Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/B6129876D85111E89C80CE2CC4F9AE02.roa
File:                     B6129876D85111E89C80CE2CC4F9AE02.roa (raw, json)
Hash identifier:          w5eUugNsDvEhEHCHJEkbUSe/0FzkkczH5MqFpb45HQM=
Subject key identifier:   54:64:96:15:DF:8E:37:1F:67:2F:0B:4E:88:7A:DA:CE:B5:18:62:CE
Certificate issuer:       /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
Certificate serial:       327E
Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/B6129876D85111E89C80CE2CC4F9AE02.roa
Signing time:             Thu 11 Aug 2022 02:40:27 +0000
ROA not before:           Thu 11 Aug 2022 02:40:27 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     45650
IP address blocks:        163.53.26.0/23 maxlen: 23
                          202.51.64.0/24 maxlen: 24
                          202.51.68.0/24 maxlen: 24
                          202.51.76.0/24 maxlen: 24
                          202.51.84.0/22 maxlen: 23
                          202.51.90.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12926 (0x327e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF
        Validity
            Not Before: Aug 11 02:40:27 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=62f46c1b-d681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:35:e9:f2:34:18:18:98:b7:54:42:1a:7c:07:
                    0d:09:4d:a5:c6:b6:00:82:51:8d:12:b9:d7:19:71:
                    12:40:43:dd:2e:0f:bd:b2:f9:b9:f2:b7:71:53:e7:
                    47:69:7f:bc:d2:cb:f5:45:68:b0:a4:bf:fa:3d:7f:
                    36:e1:7b:c0:6c:30:48:3d:04:36:59:e6:89:0d:d0:
                    a1:0b:99:3c:50:41:58:af:e1:1f:0e:18:21:64:0b:
                    a4:c3:d4:49:6e:bc:0c:5b:d1:43:c0:01:ab:58:9c:
                    32:63:59:20:66:b8:2d:5b:a9:3c:a7:fd:99:cb:81:
                    70:87:5f:d4:8f:a8:58:b1:54:65:f3:cb:95:68:23:
                    88:aa:6f:a8:d9:3e:48:f9:f1:53:ec:86:64:2d:b7:
                    25:77:83:e7:fd:66:f9:42:4b:c5:fd:41:60:39:d9:
                    5b:95:e4:9d:99:cf:95:83:7c:46:28:96:18:72:2e:
                    3d:e4:cc:c8:86:b0:47:4c:09:6b:ca:a1:b5:84:a8:
                    7a:0f:e0:14:0a:b2:7a:7c:dc:bd:24:d1:10:97:01:
                    57:52:c8:aa:80:31:af:f4:3c:4e:e5:d8:f9:3a:fc:
                    8f:5c:67:40:93:21:5e:0f:80:e1:b0:d6:da:6d:10:
                    c3:71:ca:5b:6f:a8:b9:83:ed:3b:a6:6f:51:46:48:
                    b2:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:64:96:15:DF:8E:37:1F:67:2F:0B:4E:88:7A:DA:CE:B5:18:62:CE
            X509v3 Authority Key Identifier:
                keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/B6129876D85111E89C80CE2CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.53.26.0/23
                  202.51.64.0/24
                  202.51.68.0/24
                  202.51.76.0/24
                  202.51.84.0/22
                  202.51.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:d6:c0:eb:d5:0c:e7:f5:cc:33:b9:71:62:85:b9:3c:e7:18:
         1c:53:f8:17:17:67:55:cb:77:ed:42:d3:04:50:6b:53:d1:18:
         71:e9:ab:9f:68:b4:dc:bf:30:32:4a:63:86:7f:9c:d0:7b:94:
         2a:07:d1:6a:51:0c:75:c3:76:5a:e8:5c:10:75:8f:75:ff:a1:
         22:3a:21:cb:c3:66:4c:c5:ba:95:3c:ed:88:2c:17:3c:1f:ea:
         a8:6b:26:c4:62:ad:2a:08:cb:db:04:00:f6:60:ce:fd:88:ac:
         70:05:9a:0c:9f:cf:e0:51:ed:b0:05:a6:51:92:fd:d6:9c:4b:
         92:ee:eb:3d:97:c5:98:f9:ce:fe:45:96:6f:8c:c2:8f:65:dd:
         4a:22:a6:c1:79:3f:76:7b:47:4b:27:36:f7:92:1e:ae:22:f6:
         d2:da:33:39:63:c1:51:3a:42:1e:04:28:65:a7:33:49:20:13:
         a1:65:ef:33:c4:c5:10:01:2b:be:d8:a4:da:a0:d5:1b:9b:b7:
         e9:e0:ce:fb:78:99:fd:14:13:6a:ec:2d:bd:e4:1f:cd:ac:0d:
         6a:dd:f0:98:1f:c4:63:b8:cf:e2:22:ac:b3:59:5a:9d:1a:64:
         57:26:c9:ab:0c:fa:a5:b8:9c:a4:65:6e:a1:f7:d7:f7:89:10:
         fd:09:ce:24
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICMn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG
MkYxN0YzRkYwHhcNMjIwODExMDI0MDI3WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY0NmMxYi1kNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5zXp8jQYGJi3VEIafAcNCU2lxrYAglGNErnXGXESQEPdLg+9svm58rdxU+dH
aX+80sv1RWiwpL/6PX824XvAbDBIPQQ2WeaJDdChC5k8UEFYr+EfDhghZAukw9RJ
brwMW9FDwAGrWJwyY1kgZrgtW6k8p/2Zy4Fwh1/Uj6hYsVRl88uVaCOIqm+o2T5I
+fFT7IZkLbcld4Pn/Wb5QkvF/UFgOdlbleSdmc+Vg3xGKJYYci495MzIhrBHTAlr
yqG1hKh6D+AUCrJ6fNy9JNEQlwFXUsiqgDGv9DxO5dj5OvyPXGdAkyFeD4DhsNba
bRDDccpbb6i5g+07pm9RRkiygwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFRklhXf
jjcfZy8LToh62s61GGLOMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE
ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY1NTAvOEI5QkQyMDIxRDg1MTFFMkI0MTIzMERDMDhCMDJDRDIvQjYxMjk4NzZE
ODUxMTFFODlDODBDRTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAGjNRoDBADKM0ADBADKM0QDBADKM0wDBALKM1QDBAHKM1ow
DQYJKoZIhvcNAQELBQADggEBAFnWwOvVDOf1zDO5cWKFuTznGBxT+BcXZ1XLd+1C
0wRQa1PRGHHpq59otNy/MDJKY4Z/nNB7lCoH0WpRDHXDdlroXBB1j3X/oSI6IcvD
ZkzFupU87YgsFzwf6qhrJsRirSoIy9sEAPZgzv2IrHAFmgyfz+BR7bAFplGS/dac
S5Lu6z2XxZj5zv5Flm+Mwo9l3UoipsF5P3Z7R0snNveSHq4i9tLaMzljwVE6Qh4E
KGWnM0kgE6Fl7zPExRABK77YpNqg1Rubt+ngzvt4mf0UE2rsLb3kH82sDWrd8Jgf
xGO4z+IirLNZWp0aZFcmyasM+qW4nKRlbqH31/eJEP0JziQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org