Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F84F8A2A874611EDB61FA23AC4F9AE02.roa
File:                     F84F8A2A874611EDB61FA23AC4F9AE02.roa (raw, json)
Hash identifier:          OcggV4ODlLKxXRjxb5JlPhxg944XGe+52XUwy2n6NQQ=
Subject key identifier:   3E:73:06:C7:04:9F:F6:A5:B6:C4:34:E9:7C:7C:79:6D:C1:6F:1D:13
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       016D
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F84F8A2A874611EDB61FA23AC4F9AE02.roa
Signing time:             Thu 29 Dec 2022 07:04:00 +0000
ROA not before:           Thu 29 Dec 2022 07:04:00 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        203.32.22.0/23 maxlen: 24
                          203.32.25.0/24 maxlen: 24
                          203.32.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 365 (0x16d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Dec 29 07:04:00 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=63ad3be0-e4c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:23:6e:e8:b6:05:03:44:86:b0:bb:d6:3d:be:
                    e5:1b:5b:3e:3b:c7:17:8c:bb:c5:3c:4b:fb:7d:4c:
                    b1:5f:e2:d5:de:d5:e6:a6:ab:42:0c:07:eb:c1:03:
                    83:fa:6d:a7:2e:d4:6b:42:7d:c7:7f:02:86:25:41:
                    a1:7f:4f:26:ec:f4:c5:46:c2:78:61:b1:62:58:e4:
                    6b:f3:d4:12:21:fa:cd:40:ea:df:f0:fe:36:37:d4:
                    47:2c:cc:78:40:ee:87:f9:9b:cb:7d:a0:36:8d:6b:
                    ed:23:43:aa:d7:94:16:86:d0:74:98:a2:5f:1b:b3:
                    2a:92:fc:ed:fe:d0:bd:c7:03:11:60:38:48:ff:e5:
                    ce:73:48:28:6d:69:7e:43:4b:9c:4b:36:40:c7:64:
                    47:cb:04:bc:0b:4f:41:a4:82:08:94:71:fd:f1:50:
                    b6:aa:38:a0:68:33:b3:c5:ff:1c:e9:fa:8c:ff:16:
                    14:c6:4b:eb:71:5e:44:ac:a5:2a:87:2b:30:fb:d0:
                    2f:04:f1:0c:09:c2:55:3d:58:9c:48:24:00:7f:c4:
                    77:d5:3e:f0:35:e3:00:9c:60:1a:ec:45:97:92:99:
                    84:b3:82:23:ab:94:f4:5c:89:0d:2e:47:34:34:0f:
                    84:92:95:b8:9c:6a:00:2c:ad:c5:5c:4f:8b:db:12:
                    32:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:73:06:C7:04:9F:F6:A5:B6:C4:34:E9:7C:7C:79:6D:C1:6F:1D:13
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F84F8A2A874611EDB61FA23AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.22.0/23
                  203.32.25.0/24
                  203.32.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:4e:0d:bf:d1:f6:2d:d4:85:7e:c5:8d:54:32:e4:2c:16:6e:
         5e:e9:19:41:fb:ec:28:20:95:23:da:1c:6e:33:d5:f5:ad:ae:
         07:fb:49:2a:df:cc:c5:1c:d2:fb:ce:00:84:5b:80:15:be:b5:
         91:3a:79:a1:93:2a:da:d3:15:7f:f2:95:0c:42:57:4f:fc:ae:
         68:52:ff:8a:29:ad:98:5b:02:7e:0c:c2:59:9d:5d:a0:18:84:
         05:e9:7c:01:f3:ee:12:d2:5b:c8:d4:78:e4:d0:68:1a:bf:8f:
         7d:b7:60:c1:32:ad:cd:f0:e3:df:a8:ec:2c:06:c5:15:9f:ba:
         91:97:c3:69:3e:23:96:67:07:53:c9:c4:c0:82:a7:98:99:cf:
         79:ef:c1:24:0c:9e:43:c3:68:d6:30:f2:e9:5e:2f:b3:7c:c2:
         87:c7:a4:a2:66:bc:c1:32:6e:b1:9c:bd:5b:5f:04:e9:14:7b:
         fc:ca:23:02:94:4a:35:29:42:2b:78:20:60:48:1f:0f:69:2a:
         27:e2:cd:64:dd:b1:aa:fe:06:5d:e5:90:c3:eb:1c:50:bf:1e:
         c2:fa:14:a1:48:37:1a:46:8a:0a:8c:05:06:58:22:92:26:95:
         48:d9:fd:ab:9e:96:df:5c:c3:22:9e:9d:2e:e9:55:7b:43:1f:
         8c:be:94:40
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAW0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIxMjI5MDcwNDAwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FkM2JlMC1lNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCNu6LYFA0SGsLvWPb7lG1s+O8cXjLvFPEv7fUyxX+LV3tXmpqtCDAfrwQOD
+m2nLtRrQn3HfwKGJUGhf08m7PTFRsJ4YbFiWORr89QSIfrNQOrf8P42N9RHLMx4
QO6H+ZvLfaA2jWvtI0Oq15QWhtB0mKJfG7Mqkvzt/tC9xwMRYDhI/+XOc0gobWl+
Q0ucSzZAx2RHywS8C09BpIIIlHH98VC2qjigaDOzxf8c6fqM/xYUxkvrcV5ErKUq
hysw+9AvBPEMCcJVPVicSCQAf8R31T7wNeMAnGAa7EWXkpmEs4Ijq5T0XIkNLkc0
NA+EkpW4nGoALK3FXE+L2xIyAwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFD5zBscE
n/altsQ06Xx8eW3Bbx0TMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRjg0RjhBMkE4
NzQ2MTFFREI2MUZBMjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAHLIBYDBADLIBkDBADLICYwDQYJKoZIhvcNAQELBQADggEB
AFFODb/R9i3UhX7FjVQy5CwWbl7pGUH77CgglSPaHG4z1fWtrgf7SSrfzMUc0vvO
AIRbgBW+tZE6eaGTKtrTFX/ylQxCV0/8rmhS/4oprZhbAn4MwlmdXaAYhAXpfAHz
7hLSW8jUeOTQaBq/j323YMEyrc3w49+o7CwGxRWfupGXw2k+I5ZnB1PJxMCCp5iZ
z3nvwSQMnkPDaNYw8uleL7N8wofHpKJmvMEybrGcvVtfBOkUe/zKIwKUSjUpQit4
IGBIHw9pKifizWTdsar+Bl3lkMPrHFC/HsL6FKFINxpGigqMBQZYIpImlUjZ/aue
lt9cwyKenS7pVXtDH4y+lEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org