Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
File:                     78C8CD90F79D11ECAFF03840C4F9AE02.roa (raw, json)
Hash identifier:          IYpPhhFFlkHXP+/SO7JNmVHEG2S4pfKf8DzBdPzg1+0=
Subject key identifier:   D9:F0:C1:62:57:D4:AC:8F:90:6D:C1:41:65:DE:07:36:CA:C2:AF:F7
Certificate issuer:       /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial:       0246
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
Signing time:             Wed 29 Jun 2022 11:20:25 +0000
ROA not before:           Wed 29 Jun 2022 11:20:25 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     22653
IP address blocks:        202.43.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 582 (0x246)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
        Validity
            Not Before: Jun 29 11:20:25 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62bc3579-4933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2d:ad:d2:2a:7a:aa:8c:0f:49:11:4e:9f:4f:
                    5c:c7:3e:40:88:ff:ba:04:53:7f:f6:23:2a:c0:62:
                    d9:fa:b5:e3:d5:cc:86:14:17:fa:ac:9a:2d:18:fe:
                    10:1b:1e:7e:8c:b9:d8:a4:4a:26:4d:34:40:1a:f9:
                    94:8a:89:5c:24:98:d8:3d:64:74:56:74:87:65:1e:
                    e9:8a:74:ca:81:54:b1:52:76:74:42:3f:d8:7d:23:
                    99:ec:26:e0:60:89:c7:72:70:36:e9:ff:51:6d:5a:
                    d1:dc:53:44:c7:13:56:a9:a6:bb:96:e7:9d:c3:b7:
                    e3:84:9d:0b:fa:93:77:61:7a:4a:7b:1f:56:44:6b:
                    d2:7d:4b:2e:8c:1a:de:be:b8:34:a3:26:42:ce:a9:
                    bf:b9:1f:4a:49:20:56:39:04:8b:a4:7b:0f:da:a8:
                    9f:6a:c1:d4:ad:9a:4d:bc:8f:03:01:4f:83:c8:dd:
                    b3:08:0c:72:db:46:68:1b:2e:b1:25:6f:1a:09:94:
                    5c:b0:74:67:fc:46:24:13:1b:7c:6b:5c:59:6a:ba:
                    3e:82:bb:b0:04:2f:a2:84:f1:a3:c4:be:15:1d:79:
                    7c:e5:8f:14:da:36:6a:bd:3f:5d:a8:0b:6f:0a:9d:
                    03:59:eb:c9:1b:1a:d5:92:aa:21:2e:f8:cb:b9:8f:
                    d9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:F0:C1:62:57:D4:AC:8F:90:6D:C1:41:65:DE:07:36:CA:C2:AF:F7
            X509v3 Authority Key Identifier:
                keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.43.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:51:3c:c3:f3:89:ed:79:d2:7e:f8:49:05:52:52:d7:23:fa:
         24:90:bb:d0:37:71:f0:3a:6a:a0:fa:40:e1:d0:a8:c9:13:c2:
         c8:dc:b4:5f:fc:1e:08:71:b3:6c:bb:9e:ca:1e:1c:ab:66:f8:
         0d:e6:77:b1:ec:35:d7:a9:47:6f:c4:2c:5e:07:70:f5:e4:e7:
         7e:75:53:6a:22:75:5c:d9:f8:79:03:75:b2:5f:fd:f0:29:ef:
         4e:e3:d5:43:2f:b4:4a:60:51:ce:4f:29:48:fc:a2:89:94:67:
         68:2f:64:95:b6:a0:aa:f6:7a:ec:f9:91:23:3f:1d:a3:56:59:
         06:d5:7b:f2:6c:3b:85:a9:c7:48:e3:1c:db:95:30:b5:9f:b8:
         a6:6b:42:c9:ba:6b:0e:9c:d4:d4:4b:2b:f1:7d:b6:70:92:db:
         60:77:0c:26:8e:83:a6:09:86:48:a3:a3:74:df:f7:f6:43:7b:
         c6:4e:56:a0:a3:27:1a:f2:68:e8:52:56:a1:0d:cb:24:1d:0c:
         b0:ae:cf:76:98:d1:a4:2a:b7:1b:c1:0b:a1:58:72:36:65:a5:
         2d:f2:49:8c:c4:7a:40:dc:cf:d5:a6:af:bb:15:72:6c:f4:c3:
         b7:c3:d9:49:c9:6c:81:b5:a6:e9:03:ff:a9:8c:64:20:a8:35:
         57:83:ba:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIwNjI5MTEyMDI1WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJjMzU3OS00OTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqy2t0ip6qowPSRFOn09cxz5AiP+6BFN/9iMqwGLZ+rXj1cyGFBf6rJotGP4Q
Gx5+jLnYpEomTTRAGvmUiolcJJjYPWR0VnSHZR7pinTKgVSxUnZ0Qj/YfSOZ7Cbg
YInHcnA26f9RbVrR3FNExxNWqaa7luedw7fjhJ0L+pN3YXpKex9WRGvSfUsujBre
vrg0oyZCzqm/uR9KSSBWOQSLpHsP2qifasHUrZpNvI8DAU+DyN2zCAxy20ZoGy6x
JW8aCZRcsHRn/EYkExt8a1xZaro+gruwBC+ihPGjxL4VHXl85Y8U2jZqvT9dqAtv
Cp0DWevJGxrVkqohLvjLuY/ZnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNnwwWJX
1KyPkG3BQWXeBzbKwq/3MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvNzhDOENEOTBG
NzlEMTFFQ0FGRjAzODQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBAMpRPMPzie150n74
SQVSUtcj+iSQu9A3cfA6aqD6QOHQqMkTwsjctF/8Hghxs2y7nsoeHKtm+A3md7Hs
NdepR2/ELF4HcPXk5351U2oidVzZ+HkDdbJf/fAp707j1UMvtEpgUc5PKUj8oomU
Z2gvZJW2oKr2euz5kSM/HaNWWQbVe/JsO4Wpx0jjHNuVMLWfuKZrQsm6aw6c1NRL
K/F9tnCS22B3DCaOg6YJhkijo3Tf9/ZDe8ZOVqCjJxryaOhSVqENyyQdDLCuz3aY
0aQqtxvBC6FYcjZlpS3ySYzEekDcz9Wmr7sVcmz0w7fD2UnJbIG1pukD/6mMZCCo
NVeDuhA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org