Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D1D3D4D2CB4111EA896E9A46C4F9AE02.roa
File:                     D1D3D4D2CB4111EA896E9A46C4F9AE02.roa (raw, json)
Hash identifier:          XJ3b5IF+TTQoC0kX3Wjn9AulOpfXWgiBUl7HXEt4kE4=
Subject key identifier:   58:A7:EF:A5:4F:F6:10:85:5B:EB:CE:EB:8E:12:05:1D:DD:9D:0E:AA
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0DD6
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D1D3D4D2CB4111EA896E9A46C4F9AE02.roa
Signing time:             Wed 03 Aug 2022 19:05:35 +0000
ROA not before:           Wed 03 Aug 2022 19:05:35 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     138365
IP address blocks:        2404:f4c0:fa40::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3542 (0xdd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  3 19:05:35 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62eac6ff-7e6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3c:d6:ea:38:77:11:09:36:40:1b:11:be:29:
                    d4:c6:a4:19:6f:c6:99:1e:87:ff:41:93:39:7d:79:
                    ff:ed:89:e4:ec:ff:f5:f3:95:09:25:90:c2:cb:5d:
                    67:53:01:b3:06:eb:ee:ec:40:2e:71:e1:4f:ed:43:
                    bf:da:a0:c2:aa:a8:6c:ef:93:32:ab:1d:f8:21:a1:
                    36:a0:07:17:47:7c:1e:de:f9:d3:f4:91:13:2c:56:
                    7f:89:c1:dd:ae:a8:2d:37:33:52:6e:02:c9:e5:b9:
                    15:a3:d5:f0:08:af:08:ec:47:27:c2:dd:42:bc:69:
                    2c:3d:a0:ba:a9:d6:b7:78:65:e1:fa:d3:e3:47:ed:
                    41:05:b1:03:8a:e8:6e:17:ef:d0:91:b0:9b:7f:f7:
                    4d:73:ba:b9:5e:65:33:4e:9c:c6:4e:56:48:4a:86:
                    5a:35:f9:35:e7:78:68:60:ed:a5:29:80:53:ed:ae:
                    d7:a8:e8:d0:5f:52:8a:e1:51:ee:c5:16:d3:24:63:
                    24:ba:07:d1:b6:f1:7d:73:ea:be:49:6d:1a:d0:f1:
                    82:eb:68:e9:57:86:b9:ea:0d:aa:ce:c1:5f:24:89:
                    1a:df:6c:96:18:02:10:89:8f:da:31:e4:9b:6c:b1:
                    e0:ec:a8:c8:96:85:71:2f:18:28:5e:68:16:a3:b7:
                    ed:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A7:EF:A5:4F:F6:10:85:5B:EB:CE:EB:8E:12:05:1D:DD:9D:0E:AA
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/D1D3D4D2CB4111EA896E9A46C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0:fa40::/44

    Signature Algorithm: sha256WithRSAEncryption
         5b:a9:8b:8f:d5:24:b2:e3:61:09:a5:fd:c4:55:52:33:fc:08:
         2b:99:46:3c:ba:fe:48:73:b7:21:58:2a:a0:62:76:52:46:ac:
         0c:88:41:20:4b:d0:36:1a:63:9a:c4:6c:68:e2:ee:31:31:70:
         53:e4:c6:90:cd:1a:6b:1a:02:30:d0:8b:f3:64:5f:0e:f6:a8:
         0c:4d:81:0d:4b:e3:5b:bf:7d:85:8c:c7:44:55:b3:78:16:8e:
         6a:26:7a:e8:5d:93:2b:ae:27:a3:08:8c:6a:60:49:04:28:71:
         a0:93:45:bc:f6:28:0a:2a:21:10:83:67:47:21:43:33:68:6e:
         22:b2:1f:5a:3e:4f:72:04:dd:ab:0d:27:45:f4:50:e1:c0:7a:
         0b:18:f0:43:f3:12:4f:4e:58:70:43:6b:b7:35:df:79:10:f3:
         8c:f6:f8:8f:ae:10:e2:4d:43:5c:af:54:b3:5a:25:4d:ae:83:
         66:63:b2:dd:26:86:e1:b6:24:be:da:63:e3:55:c7:2d:64:b0:
         30:cc:d1:c1:ac:78:8c:04:59:b9:bc:96:ec:c5:77:b0:a4:aa:
         c3:19:0c:67:f5:ad:dd:e8:91:c1:9a:43:64:f0:4d:6c:95:3b:
         b8:1b:71:33:94:db:b6:ca:4e:a6:35:26:a1:c5:75:1a:80:4b:
         a2:09:3d:be
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNTM1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzZmZi03ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApTzW6jh3EQk2QBsRvinUxqQZb8aZHof/QZM5fXn/7Ynk7P/185UJJZDCy11n
UwGzBuvu7EAuceFP7UO/2qDCqqhs75Myqx34IaE2oAcXR3we3vnT9JETLFZ/icHd
rqgtNzNSbgLJ5bkVo9XwCK8I7Ecnwt1CvGksPaC6qda3eGXh+tPjR+1BBbEDiuhu
F+/QkbCbf/dNc7q5XmUzTpzGTlZISoZaNfk153hoYO2lKYBT7a7XqOjQX1KK4VHu
xRbTJGMkugfRtvF9c+q+SW0a0PGC62jpV4a56g2qzsFfJIka32yWGAIQiY/aMeSb
bLHg7KjIloVxLxgoXmgWo7ftkwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFin76VP
9hCFW+vO644SBR3dnQ6qMB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvRDFEM0Q0RDJD
QjQxMTFFQTg5NkU5QTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBPTA+kAwDQYJKoZIhvcNAQELBQADggEBAFupi4/VJLLj
YQml/cRVUjP8CCuZRjy6/khztyFYKqBidlJGrAyIQSBL0DYaY5rEbGji7jExcFPk
xpDNGmsaAjDQi/NkXw72qAxNgQ1L41u/fYWMx0RVs3gWjmomeuhdkyuuJ6MIjGpg
SQQocaCTRbz2KAoqIRCDZ0chQzNobiKyH1o+T3IE3asNJ0X0UOHAegsY8EPzEk9O
WHBDa7c133kQ84z2+I+uEOJNQ1yvVLNaJU2ug2Zjst0mhuG2JL7aY+NVxy1ksDDM
0cGseIwEWbm8luzFd7CkqsMZDGf1rd3okcGaQ2TwTWyVO7gbcTOU27bKTqY1JqHF
dRqAS6IJPb4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org