Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/F65E5C4C98D811E98EFDEB20C4F9AE02.roa
File:                     F65E5C4C98D811E98EFDEB20C4F9AE02.roa (raw, json)
Hash identifier:          4wJ5F+a+HqQg34Fu0ALhsOcrUs8vn7j/8FOaVZn6kOA=
Subject key identifier:   B2:2D:C3:FF:BB:5C:89:1F:45:69:28:91:9D:D5:DE:4E:C2:0E:88:78
Certificate issuer:       /CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
Certificate serial:       0DDC
Authority key identifier: 36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/F65E5C4C98D811E98EFDEB20C4F9AE02.roa
Signing time:             Wed 03 Aug 2022 19:05:42 +0000
ROA not before:           Wed 03 Aug 2022 19:05:42 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     139249
IP address blocks:        2404:f4c0:fe00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3548 (0xddc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91803DB/serialNumber=36ED8B675EA7238085AFA06C093E54A9D3FD7B60
        Validity
            Not Before: Aug  3 19:05:42 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62eac706-0d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:03:12:bb:dc:da:dd:7c:55:eb:48:56:fc:aa:
                    f8:77:03:56:91:15:26:49:75:27:5f:a2:ca:7f:c8:
                    92:c5:b8:b4:82:28:13:00:8e:64:7b:fc:9c:49:ab:
                    30:ad:c6:17:9c:cd:50:a0:ac:fd:f1:8f:14:a8:3c:
                    27:c9:70:b4:bf:7e:16:9a:e4:3c:88:d6:be:34:dc:
                    0f:7a:05:bd:28:68:76:6e:26:b8:3a:f4:62:c6:27:
                    b4:46:a2:b5:a2:88:01:f3:28:87:74:1f:2e:0b:56:
                    0d:90:58:29:34:55:d6:6d:d4:58:e0:6d:01:86:91:
                    46:7d:4a:26:e8:6c:1b:18:21:b7:28:e3:ef:46:cc:
                    78:f1:61:3a:de:8f:a8:84:5a:84:c4:d9:dc:87:5a:
                    53:6f:dc:be:a2:ab:d8:af:37:c5:9f:12:fd:0f:5a:
                    27:78:50:bc:58:88:2a:07:fe:87:30:77:1c:84:cb:
                    51:a3:60:76:42:14:2b:b2:1c:de:25:71:d0:ca:9c:
                    13:bd:46:23:1d:b8:ec:eb:d4:c9:af:60:a8:2c:45:
                    97:cc:86:b9:b5:67:bc:0a:8b:23:8f:46:94:2b:0b:
                    9b:9a:22:dc:ef:99:d8:49:94:2b:cb:d3:eb:de:72:
                    83:ac:7b:49:24:7f:3f:b5:53:85:c6:8f:a8:fb:6a:
                    9e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:2D:C3:FF:BB:5C:89:1F:45:69:28:91:9D:D5:DE:4E:C2:0E:88:78
            X509v3 Authority Key Identifier:
                keyid:36:ED:8B:67:5E:A7:23:80:85:AF:A0:6C:09:3E:54:A9:D3:FD:7B:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu2LZ16nI4CFr6BsCT5UqdP9e2A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91803DB/0DC35D3E8DD411E9BFE2C556C4F9AE02/F65E5C4C98D811E98EFDEB20C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f4c0:fe00::/40

    Signature Algorithm: sha256WithRSAEncryption
         b4:20:9d:d5:75:70:ec:d3:a4:fb:1a:b6:1b:3e:dc:61:9a:a3:
         6b:26:c6:78:60:64:b5:52:77:0d:33:70:88:01:40:5a:27:ba:
         83:de:a4:4a:db:f0:02:64:02:c6:b3:b6:43:fe:0f:bf:cc:42:
         69:72:a3:c2:bd:cd:1a:f6:df:55:9e:4e:98:66:c8:1d:69:0c:
         c8:f3:e2:0c:b3:63:f8:e8:b8:7f:29:e6:2a:ba:58:78:77:d7:
         08:3a:6f:3c:3c:24:3b:38:b0:cc:46:99:d0:e6:1f:c0:df:02:
         39:4d:3c:76:ca:9c:64:40:76:f7:64:fd:f7:aa:3e:ec:44:22:
         13:17:a0:14:c1:be:07:20:4b:25:e8:a3:a7:9c:40:b2:94:93:
         15:d2:b9:6a:9f:6c:10:33:44:e7:13:79:ad:52:40:c6:8b:7d:
         e1:a0:54:54:7d:42:70:0f:ba:46:36:ad:1b:c5:11:65:b8:28:
         7e:95:02:3b:8b:78:03:3a:c2:e8:42:3b:5b:7b:5a:b7:50:23:
         f4:fa:1a:0d:e1:52:6a:e9:dc:f6:ad:a0:01:34:c1:39:85:39:
         df:e7:96:8a:2f:6a:e4:f5:1f:85:6f:5c:b6:42:f8:9d:9f:34:
         67:68:d2:f8:c1:d4:89:38:47:af:ea:66:fc:ef:ae:f8:40:da:
         80:e3:21:37
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICDdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzREIxMTAvBgNVBAUTKDM2RUQ4QjY3NUVBNzIzODA4NUFGQTA2QzA5M0U1NEE5
RDNGRDdCNjAwHhcNMjIwODAzMTkwNTQyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhYzcwNi0wZDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAMSu9za3XxV60hW/Kr4dwNWkRUmSXUnX6LKf8iSxbi0gigTAI5ke/ycSasw
rcYXnM1QoKz98Y8UqDwnyXC0v34WmuQ8iNa+NNwPegW9KGh2bia4OvRixie0RqK1
oogB8yiHdB8uC1YNkFgpNFXWbdRY4G0BhpFGfUom6GwbGCG3KOPvRsx48WE63o+o
hFqExNnch1pTb9y+oqvYrzfFnxL9D1oneFC8WIgqB/6HMHcchMtRo2B2QhQrshze
JXHQypwTvUYjHbjs69TJr2CoLEWXzIa5tWe8Cosjj0aUKwubmiLc75nYSZQry9Pr
3nKDrHtJJH8/tVOFxo+o+2qerQIDAQABo4IClzCCApMwHQYDVR0OBBYEFLItw/+7
XIkfRWkokZ3V3k7CDoh4MB8GA1UdIwQYMBaAFDbti2depyOAha+gbAk+VKnT/Xtg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDNEQi8wREMzNUQzRThE
RDQxMUU5QkZFMkM1NTZDNEY5QUUwMi9OdTJMWjE2bkk0Q0ZyNkJzQ1Q1VXFkUDll
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL051MkxaMTZuSTRDRnI2QnNDVDVVcWRQOWUyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzREIvMERDMzVEM0U4REQ0MTFFOUJGRTJDNTU2QzRGOUFFMDIvRjY1RTVDNEM5
OEQ4MTFFOThFRkRFQjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkBPTA/jANBgkqhkiG9w0BAQsFAAOCAQEAtCCd1XVw7NOk
+xq2Gz7cYZqjaybGeGBktVJ3DTNwiAFAWie6g96kStvwAmQCxrO2Q/4Pv8xCaXKj
wr3NGvbfVZ5OmGbIHWkMyPPiDLNj+Oi4fynmKrpYeHfXCDpvPDwkOziwzEaZ0OYf
wN8COU08dsqcZEB292T996o+7EQiExegFMG+ByBLJeijp5xAspSTFdK5ap9sEDNE
5xN5rVJAxot94aBUVH1CcA+6RjatG8URZbgofpUCO4t4AzrC6EI7W3tat1Aj9Poa
DeFSaunc9q2gATTBOYU53+eWii9q5PUfhW9ctkL4nZ80Z2jS+MHUiThHr+pm/O+u
+EDagOMhNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org