Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E5866E5E1B8F11EDBC68484CC4F9AE02.roa
File:                     E5866E5E1B8F11EDBC68484CC4F9AE02.roa (raw, json)
Hash identifier:          tu9ANRwnlnZAlSg7sjBtfSkB0BYMnZj81W1+Tc8SUcM=
Subject key identifier:   19:D1:80:4A:D6:F9:85:6F:B8:A4:B0:86:F2:3D:31:52:4B:BC:1F:EB
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       BD
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E5866E5E1B8F11EDBC68484CC4F9AE02.roa
Signing time:             Wed 17 Aug 2022 09:04:29 +0000
ROA not before:           Wed 17 Aug 2022 09:04:29 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        203.32.21.0/24 maxlen: 24
                          203.32.22.0/23 maxlen: 24
                          203.32.25.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189 (0xbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 17 09:04:29 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62fcaf1d-a12c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:27:90:37:71:43:15:4b:68:a0:89:f0:f2:44:
                    6d:3c:e4:0d:5e:7b:7b:70:b5:78:c1:05:b8:1b:43:
                    51:60:ad:f3:9d:8a:88:e5:c4:6e:2e:58:ff:46:9d:
                    49:e1:c5:00:d8:a4:5d:ef:8e:f9:1b:eb:e9:c8:f3:
                    0e:e6:02:44:bf:40:27:70:2d:68:19:15:4b:c9:8c:
                    93:85:69:6b:f9:dc:90:93:ca:fe:26:a0:58:fb:50:
                    d6:ac:b2:60:85:30:9b:49:7f:0d:22:bc:6e:e6:45:
                    46:83:1c:09:c8:f8:4c:2c:9e:30:cf:0e:63:f1:ea:
                    25:e9:df:c8:6a:5c:5a:65:32:24:5f:dc:e1:ac:4b:
                    0b:6c:2e:c8:cf:6e:db:d8:16:ad:54:49:80:fd:6b:
                    60:78:e4:4d:2d:ba:56:36:7e:60:3b:0a:c1:3a:19:
                    b3:76:6f:0b:84:fe:7f:02:e3:fc:32:ab:76:e7:a9:
                    68:6c:ca:9a:4f:20:8d:57:67:d1:88:cb:a6:09:c0:
                    15:e6:ae:ec:db:f5:9a:af:1b:c1:41:5a:b8:9f:ea:
                    6c:9f:6f:c4:a0:9f:ef:d3:dd:6c:1c:14:fa:9b:82:
                    eb:e1:84:c8:15:8d:c3:1c:65:aa:5d:57:39:f7:17:
                    0f:3e:46:f5:82:ca:ff:3d:21:f5:79:ea:56:e6:30:
                    69:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:D1:80:4A:D6:F9:85:6F:B8:A4:B0:86:F2:3D:31:52:4B:BC:1F:EB
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E5866E5E1B8F11EDBC68484CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.21.0-203.32.23.255
                  203.32.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:71:72:ee:87:5b:65:bc:72:85:de:05:63:04:ef:47:be:16:
         90:19:d4:fa:cf:fd:c1:65:b1:f1:aa:3f:29:94:b3:f2:85:78:
         b5:9e:6b:d8:fb:03:f8:d5:4a:c1:56:14:81:7b:9d:63:ee:37:
         f1:38:ac:10:74:6c:26:e8:50:3a:bf:f1:3f:b4:86:da:7e:f0:
         cf:c4:84:3f:08:d7:99:f0:19:ab:af:b1:11:01:6d:89:66:aa:
         95:84:bf:b9:12:52:8e:3b:91:27:e6:c0:38:59:de:93:c1:c1:
         c5:b6:03:71:49:d5:36:05:ac:81:fb:56:91:fe:68:72:e4:00:
         bd:7b:90:06:e4:81:d5:bc:36:c3:b2:ee:e5:e0:4a:b0:53:3b:
         4b:2c:c5:47:47:5e:cc:39:2e:be:f2:fb:95:41:17:4d:e1:91:
         34:d6:f9:f1:4e:13:c5:18:a7:a0:50:76:98:42:cc:37:e1:89:
         62:5d:da:c4:4a:a3:a4:1e:67:c5:d6:49:76:da:57:7e:a7:98:
         e5:bc:4f:17:26:38:8b:6a:2d:9e:88:f4:ff:26:e0:c6:32:32:
         23:eb:de:dc:29:03:4b:f2:a2:2c:52:31:50:70:09:7b:42:70:
         4b:12:d5:4e:c4:f6:cc:65:75:03:db:35:f8:71:fb:29:55:17:
         ce:98:ad:ba
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwODE3MDkwNDI5WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZjYWYxZC1hMTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1yeQN3FDFUtooInw8kRtPOQNXnt7cLV4wQW4G0NRYK3znYqI5cRuLlj/Rp1J
4cUA2KRd7475G+vpyPMO5gJEv0AncC1oGRVLyYyThWlr+dyQk8r+JqBY+1DWrLJg
hTCbSX8NIrxu5kVGgxwJyPhMLJ4wzw5j8eol6d/IalxaZTIkX9zhrEsLbC7Iz27b
2BatVEmA/WtgeORNLbpWNn5gOwrBOhmzdm8LhP5/AuP8Mqt256lobMqaTyCNV2fR
iMumCcAV5q7s2/WarxvBQVq4n+psn2/EoJ/v091sHBT6m4Lr4YTIFY3DHGWqXVc5
9xcPPkb1gsr/PSH1eepW5jBppwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBnRgErW
+YVvuKSwhvI9MVJLvB/rMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRTU4NjZFNUUx
QjhGMTFFREJDNjg0ODRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAMsgFQMEA8sgEAMEAMsgGTANBgkqhkiG9w0BAQsFAAOC
AQEACHFy7odbZbxyhd4FYwTvR74WkBnU+s/9wWWx8ao/KZSz8oV4tZ5r2PsD+NVK
wVYUgXudY+438TisEHRsJuhQOr/xP7SG2n7wz8SEPwjXmfAZq6+xEQFtiWaqlYS/
uRJSjjuRJ+bAOFnek8HBxbYDcUnVNgWsgftWkf5ocuQAvXuQBuSB1bw2w7Lu5eBK
sFM7SyzFR0dezDkuvvL7lUEXTeGRNNb58U4TxRinoFB2mELMN+GJYl3axEqjpB5n
xdZJdtpXfqeY5bxPFyY4i2otnoj0/ybgxjIyI+ve3CkDS/KiLFIxUHAJe0JwSxLV
TsT2zGV1A9s1+HH7KVUXzpitug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org