Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/9F533B70374F11EDB46F1A22C4F9AE02.roa
File:                     9F533B70374F11EDB46F1A22C4F9AE02.roa (raw, json)
Hash identifier:          h0yEhLb9b8qWpoGCn/nuqTZ80SnWpT4Mwjf1KTdEKEc=
Subject key identifier:   FE:43:18:12:25:C7:A0:5A:27:E4:A8:6D:28:F0:B5:83:66:DA:93:C5
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0116
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/9F533B70374F11EDB46F1A22C4F9AE02.roa
Signing time:             Sun 18 Sep 2022 12:44:24 +0000
ROA not before:           Sun 18 Sep 2022 12:44:24 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        203.32.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 278 (0x116)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Sep 18 12:44:24 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=632712a7-cdba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3a:31:d4:61:18:7a:49:f5:90:a1:fd:02:c7:
                    a9:4a:a5:bb:3d:aa:4a:cf:d2:4b:47:68:e6:8f:ce:
                    9e:5c:d4:bb:b2:d1:f5:9f:00:ac:22:43:23:22:a6:
                    49:58:00:62:45:4f:58:c4:d4:09:12:4f:b3:7d:6b:
                    ed:ad:de:44:11:c3:91:c6:78:2d:fb:1a:4b:00:ad:
                    42:a5:35:40:df:e5:80:6a:cb:55:1b:fa:fb:3f:b8:
                    c1:25:6b:ad:44:fc:f7:c4:01:89:0a:fd:8b:81:5e:
                    a0:e4:e2:50:e6:59:98:1f:43:d8:1a:6f:2c:1d:42:
                    fc:93:1a:f7:ef:1e:b3:cb:d9:6f:82:7a:cd:02:5c:
                    59:8d:cb:84:42:d3:fb:7d:35:c0:2b:ec:43:5c:76:
                    4a:4e:c0:cf:a9:15:36:be:e4:4d:fb:53:93:54:b5:
                    b3:aa:79:03:c4:69:27:6b:9e:85:48:2f:1a:36:b8:
                    71:56:63:48:b7:02:e3:8c:13:89:fb:08:dd:8d:7f:
                    bf:d1:ef:21:15:31:40:10:3f:de:72:1a:68:33:fc:
                    87:d2:f3:79:c7:e1:88:96:f8:f8:a1:f0:b8:7f:8a:
                    bc:91:7e:a3:e4:d5:bb:94:59:8c:e6:b2:15:75:a6:
                    08:8e:7b:f7:d3:6d:c6:94:0b:89:7f:bc:68:ba:09:
                    fe:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:43:18:12:25:C7:A0:5A:27:E4:A8:6D:28:F0:B5:83:66:DA:93:C5
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/9F533B70374F11EDB46F1A22C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:fc:92:8c:71:b0:11:4d:ae:79:6e:0b:8e:78:a0:ef:70:cb:
         67:5f:87:a9:31:ac:a2:13:c3:1c:62:97:1a:42:d7:57:83:f0:
         05:0a:8e:50:85:67:34:82:c5:44:9f:04:a6:66:e3:2c:f4:f1:
         14:cf:97:dc:ce:7c:b2:2f:2d:32:0d:c4:52:19:dc:ce:d7:36:
         31:63:82:bc:40:c6:ed:9c:e6:79:79:7b:7d:18:b9:9d:ce:00:
         1b:41:c2:a3:c5:79:f0:18:db:74:3f:a9:e0:a0:f1:c0:48:08:
         1c:f2:77:b9:65:2e:39:3c:02:8e:8c:ce:19:51:04:77:96:77:
         54:89:95:32:23:cb:0f:e3:8c:30:1c:ac:5f:e2:05:0d:2c:88:
         77:b9:0e:0f:60:f0:5e:12:98:3d:71:cd:22:50:68:c7:11:e5:
         2c:ef:de:c2:1a:3d:ea:eb:06:ce:7e:46:13:54:06:73:42:0c:
         aa:b7:a2:51:e0:a5:83:4c:43:f9:d6:a9:8e:55:8a:f3:94:77:
         de:a8:63:75:fc:89:70:64:4c:36:26:11:70:8a:68:6c:f3:3c:
         bb:1f:38:0b:3e:07:d7:41:9a:0f:f3:ce:33:77:91:0c:5c:d9:
         4d:0a:a6:0f:6e:e7:70:c9:de:12:3d:49:31:61:d8:c7:c6:7b:
         d4:4f:4a:86
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwOTE4MTI0NDI0WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI3MTJhNy1jZGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyDox1GEYekn1kKH9AsepSqW7PapKz9JLR2jmj86eXNS7stH1nwCsIkMjIqZJ
WABiRU9YxNQJEk+zfWvtrd5EEcORxngt+xpLAK1CpTVA3+WAastVG/r7P7jBJWut
RPz3xAGJCv2LgV6g5OJQ5lmYH0PYGm8sHUL8kxr37x6zy9lvgnrNAlxZjcuEQtP7
fTXAK+xDXHZKTsDPqRU2vuRN+1OTVLWzqnkDxGkna56FSC8aNrhxVmNItwLjjBOJ
+wjdjX+/0e8hFTFAED/echpoM/yH0vN5x+GIlvj4ofC4f4q8kX6j5NW7lFmM5rIV
daYIjnv3023GlAuJf7xougn+mQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP5DGBIl
x6BaJ+SobSjwtYNm2pPFMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvOUY1MzNCNzAz
NzRGMTFFREI0NkYxQTIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICgwDQYJKoZIhvcNAQELBQADggEBAHb8koxxsBFNrnlu
C454oO9wy2dfh6kxrKITwxxilxpC11eD8AUKjlCFZzSCxUSfBKZm4yz08RTPl9zO
fLIvLTINxFIZ3M7XNjFjgrxAxu2c5nl5e30YuZ3OABtBwqPFefAY23Q/qeCg8cBI
CBzyd7llLjk8Ao6MzhlRBHeWd1SJlTIjyw/jjDAcrF/iBQ0siHe5Dg9g8F4SmD1x
zSJQaMcR5Szv3sIaPerrBs5+RhNUBnNCDKq3olHgpYNMQ/nWqY5VivOUd96oY3X8
iXBkTDYmEXCKaGzzPLsfOAs+B9dBmg/zzjN3kQxc2U0Kpg9u53DJ3hI9STFh2MfG
e9RPSoY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org