Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/AE0945C0F6B711ECA8E02D58C4F9AE02.roa
File:                     AE0945C0F6B711ECA8E02D58C4F9AE02.roa (raw, json)
Hash identifier:          Gj70Nkr92cJQ4WM03/mFp+esnG72d3CLt6qH+LkTUYs=
Subject key identifier:   8D:AD:D7:7F:35:07:4C:CC:8E:94:E5:81:63:18:4C:A3:34:4D:E8:18
Certificate issuer:       /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial:       CA
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/AE0945C0F6B711ECA8E02D58C4F9AE02.roa
Signing time:             Tue 04 Oct 2022 05:35:20 +0000
ROA not before:           Tue 04 Oct 2022 05:35:19 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        202.73.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 202 (0xca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
        Validity
            Not Before: Oct  4 05:35:19 2022 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=633bc617-e7d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b2:a3:7a:3a:55:7a:df:53:f9:44:1e:a4:c1:
                    b6:ee:54:75:f4:da:43:a3:d6:df:67:4c:ce:ef:19:
                    54:9a:5d:54:d8:f1:4a:00:db:31:3d:92:97:3d:5a:
                    c8:86:1e:e2:7a:a7:66:37:01:e3:dd:07:d9:90:8a:
                    6f:bf:63:66:7b:d3:b7:10:26:ec:e3:5a:30:5e:c6:
                    17:ba:23:64:42:9f:09:85:72:80:8c:db:9e:0f:21:
                    6d:ed:bd:e9:b4:b7:4e:2e:36:f8:a4:21:a4:fd:f0:
                    24:80:d7:67:e6:5f:4d:81:fe:cf:5b:97:25:75:68:
                    40:08:dc:6b:c5:ff:f4:54:81:ae:48:63:d6:96:f4:
                    b5:03:cb:6d:77:00:f5:56:18:88:21:37:c3:a5:d4:
                    a4:1a:bb:ff:f3:ab:0d:24:98:d4:36:12:8e:02:a5:
                    1e:35:06:df:a8:1e:26:b1:47:1f:9d:f2:99:7e:eb:
                    f5:56:8c:a8:ab:8c:9e:20:54:f8:14:a8:04:dd:81:
                    67:37:4e:c4:3b:91:a3:be:ff:e4:61:2e:d0:e2:be:
                    ed:3f:3c:06:79:74:6c:35:00:07:4f:9d:68:f6:3d:
                    2d:e8:74:ea:2e:5e:5e:58:89:09:1a:1a:f6:9f:c5:
                    7d:fd:46:f3:76:1b:94:1c:da:52:2f:f3:4b:2b:2d:
                    10:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:AD:D7:7F:35:07:4C:CC:8E:94:E5:81:63:18:4C:A3:34:4D:E8:18
            X509v3 Authority Key Identifier:
                keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/AE0945C0F6B711ECA8E02D58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.73.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:f4:f8:33:59:8d:42:3a:22:f6:80:92:05:43:7b:c4:e5:95:
         64:d5:5a:de:11:a9:10:51:81:f0:93:06:e7:fd:59:41:0a:1e:
         af:6f:59:c4:1b:ec:34:87:65:de:8c:af:8e:3e:fb:a8:9e:2e:
         46:29:dd:82:15:34:91:c7:fb:10:a5:c4:60:60:3d:93:1d:8a:
         f7:b7:bb:63:84:17:63:36:36:44:8c:8f:39:7b:f5:e8:66:55:
         d7:e2:a3:9a:97:bf:71:91:e6:81:39:08:41:c4:06:81:2d:85:
         52:b3:a0:50:cb:df:31:80:b3:71:c2:21:2d:d7:92:56:37:b4:
         6a:0b:11:38:b6:18:dd:b6:27:34:ff:00:03:9e:8b:62:a8:49:
         1a:b1:7e:2d:46:11:1e:b1:46:d1:d4:8c:22:1d:66:6d:55:49:
         01:02:92:2c:81:b8:aa:b8:c5:55:6e:d3:b6:fe:6f:41:6b:20:
         e1:2e:60:31:8c:29:76:73:d1:ad:b2:92:6a:bf:c5:4f:3d:c6:
         12:9e:95:bc:eb:05:9f:3b:01:51:77:49:a9:c4:6b:00:4a:be:
         1f:2d:64:64:d7:67:30:6f:ee:46:ec:9f:67:e5:ca:69:67:a6:
         c0:5f:34:ec:3e:66:88:9c:84:10:4d:6d:ae:12:3c:fe:f1:20:
         a4:03:aa:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQzQxMTAvBgNVBAUTKDFGMDkyQkYwRTM2N0ZEQTUxNDZEMjg3RDgxMDJCMjZF
QzhGQjgyQjUwHhcNMjIxMDA0MDUzNTE5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNiYzYxNy1lN2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq7KjejpVet9T+UQepMG27lR19NpDo9bfZ0zO7xlUml1U2PFKANsxPZKXPVrI
hh7ieqdmNwHj3QfZkIpvv2Nme9O3ECbs41owXsYXuiNkQp8JhXKAjNueDyFt7b3p
tLdOLjb4pCGk/fAkgNdn5l9Ngf7PW5cldWhACNxrxf/0VIGuSGPWlvS1A8ttdwD1
VhiIITfDpdSkGrv/86sNJJjUNhKOAqUeNQbfqB4msUcfnfKZfuv1Voyoq4yeIFT4
FKgE3YFnN07EO5Gjvv/kYS7Q4r7tPzwGeXRsNQAHT51o9j0t6HTqLl5eWIkJGhr2
n8V9/UbzdhuUHNpSL/NLKy0QHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFI2t1381
B0zMjpTlgWMYTKM0TegYMB8GA1UdIwQYMBaAFB8JK/DjZ/2lFG0ofYECsm7I+4K1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFDNC8xQ0I1M0YzMEY2
QjExMUVDOUNBQUIzNERDNEY5QUUwMi9Id2tyOE9Obl9hVVViU2g5Z1FLeWJzajdn
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQzQvMUNCNTNGMzBGNkIxMTFFQzlDQUFCMzREQzRGOUFFMDIvQUUwOTQ1QzBG
NkI3MTFFQ0E4RTAyRDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKSQQwDQYJKoZIhvcNAQELBQADggEBAJr0+DNZjUI6IvaA
kgVDe8TllWTVWt4RqRBRgfCTBuf9WUEKHq9vWcQb7DSHZd6Mr44++6ieLkYp3YIV
NJHH+xClxGBgPZMdive3u2OEF2M2NkSMjzl79ehmVdfio5qXv3GR5oE5CEHEBoEt
hVKzoFDL3zGAs3HCIS3XklY3tGoLETi2GN22JzT/AAOei2KoSRqxfi1GER6xRtHU
jCIdZm1VSQECkiyBuKq4xVVu07b+b0FrIOEuYDGMKXZz0a2ykmq/xU89xhKelbzr
BZ87AVF3SanEawBKvh8tZGTXZzBv7kbsn2flymlnpsBfNOw+ZoichBBNba4SPP7x
IKQDqjE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org