Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/B3C82EB4200A11ED9D9CDB6FC4F9AE02.roa
File:                     B3C82EB4200A11ED9D9CDB6FC4F9AE02.roa (raw, json)
Hash identifier:          4ynmInoKV379WHDSQeiEfmb81RMqPr5ZbQC7hjNFkcA=
Subject key identifier:   E0:D7:DB:BA:E1:8C:BC:72:1E:BD:DA:2F:90:3C:3C:9F:3D:30:0D:10
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       C8
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/B3C82EB4200A11ED9D9CDB6FC4F9AE02.roa
Signing time:             Fri 19 Aug 2022 22:03:06 +0000
ROA not before:           Fri 19 Aug 2022 22:03:06 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     388471
IP address blocks:        203.32.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 200 (0xc8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 19 22:03:06 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=6300089a-45eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:90:29:2a:fd:c1:d8:e2:94:3f:4c:d6:40:2f:
                    94:eb:e2:39:b8:1c:75:41:d0:7b:54:a0:58:99:33:
                    2e:1f:80:39:97:c6:1a:75:79:14:10:a6:60:d3:5d:
                    b8:93:35:63:4a:f3:b3:2b:0f:fc:07:52:21:18:60:
                    f8:67:9d:c6:85:e1:85:a0:bf:85:0b:6f:da:44:b5:
                    e2:3a:08:b3:26:a1:91:17:13:70:03:11:4f:a8:c3:
                    9c:8d:49:90:09:9d:8e:39:f2:b1:5b:ba:5b:e9:d3:
                    05:17:d4:3c:3a:87:c5:84:6f:bd:02:47:95:77:28:
                    54:24:44:c0:0f:7f:ff:27:ed:9f:37:ab:2c:d7:ad:
                    96:3e:aa:a0:29:eb:2c:35:51:68:42:69:80:8c:a7:
                    c8:bd:9d:ea:e3:98:1d:15:a0:bf:92:9d:f2:48:c2:
                    2d:12:60:c7:31:b4:09:90:56:9b:a3:17:0c:1b:e0:
                    95:83:18:4f:86:29:b4:3b:36:c4:86:eb:a1:69:4e:
                    a1:4b:5a:a6:8b:8a:30:ae:2a:75:05:0d:c9:f7:89:
                    69:ab:c5:75:7a:04:79:4c:c6:32:7c:53:e8:5f:09:
                    47:15:00:96:e2:8e:e8:4d:d0:c6:7a:c5:ca:70:0e:
                    d3:2d:04:15:24:52:7c:64:a4:93:32:0c:aa:5d:06:
                    db:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:D7:DB:BA:E1:8C:BC:72:1E:BD:DA:2F:90:3C:3C:9F:3D:30:0D:10
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/B3C82EB4200A11ED9D9CDB6FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:58:90:40:96:9b:eb:67:8e:b7:4d:a2:7a:27:7e:a9:13:89:
         bf:22:06:b2:11:8d:8b:96:d6:d3:a6:01:6b:2c:e1:0c:24:a8:
         5f:24:b3:e8:f4:4b:b4:85:9a:19:bb:c9:24:ec:69:59:74:e9:
         76:e9:bc:1d:5a:15:6e:11:e4:27:4c:8c:ec:4c:50:f7:92:3e:
         4a:2e:00:99:76:70:6f:0e:32:89:0c:5f:1d:a0:cf:0a:f4:a7:
         0a:59:33:d9:f1:a8:d7:d6:95:1d:9e:f5:9c:be:b3:00:de:a0:
         b2:61:95:93:7f:d2:51:13:28:64:ad:85:9b:ad:57:fd:94:8b:
         8f:9d:99:44:12:6b:88:0e:11:04:31:b8:7c:c7:f3:08:cf:aa:
         72:c5:65:05:73:b7:ab:a2:e8:8d:18:c8:83:b0:04:63:ba:0b:
         4c:11:95:39:e1:73:69:40:c0:0b:eb:19:45:70:0b:93:3e:2a:
         eb:9e:46:fd:3c:24:5b:3d:74:fe:9c:df:93:9a:53:9c:f6:38:
         13:1d:91:29:84:ac:eb:81:a0:b0:bb:79:58:3b:71:39:09:37:
         ea:62:f5:11:82:ff:7a:28:28:25:fc:5d:82:fa:8f:51:bc:cc:
         ee:d0:47:7e:df:38:8d:8b:60:b7:bc:e2:f4:58:b2:f3:fa:93:
         3a:93:81:e0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwODE5MjIwMzA2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAwMDg5YS00NWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx5ApKv3B2OKUP0zWQC+U6+I5uBx1QdB7VKBYmTMuH4A5l8YadXkUEKZg0124
kzVjSvOzKw/8B1IhGGD4Z53GheGFoL+FC2/aRLXiOgizJqGRFxNwAxFPqMOcjUmQ
CZ2OOfKxW7pb6dMFF9Q8OofFhG+9AkeVdyhUJETAD3//J+2fN6ss162WPqqgKess
NVFoQmmAjKfIvZ3q45gdFaC/kp3ySMItEmDHMbQJkFaboxcMG+CVgxhPhim0OzbE
huuhaU6hS1qmi4owrip1BQ3J94lpq8V1egR5TMYyfFPoXwlHFQCW4o7oTdDGesXK
cA7TLQQVJFJ8ZKSTMgyqXQbbBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFODX27rh
jLxyHr3aL5A8PJ89MA0QMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQjNDODJFQjQy
MDBBMTFFRDlEOUNEQjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICYwDQYJKoZIhvcNAQELBQADggEBAElYkECWm+tnjrdN
ononfqkTib8iBrIRjYuW1tOmAWss4QwkqF8ks+j0S7SFmhm7ySTsaVl06XbpvB1a
FW4R5CdMjOxMUPeSPkouAJl2cG8OMokMXx2gzwr0pwpZM9nxqNfWlR2e9Zy+swDe
oLJhlZN/0lETKGSthZutV/2Ui4+dmUQSa4gOEQQxuHzH8wjPqnLFZQVzt6ui6I0Y
yIOwBGO6C0wRlTnhc2lAwAvrGUVwC5M+KuueRv08JFs9dP6c35OaU5z2OBMdkSmE
rOuBoLC7eVg7cTkJN+pi9RGC/3ooKCX8XYL6j1G8zO7QR37fOI2LYLe84vRYsvP6
kzqTgeA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org