Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
File:                     8C85B0DEDABC11EDBE298B22C4F9AE02.roa (raw, json)
Hash identifier:          AOBHxKs3zCu+9L+8ptzM8YVwQarcFJD2LmCWLMSDTG0=
Subject key identifier:   F4:4D:A5:3E:FF:55:E5:B5:11:36:C1:69:A0:FC:4B:B1:C4:53:41:51
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       01CF
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
Signing time:             Fri 14 Apr 2023 12:04:47 +0000
ROA not before:           Fri 14 Apr 2023 12:04:47 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     7411
IP address blocks:        203.32.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 463 (0x1cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Apr 14 12:04:47 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6439415e-6cc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:cf:7c:9d:65:9a:e2:ad:ca:cd:7c:e8:01:0f:
                    d0:3e:bc:cf:e6:44:4b:28:a6:25:c9:c9:be:bf:cd:
                    2b:ed:cb:fc:01:a5:0c:ae:8f:82:72:da:24:62:54:
                    c4:11:f5:60:10:62:b3:ed:79:88:90:14:a2:f6:10:
                    dd:63:42:01:35:1c:f5:9b:25:51:f5:f3:c7:14:a4:
                    f4:ee:93:7b:57:29:3a:90:2e:8a:53:25:6e:db:99:
                    f4:67:fb:28:62:e8:2c:4c:8a:31:1b:1b:7d:b8:e9:
                    4d:b6:fc:9c:6b:23:3c:56:0e:f5:66:0b:ce:26:ff:
                    78:df:14:2f:25:22:72:ec:a3:5d:e0:51:10:ba:08:
                    1e:00:c5:f0:fc:e6:9f:b6:41:56:53:2a:2a:7a:c2:
                    d4:77:a8:50:fc:de:00:2f:d2:03:c4:ad:d6:92:13:
                    34:4d:47:2c:2d:6c:c4:be:df:d4:17:60:ee:92:64:
                    d6:30:3d:3f:3d:11:14:13:70:e6:a3:f0:ef:78:98:
                    5a:4a:b5:2b:02:62:5a:72:bc:3e:a2:99:4a:7a:f5:
                    a7:29:34:6e:dd:d2:79:f4:81:61:2c:5f:1d:ce:35:
                    51:d7:5b:fc:fc:d6:23:24:18:cf:1a:92:11:18:bb:
                    84:86:86:df:da:30:d0:c1:a3:04:05:1e:81:7b:72:
                    82:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:4D:A5:3E:FF:55:E5:B5:11:36:C1:69:A0:FC:4B:B1:C4:53:41:51
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8C85B0DEDABC11EDBE298B22C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:ea:b0:60:d4:99:82:2b:8b:40:a5:79:a9:f0:ba:40:38:80:
         19:59:a9:4d:07:68:45:c4:db:03:0d:33:8d:16:f1:e9:a0:96:
         58:42:7b:80:e7:39:e3:5d:a5:d9:1c:3d:54:92:3a:25:91:5e:
         78:6d:40:3c:55:d8:69:1d:19:7e:fb:cc:23:be:bf:0d:f3:99:
         25:9a:81:23:39:ff:d0:7a:8e:af:ed:91:07:33:28:76:7b:70:
         49:08:26:40:43:29:e5:9b:1f:56:45:77:c5:01:a4:10:48:05:
         b1:c0:22:0e:9d:25:f3:51:5e:09:75:22:bd:4b:dc:d8:b5:cf:
         b8:85:68:89:46:2f:42:23:6e:7e:11:06:d9:5f:67:96:36:c6:
         67:40:66:59:e0:66:8b:ce:ca:52:c3:7f:3e:d2:d2:5b:66:11:
         f6:1e:ec:33:0f:bc:2d:4d:89:a9:d0:1f:9d:6d:54:f2:de:d5:
         5c:10:4f:7c:46:7a:30:c6:3f:b0:43:19:e6:c5:19:54:81:0b:
         05:ac:7b:17:e7:67:23:e2:c1:2b:64:ce:20:99:16:58:38:e7:
         e9:29:6e:8e:14:f1:e3:bd:77:61:df:c3:cc:21:6d:93:92:7b:
         f7:50:62:55:97:f1:78:9f:c0:8f:57:f5:3b:96:28:8f:66:9c:
         cb:a5:d8:db
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNDE0MTIwNDQ3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM5NDE1ZS02Y2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6898nWWa4q3KzXzoAQ/QPrzP5kRLKKYlycm+v80r7cv8AaUMro+CctokYlTE
EfVgEGKz7XmIkBSi9hDdY0IBNRz1myVR9fPHFKT07pN7Vyk6kC6KUyVu25n0Z/so
YugsTIoxGxt9uOlNtvycayM8Vg71ZgvOJv943xQvJSJy7KNd4FEQuggeAMXw/Oaf
tkFWUyoqesLUd6hQ/N4AL9IDxK3WkhM0TUcsLWzEvt/UF2DukmTWMD0/PREUE3Dm
o/DveJhaSrUrAmJacrw+oplKevWnKTRu3dJ59IFhLF8dzjVR11v8/NYjJBjPGpIR
GLuEhobf2jDQwaMEBR6Be3KCawIDAQABo4IClTCCApEwHQYDVR0OBBYEFPRNpT7/
VeW1ETbBaaD8S7HEU0FRMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvOEM4NUIwREVE
QUJDMTFFREJFMjk4QjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBUwDQYJKoZIhvcNAQELBQADggEBACnqsGDUmYIri0Cl
eanwukA4gBlZqU0HaEXE2wMNM40W8emgllhCe4DnOeNdpdkcPVSSOiWRXnhtQDxV
2GkdGX77zCO+vw3zmSWagSM5/9B6jq/tkQczKHZ7cEkIJkBDKeWbH1ZFd8UBpBBI
BbHAIg6dJfNRXgl1Ir1L3Ni1z7iFaIlGL0Ijbn4RBtlfZ5Y2xmdAZlngZovOylLD
fz7S0ltmEfYe7DMPvC1NianQH51tVPLe1VwQT3xGejDGP7BDGebFGVSBCwWsexfn
ZyPiwStkziCZFlg45+kpbo4U8eO9d2Hfw8whbZOSe/dQYlWX8XifwI9X9TuWKI9m
nMul2Ns=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org