Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
File:                     717EEC1E678B11ED8F22F91FC4F9AE02.roa (raw, json)
Hash identifier:          A/LoPi3/cp4fSCLiXg0GF784HgPKKwv5xnmdOWTf1aQ=
Subject key identifier:   63:2A:EE:A0:A7:EA:FC:DA:63:F2:70:5D:26:81:8D:B7:AE:6F:01:D8
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       01A1
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
Signing time:             Fri 17 Feb 2023 21:04:16 +0000
ROA not before:           Fri 17 Feb 2023 21:04:16 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        203.32.21.0/24 maxlen: 24
                          203.32.26.0/24 maxlen: 24
                          203.32.28.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 417 (0x1a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Feb 17 21:04:16 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=63efebd0-22da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e2:e4:28:56:24:3a:e8:64:2b:96:d0:56:c3:
                    da:0c:98:22:61:e5:6d:e8:49:3d:bd:9b:75:25:66:
                    2b:af:2a:a5:f3:18:63:49:b2:1f:b4:cc:d2:3d:5d:
                    23:75:08:82:b8:75:e2:47:0b:d7:bb:69:29:60:cc:
                    f9:76:90:b1:2e:31:08:1c:f3:36:5b:0d:df:e7:f2:
                    df:80:5b:08:43:a9:40:bf:15:1c:01:3c:4f:df:3d:
                    6b:20:19:d6:ee:64:aa:4b:63:3c:45:2e:46:45:ff:
                    e0:54:3d:92:e0:31:7d:7b:0a:3a:91:b9:b6:31:36:
                    af:ca:96:77:6c:72:03:d6:00:6e:3f:f7:77:4e:8d:
                    d6:ee:8e:56:c1:38:5c:db:b4:fb:c3:16:ce:9e:e1:
                    30:94:80:30:d5:2f:12:f0:2b:38:3a:7e:de:80:50:
                    bd:51:94:cb:0e:da:a4:dc:11:26:d0:1c:14:d4:b1:
                    d3:df:bc:b2:11:e2:d3:e6:7c:e9:00:33:76:6b:62:
                    8b:90:8f:ac:bf:b2:35:ee:eb:bd:e2:7c:8e:2f:12:
                    25:ff:1b:0f:9b:11:e9:bf:a6:e9:93:ab:e9:c6:b6:
                    06:32:cd:2f:e7:73:b8:53:4d:6d:60:4a:a3:86:86:
                    86:dc:92:a5:13:76:27:ea:a0:52:53:88:cb:6e:ce:
                    a4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:2A:EE:A0:A7:EA:FC:DA:63:F2:70:5D:26:81:8D:B7:AE:6F:01:D8
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.21.0/24
                  203.32.26.0/24
                  203.32.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:ff:90:b9:8a:b4:6e:f2:37:8e:ba:e2:10:01:fc:2d:59:f7:
         b0:34:ed:3f:d1:b0:0f:a9:12:79:b2:2c:f1:1c:58:f6:80:10:
         4c:b4:6f:95:70:d1:f0:ba:12:02:f2:82:b5:52:94:2d:8c:a0:
         4b:f2:f5:93:0e:a1:6b:f2:71:c7:2f:d6:d6:19:cd:91:27:8b:
         f6:eb:10:78:4a:bc:34:7a:ee:47:16:d8:a3:05:d6:f4:22:c5:
         3e:db:46:94:8a:e8:b4:bc:b2:26:03:5e:2c:d5:b4:00:cd:11:
         da:65:87:77:37:3d:9d:3e:95:fa:97:3c:61:f5:36:ea:e6:70:
         a0:e7:92:8a:94:52:1d:b0:fb:82:77:0b:10:a9:14:c3:27:70:
         7f:db:b8:58:f6:ab:2f:7c:d9:50:6f:f7:ef:7d:35:67:cf:e9:
         c8:1b:4a:0a:fe:00:34:05:12:9b:01:ad:eb:85:60:6f:e8:3d:
         67:06:38:04:69:2e:98:3e:61:8e:a2:04:07:34:f2:2b:a0:8a:
         f8:89:c3:c0:71:fd:9e:9c:7b:ac:22:17:b6:28:01:92:51:bf:
         48:86:80:52:e8:77:31:df:b0:b7:16:bc:bb:bb:b6:32:89:43:
         32:78:e0:9a:f5:9c:5d:b9:61:b4:90:68:bb:51:31:18:27:39:
         11:8f:34:90
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwMjE3MjEwNDE2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VmZWJkMC0yMmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnOLkKFYkOuhkK5bQVsPaDJgiYeVt6Ek9vZt1JWYrryql8xhjSbIftMzSPV0j
dQiCuHXiRwvXu2kpYMz5dpCxLjEIHPM2Ww3f5/LfgFsIQ6lAvxUcATxP3z1rIBnW
7mSqS2M8RS5GRf/gVD2S4DF9ewo6kbm2MTavypZ3bHID1gBuP/d3To3W7o5WwThc
27T7wxbOnuEwlIAw1S8S8Cs4On7egFC9UZTLDtqk3BEm0BwU1LHT37yyEeLT5nzp
ADN2a2KLkI+sv7I17uu94nyOLxIl/xsPmxHpv6bpk6vpxrYGMs0v53O4U01tYEqj
hoaG3JKlE3Yn6qBSU4jLbs6k7wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGMq7qCn
6vzaY/JwXSaBjbeubwHYMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNzE3RUVDMUU2
NzhCMTFFRDhGMjJGOTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLIBUDBADLIBoDBADLIBwwDQYJKoZIhvcNAQELBQADggEB
AGj/kLmKtG7yN4664hAB/C1Z97A07T/RsA+pEnmyLPEcWPaAEEy0b5Vw0fC6EgLy
grVSlC2MoEvy9ZMOoWvycccv1tYZzZEni/brEHhKvDR67kcW2KMF1vQixT7bRpSK
6LS8siYDXizVtADNEdplh3c3PZ0+lfqXPGH1NurmcKDnkoqUUh2w+4J3CxCpFMMn
cH/buFj2qy982VBv9+99NWfP6cgbSgr+ADQFEpsBreuFYG/oPWcGOARpLpg+YY6i
BAc08iugiviJw8Bx/Z6ce6wiF7YoAZJRv0iGgFLodzHfsLcWvLu7tjKJQzJ44Jr1
nF25YbSQaLtRMRgnORGPNJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org