Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/62D65586A4D011ECA4728F4CC4F9AE02.roa
File:                     62D65586A4D011ECA4728F4CC4F9AE02.roa (raw, json)
Hash identifier:          Jhmeq/cYP/7WfxgkL02KTQSbT57SE+RCLOrysW+8EMA=
Subject key identifier:   56:C1:A5:1C:8C:9B:86:90:D1:E1:6D:42:D2:81:90:ED:15:8C:9C:A6
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0C8C
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/62D65586A4D011ECA4728F4CC4F9AE02.roa
Signing time:             Wed 16 Mar 2022 02:25:46 +0000
ROA not before:           Wed 16 Mar 2022 02:25:46 +0000
ROA not after:            Fri 30 Sep 2022 00:00:00 +0000
asID:                     17920
IP address blocks:        2404:f4c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3212 (0xc8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Mar 16 02:25:46 2022 GMT
            Not After : Sep 30 00:00:00 2022 GMT
        Subject: CN=62314aaa-c41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:42:24:cf:67:07:8b:78:6a:aa:0d:61:be:83:
                    c1:bb:0b:83:dc:b0:a8:76:c8:a0:4d:7e:e4:c6:a3:
                    60:97:db:96:4b:59:5f:f9:ab:08:71:d5:8f:d5:87:
                    4a:91:1b:dd:d7:e3:df:5f:17:ac:8c:5e:9f:5d:7b:
                    9b:ea:df:3d:ac:45:7c:63:30:55:60:8a:3f:2f:e2:
                    77:3e:03:60:b7:82:6c:ba:89:19:18:77:03:e6:88:
                    05:a1:25:1b:c2:b4:90:b3:20:5d:9e:1e:8d:b2:36:
                    27:78:e9:00:be:b3:61:11:1f:1e:9b:61:24:6a:59:
                    3f:05:e7:37:1b:be:96:ae:e8:8c:7b:e4:6a:d0:bd:
                    14:34:cb:b6:1e:3f:7c:b8:ae:03:ae:a2:91:e8:1e:
                    f4:7f:8e:80:f1:7f:10:f3:3c:4c:b3:7c:96:a4:47:
                    31:8c:29:02:8f:d3:57:e6:c4:b8:c5:00:87:8e:c4:
                    f1:d5:f0:fe:4f:86:fd:bf:ad:61:4c:42:3e:41:53:
                    45:38:5d:70:9d:f4:e6:d9:ff:10:65:2b:17:6c:17:
                    f9:d1:d0:2f:68:e9:12:c5:0e:95:15:74:67:29:f6:
                    40:56:c8:03:a8:23:bd:76:12:6c:7b:85:e5:cc:bd:
                    a0:fc:4e:16:a3:4b:2a:b3:93:ac:e2:08:b6:5b:22:
                    d6:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:C1:A5:1C:8C:9B:86:90:D1:E1:6D:42:D2:81:90:ED:15:8C:9C:A6
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/62D65586A4D011ECA4728F4CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:85:f3:e3:4c:4e:91:5c:66:d2:b8:80:f3:4b:05:e0:60:3d:
         71:ad:f7:39:29:2c:86:d6:1f:26:ea:1f:bd:75:db:0a:e9:f7:
         63:a7:1f:90:0b:da:fe:a0:54:6d:3a:1e:7c:ec:02:1b:13:9a:
         30:f9:72:84:74:4f:b2:64:3c:77:03:3f:cb:e9:4e:0f:e3:0b:
         cb:58:e2:65:4f:81:6a:65:af:32:b0:e8:fa:b2:e9:f8:d1:04:
         d6:b1:c2:91:dd:bb:16:18:52:83:92:fa:66:6f:be:ec:c4:bb:
         e1:e9:cf:74:04:e8:94:f9:85:01:01:3a:a9:04:d6:b9:14:c3:
         04:b9:dc:13:bb:d7:c2:41:5f:56:6a:4f:54:92:14:29:0e:b7:
         d0:03:bf:91:c6:54:81:be:a2:a5:4b:f7:92:08:23:e6:35:bf:
         9e:6b:98:23:90:d0:00:9b:c1:13:43:a7:8d:f5:41:12:43:67:
         26:4e:a3:0c:50:4f:92:a6:b5:f1:f7:d1:78:e6:df:33:48:05:
         2d:6a:b5:86:b2:95:78:09:97:3a:3a:37:80:98:e8:09:61:0e:
         9b:ca:49:27:b7:b3:15:34:32:0a:b3:50:1a:98:60:73:38:fd:
         34:da:bc:ad:6b:64:dd:41:dd:b7:1b:43:d5:5e:f5:6c:2a:43:
         7f:16:0a:0b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwMzE2MDIyNTQ2WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxNGFhYS1jNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2EIkz2cHi3hqqg1hvoPBuwuD3LCodsigTX7kxqNgl9uWS1lf+asIcdWP1YdK
kRvd1+PfXxesjF6fXXub6t89rEV8YzBVYIo/L+J3PgNgt4JsuokZGHcD5ogFoSUb
wrSQsyBdnh6NsjYneOkAvrNhER8em2Ekalk/Bec3G76WruiMe+Rq0L0UNMu2Hj98
uK4DrqKR6B70f46A8X8Q8zxMs3yWpEcxjCkCj9NX5sS4xQCHjsTx1fD+T4b9v61h
TEI+QVNFOF1wnfTm2f8QZSsXbBf50dAvaOkSxQ6VFXRnKfZAVsgDqCO9dhJse4Xl
zL2g/E4Wo0sqs5Os4gi2WyLWDwIDAQABo4ICljCCApIwHQYDVR0OBBYEFFbBpRyM
m4aQ0eFtQtKBkO0VjJymMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvNjJENjU1ODZB
NEQwMTFFQ0E0NzI4RjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBPTAMA0GCSqGSIb3DQEBCwUAA4IBAQAfhfPjTE6RXGbS
uIDzSwXgYD1xrfc5KSyG1h8m6h+9ddsK6fdjpx+QC9r+oFRtOh587AIbE5ow+XKE
dE+yZDx3Az/L6U4P4wvLWOJlT4FqZa8ysOj6sun40QTWscKR3bsWGFKDkvpmb77s
xLvh6c90BOiU+YUBATqpBNa5FMMEudwTu9fCQV9Wak9UkhQpDrfQA7+RxlSBvqKl
S/eSCCPmNb+ea5gjkNAAm8ETQ6eN9UESQ2cmTqMMUE+SprXx99F45t8zSAUtarWG
spV4CZc6OjeAmOgJYQ6bykknt7MVNDIKs1AamGBzOP002ryta2TdQd23G0PVXvVs
KkN/FgoL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org