Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/6791DC90F6C811ECBDF7DD40C4F9AE02.roa
File:                     6791DC90F6C811ECBDF7DD40C4F9AE02.roa (raw, json)
Hash identifier:          EC5YmBpbEcfpnvwsUcaV0AHFaGcfBqrJ775usacjxw4=
Subject key identifier:   28:44:3C:C1:91:72:ED:79:B8:C4:A5:B9:CA:2D:86:3F:31:C0:35:50
Certificate issuer:       /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial:       04
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/6791DC90F6C811ECBDF7DD40C4F9AE02.roa
Signing time:             Tue 28 Jun 2022 09:55:14 +0000
ROA not before:           Tue 28 Jun 2022 09:55:13 +0000
ROA not after:            Thu 01 Dec 2022 00:00:00 +0000
asID:                     8100
IP address blocks:        202.73.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
        Validity
            Not Before: Jun 28 09:55:13 2022 GMT
            Not After : Dec  1 00:00:00 2022 GMT
        Subject: CN=62bad001-ddda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:da:30:cf:55:a6:43:5a:fc:7a:23:f1:83:2a:
                    5b:57:7e:4b:24:bd:6a:42:7d:2a:31:ea:b4:ea:5c:
                    ac:73:04:b0:20:4c:cf:cf:a2:97:84:6b:7f:00:21:
                    fe:ab:07:d9:2f:67:e2:e9:09:0b:71:60:c9:56:a1:
                    e3:35:ac:be:e0:57:bd:da:d9:67:08:4a:38:5c:61:
                    86:b9:46:d6:35:cd:a0:4e:3a:74:48:e5:81:5f:1a:
                    1f:c5:39:38:b2:df:2f:40:80:e1:fa:8b:e1:bb:81:
                    ab:56:d6:08:12:2d:a5:1f:02:fa:68:29:6f:49:e3:
                    fc:67:46:cf:74:2a:ad:cc:22:d8:39:ff:cd:91:0d:
                    53:9a:b7:1c:69:71:2a:c0:9e:0e:14:45:9d:d3:06:
                    8d:3a:5b:3f:f8:55:0b:53:89:c8:51:fc:fc:19:86:
                    d8:94:85:9c:09:15:25:86:ff:0a:86:1b:59:12:f5:
                    07:c6:9a:cf:77:4f:01:84:2e:2d:3b:f0:9c:bd:c9:
                    b5:19:13:ef:4a:09:2a:75:ba:de:5a:23:c7:4d:4b:
                    ae:17:d0:a0:5b:86:5b:50:c3:25:5b:a9:ae:5b:04:
                    22:e8:a0:0b:d2:f4:c9:88:e8:02:ff:8d:a0:28:07:
                    bb:67:27:47:69:ab:a2:28:43:78:02:7a:8b:31:00:
                    30:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:44:3C:C1:91:72:ED:79:B8:C4:A5:B9:CA:2D:86:3F:31:C0:35:50
            X509v3 Authority Key Identifier:
                keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/6791DC90F6C811ECBDF7DD40C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.73.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d1:36:54:48:fb:b7:12:08:41:f7:71:56:e8:a9:43:33:50:0b:
         4d:e4:96:58:95:e6:1a:21:1f:40:03:bc:a5:21:b3:d8:f0:17:
         5d:61:a4:66:26:a6:14:c5:3f:a6:66:39:91:18:8d:48:2a:e3:
         ba:4d:c5:0a:d0:2b:31:4f:1e:c0:e8:6f:f7:26:83:fe:a3:76:
         2c:70:74:68:28:e3:42:b5:d5:d6:2b:ff:56:ed:3b:9d:fa:db:
         ff:78:c2:13:3b:5d:11:0e:fd:a0:98:66:a3:83:92:30:cc:47:
         05:fb:92:1a:e6:14:fc:6f:72:b5:96:85:ed:a1:5e:37:9b:1d:
         bb:bc:38:c2:0b:32:89:b8:bf:d9:f6:12:ea:51:74:1e:37:11:
         34:d0:06:9b:bf:04:75:47:11:88:6c:d3:ab:c3:06:48:00:19:
         eb:ce:67:00:02:03:3c:a3:54:15:d4:83:d2:1c:b3:7d:58:e9:
         c4:af:cc:46:d2:dc:74:90:04:cf:1b:4c:6d:14:10:cd:a2:47:
         a0:9b:b7:4a:f5:6d:1c:b8:e5:57:e1:ae:69:c5:17:54:46:8a:
         86:f6:4c:79:5d:3e:aa:da:37:fd:cc:9d:7f:83:4f:48:3e:d9:
         28:d8:91:eb:39:7b:6f:63:92:2a:d7:ac:b4:0d:46:31:9c:62:
         2e:28:65:88
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MUFDNDExMC8GA1UEBRMoMUYwOTJCRjBFMzY3RkRBNTE0NkQyODdEODEwMkIyNkVD
OEZCODJCNTAeFw0yMjA2MjgwOTU1MTNaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYmFkMDAxLWRkZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDI2jDPVaZDWvx6I/GDKltXfkskvWpCfSox6rTqXKxzBLAgTM/PopeEa38AIf6r
B9kvZ+LpCQtxYMlWoeM1rL7gV73a2WcISjhcYYa5RtY1zaBOOnRI5YFfGh/FOTiy
3y9AgOH6i+G7gatW1ggSLaUfAvpoKW9J4/xnRs90Kq3MItg5/82RDVOatxxpcSrA
ng4URZ3TBo06Wz/4VQtTichR/PwZhtiUhZwJFSWG/wqGG1kS9QfGms93TwGELi07
8Jy9ybUZE+9KCSp1ut5aI8dNS64X0KBbhltQwyVbqa5bBCLooAvS9MmI6AL/jaAo
B7tnJ0dpq6IoQ3gCeosxADCpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKEQ8wZFy
7Xm4xKW5yi2GPzHANVAwHwYDVR0jBBgwFoAUHwkr8ONn/aUUbSh9gQKybsj7grUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExQUM0LzFDQjUzRjMwRjZC
MTExRUM5Q0FBQjM0REM0RjlBRTAyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dy
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSHdrcjhPTm5fYVVVYlNoOWdRS3lic2o3Z3JVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MUFDNC8xQ0I1M0YzMEY2QjExMUVDOUNBQUIzNERDNEY5QUUwMi82NzkxREM5MEY2
QzgxMUVDQkRGN0RENDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMpJBTANBgkqhkiG9w0BAQsFAAOCAQEA0TZUSPu3EghB93FW
6KlDM1ALTeSWWJXmGiEfQAO8pSGz2PAXXWGkZiamFMU/pmY5kRiNSCrjuk3FCtAr
MU8ewOhv9yaD/qN2LHB0aCjjQrXV1iv/Vu07nfrb/3jCEztdEQ79oJhmo4OSMMxH
BfuSGuYU/G9ytZaF7aFeN5sdu7w4wgsyibi/2fYS6lF0HjcRNNAGm78EdUcRiGzT
q8MGSAAZ685nAAIDPKNUFdSD0hyzfVjpxK/MRtLcdJAEzxtMbRQQzaJHoJu3SvVt
HLjlV+GuacUXVEaKhvZMeV0+qto3/cydf4NPSD7ZKNiR6zl7b2OSKtestA1GMZxi
LihliA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org