtRdsOE
zV9UMHwWEWHA9QobtpgiMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvNThGMjAwQUM4
RkU3MTFFOUFBOTc4NTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBPTA+AAwDQYJKoZIhvcNAQELBQADggEBAMOYfG7pNVYI
Dlnr1C+Bb0t457IHHaMtwpIql24CtoyMBK79THAxVgFFYVTRSz9WBMygV0gFNa5I
HDVty67YcC7G7Yghbz+szvfqbiEEFjVcYkRZhRsXbILgjtlDtanlkY9kDNvSNm9m
HBaaqEumg1e+XZNChBXfQ9w4uY/FUj983XTtgGXElAoyqrHEib/luub2OfcXLDBf
Mrg0aZzMEUr9CelpSuFp22mMIJZ2SrdcX27a6su4s8GJhYCI+PvdX9VKid2i2uCx
dpKkjbL6YBCzHlNK5Ntk4o8Pb7GSNNN3R8S3tFzNvhUjNYx1C21bV8sPjjiDVwKs
0GcYOzI89lI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org