Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/64509E00AE9111ED90952A47C4F9AE02.roa
File:                     64509E00AE9111ED90952A47C4F9AE02.roa (raw, json)
Hash identifier:          SdD998KkV+AAbMdPMAwMH+JH4N2p9Wpa1lqLfLaSs3o=
Subject key identifier:   B9:4F:F2:00:D1:67:5E:AC:EF:38:CF:B4:38:8F:50:15:A1:C0:16:31
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       01BB
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/64509E00AE9111ED90952A47C4F9AE02.roa
Signing time:             Thu 30 Mar 2023 21:15:11 +0000
ROA not before:           Thu 30 Mar 2023 21:15:11 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.21.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 443 (0x1bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Mar 30 21:15:11 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6425fbdf-2212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:dd:34:24:f1:1e:35:c6:e2:74:eb:cf:0c:30:
                    2b:44:0d:73:c6:23:11:8b:21:10:fe:2a:61:49:ab:
                    34:c1:0e:63:77:6c:44:1e:0c:32:f5:01:df:7e:bf:
                    19:98:11:d6:24:3f:0c:84:b0:07:a8:7e:bb:2f:66:
                    13:69:53:52:2a:b3:70:92:88:fe:b7:d2:86:2a:52:
                    29:73:c4:ad:ad:3e:18:84:8f:0b:ed:f7:ec:8b:8a:
                    e2:3f:6a:90:f8:24:ae:11:a3:8e:4b:13:f2:39:8e:
                    de:1e:c3:ef:8f:bb:85:24:e0:81:cf:65:2c:06:df:
                    18:1d:64:e4:cf:ec:54:58:a5:ef:f9:72:ba:1a:96:
                    50:7f:b7:0a:d7:67:cc:a3:d9:9d:e9:74:a6:4e:cd:
                    23:1c:0a:ef:52:e5:44:22:30:43:fa:6d:91:68:69:
                    dd:de:62:3d:fe:22:87:04:dd:f1:a7:7c:d5:98:2a:
                    9b:e7:62:3e:9a:d6:cb:bd:f9:10:a7:63:e9:9b:f4:
                    d4:54:d0:b5:9d:52:94:9f:3c:ea:48:f4:95:ad:92:
                    b0:5f:5f:2a:fd:14:e3:1c:82:0b:12:c3:19:40:a0:
                    10:60:fd:fb:ff:ad:de:03:38:9e:53:fc:a3:c0:ee:
                    ec:fc:60:e9:c6:24:d4:d5:2d:d3:69:8e:47:6a:75:
                    0d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:4F:F2:00:D1:67:5E:AC:EF:38:CF:B4:38:8F:50:15:A1:C0:16:31
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/64509E00AE9111ED90952A47C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.21.0/24
                  203.32.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:8d:80:db:87:30:5c:fc:51:e6:06:6a:bb:08:5c:6f:e7:5a:
         be:3d:03:4a:14:5a:e8:29:68:ab:eb:c7:3b:07:62:1b:f9:5c:
         81:02:37:85:8c:77:6c:5e:66:db:25:0c:b8:19:01:16:4c:14:
         51:1a:46:be:27:26:9e:7c:76:22:08:80:1d:23:4c:48:cf:22:
         47:11:4f:35:55:a1:1a:e8:ab:c5:27:0f:92:6c:a8:be:cb:17:
         dc:78:8c:d2:39:f3:8d:d1:d5:98:6a:07:da:65:27:89:08:18:
         d9:7b:0e:ea:6c:f0:c6:30:e0:28:6c:a6:88:78:92:4b:f7:38:
         4c:91:b9:d0:50:65:9a:73:38:65:d4:2a:f9:24:af:73:bd:f0:
         b1:90:03:3c:85:67:51:64:02:63:84:a6:94:0c:42:29:b8:1d:
         94:b9:86:d9:94:bd:27:04:f7:1b:89:53:98:e9:b0:7b:f2:05:
         28:fe:83:68:7a:65:d4:c0:04:dd:f9:4f:c0:67:83:e4:78:ce:
         dc:b2:6c:8c:53:c3:be:9e:7d:6e:50:02:dd:e5:0b:c5:bb:f6:
         a6:26:41:0c:4a:55:40:f3:b5:6d:ee:4c:7e:ba:8a:69:54:fa:
         02:9c:fd:94:bf:e5:15:34:45:48:d4:33:3e:eb:9e:4b:d2:8a:
         34:d3:a1:b1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwMzMwMjExNTExWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI1ZmJkZi0yMjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7d00JPEeNcbidOvPDDArRA1zxiMRiyEQ/iphSas0wQ5jd2xEHgwy9QHffr8Z
mBHWJD8MhLAHqH67L2YTaVNSKrNwkoj+t9KGKlIpc8StrT4YhI8L7ffsi4riP2qQ
+CSuEaOOSxPyOY7eHsPvj7uFJOCBz2UsBt8YHWTkz+xUWKXv+XK6GpZQf7cK12fM
o9md6XSmTs0jHArvUuVEIjBD+m2RaGnd3mI9/iKHBN3xp3zVmCqb52I+mtbLvfkQ
p2Ppm/TUVNC1nVKUnzzqSPSVrZKwX18q/RTjHIILEsMZQKAQYP37/63eAzieU/yj
wO7s/GDpxiTU1S3TaY5HanUNpQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLlP8gDR
Z16s7zjPtDiPUBWhwBYxMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNjQ1MDlFMDBB
RTkxMTFFRDkwOTUyQTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIBUDBADLICAwDQYJKoZIhvcNAQELBQADggEBACuNgNuH
MFz8UeYGarsIXG/nWr49A0oUWugpaKvrxzsHYhv5XIECN4WMd2xeZtslDLgZARZM
FFEaRr4nJp58diIIgB0jTEjPIkcRTzVVoRroq8UnD5JsqL7LF9x4jNI5843R1Zhq
B9plJ4kIGNl7Dups8MYw4Chspoh4kkv3OEyRudBQZZpzOGXUKvkkr3O98LGQAzyF
Z1FkAmOEppQMQim4HZS5htmUvScE9xuJU5jpsHvyBSj+g2h6ZdTABN35T8Bng+R4
ztyybIxTw76efW5QAt3lC8W79qYmQQxKVUDztW3uTH66imlU+gKc/ZS/5RU0RUjU
Mz7rnkvSijTTobE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org