Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E90A49F2200711EDB1CB5554C4F9AE02.roa
File:                     E90A49F2200711EDB1CB5554C4F9AE02.roa (raw, json)
Hash identifier:          uVsx49Uk5T9ubH4giI76rDHsE/q6gBdSE3GsVrInWQ8=
Subject key identifier:   EC:06:87:76:A9:56:D3:42:C1:E6:2E:04:B3:71:27:49:89:FD:C3:7B
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       C6
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E90A49F2200711EDB1CB5554C4F9AE02.roa
Signing time:             Fri 19 Aug 2022 21:43:07 +0000
ROA not before:           Fri 19 Aug 2022 21:43:07 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.30.0/23 maxlen: 23
                          203.32.30.0/24 maxlen: 24
                          203.32.31.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.40.0/23 maxlen: 23
                          203.32.40.0/24 maxlen: 24
                          203.32.41.0/24 maxlen: 24
                          203.34.26.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 198 (0xc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 19 21:43:07 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=630003ea-4663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:2e:e4:00:95:92:6b:a7:a8:23:bb:9c:9b:5c:
                    03:99:9a:69:14:a0:de:93:87:01:b0:21:45:f2:80:
                    e6:47:39:9c:9c:10:d6:48:34:39:77:02:55:f8:ac:
                    90:32:4f:97:57:6a:85:e5:22:a7:1f:a0:88:77:b9:
                    96:cd:bd:4d:5a:2c:7e:c4:c0:bc:11:1d:ac:15:b4:
                    38:cf:62:c9:83:89:41:3e:df:39:1d:4b:cf:97:5e:
                    70:22:fc:d7:7b:f7:d3:81:e1:62:15:10:63:a5:8f:
                    f3:de:67:b6:85:c5:02:ff:6f:ca:35:83:6e:5c:ed:
                    63:f1:2b:fc:51:b1:de:49:f0:b8:c6:db:de:f1:fc:
                    3e:4e:e0:d6:36:95:da:ed:49:1f:91:aa:81:5c:7f:
                    44:6d:e6:7c:fc:91:2b:cb:96:e5:0b:f3:42:06:04:
                    02:5e:6b:30:f9:92:ec:58:6f:4d:6c:a2:a9:63:53:
                    a3:81:87:c5:09:3f:2f:5e:86:7e:05:81:62:2f:db:
                    50:da:c9:06:94:2a:46:a3:84:16:c9:a6:d4:d0:3a:
                    18:84:3a:f5:63:f4:db:c4:55:7f:91:4a:3b:69:10:
                    ac:25:89:c2:32:99:22:37:30:4a:19:f2:d5:ca:27:
                    7b:f1:25:06:84:75:6a:12:00:db:a8:9d:89:2d:a9:
                    70:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:06:87:76:A9:56:D3:42:C1:E6:2E:04:B3:71:27:49:89:FD:C3:7B
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/E90A49F2200711EDB1CB5554C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.30.0-203.32.32.255
                  203.32.40.0/23
                  203.34.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:a4:9e:4d:43:db:f0:31:6d:e2:25:c7:75:c4:22:bb:4f:39:
         89:60:5c:e5:a6:7d:cf:ad:54:14:a5:4a:a7:18:7b:52:77:49:
         f5:62:61:e0:11:e2:d1:5d:6c:8a:ef:ca:3d:e7:89:ec:95:af:
         35:cc:e5:7f:24:45:14:29:b8:79:42:64:49:44:1d:1e:7e:77:
         1c:62:30:4c:2d:d4:78:dd:02:70:c5:0d:3b:26:15:e0:3b:69:
         d1:7c:47:b2:1e:de:29:08:4e:73:a2:7b:8f:57:97:ad:18:aa:
         89:db:c3:b6:48:e4:7b:35:7a:85:de:0f:46:95:04:1e:3b:d4:
         b4:7c:da:aa:aa:06:19:c8:88:42:d6:0c:e9:0e:06:27:85:10:
         52:f3:81:78:79:47:52:4e:5b:71:07:70:1e:7a:17:ba:ef:20:
         d3:09:62:ed:0d:0c:eb:ca:90:9f:d8:57:b6:bf:d4:b4:11:2b:
         61:21:83:5b:32:bf:ee:7f:2f:cf:ef:cf:52:41:87:9d:27:62:
         2a:d9:86:e1:1c:7b:eb:6d:66:76:d0:20:03:fc:42:ad:e3:c1:
         f4:f3:57:b0:60:9d:48:4d:f5:55:17:2f:01:df:4a:6a:f7:53:
         74:ad:f4:03:76:82:a6:35:43:33:b9:a8:e3:52:5d:9b:99:99:
         30:b5:95:23
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwODE5MjE0MzA3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAwMDNlYS00NjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8C7kAJWSa6eoI7ucm1wDmZppFKDek4cBsCFF8oDmRzmcnBDWSDQ5dwJV+KyQ
Mk+XV2qF5SKnH6CId7mWzb1NWix+xMC8ER2sFbQ4z2LJg4lBPt85HUvPl15wIvzX
e/fTgeFiFRBjpY/z3me2hcUC/2/KNYNuXO1j8Sv8UbHeSfC4xtve8fw+TuDWNpXa
7UkfkaqBXH9EbeZ8/JEry5blC/NCBgQCXmsw+ZLsWG9NbKKpY1OjgYfFCT8vXoZ+
BYFiL9tQ2skGlCpGo4QWyabU0DoYhDr1Y/TbxFV/kUo7aRCsJYnCMpkiNzBKGfLV
yid78SUGhHVqEgDbqJ2JLalwYwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFOwGh3ap
VtNCweYuBLNxJ0mJ/cN7MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRTkwQTQ5RjIy
MDA3MTFFREIxQ0I1NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAcsgHgMEAMsgIAMEAcsgKAMEAMsiGjANBgkqhkiG9w0B
AQsFAAOCAQEAa6SeTUPb8DFt4iXHdcQiu085iWBc5aZ9z61UFKVKpxh7UndJ9WJh
4BHi0V1siu/KPeeJ7JWvNczlfyRFFCm4eUJkSUQdHn53HGIwTC3UeN0CcMUNOyYV
4Dtp0XxHsh7eKQhOc6J7j1eXrRiqidvDtkjkezV6hd4PRpUEHjvUtHzaqqoGGciI
QtYM6Q4GJ4UQUvOBeHlHUk5bcQdwHnoXuu8g0wli7Q0M68qQn9hXtr/UtBErYSGD
WzK/7n8vz+/PUkGHnSdiKtmG4Rx7621mdtAgA/xCrePB9PNXsGCdSE31VRcvAd9K
avdTdK30A3aCpjVDM7mo41Jdm5mZMLWVIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org