Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD7E062491D311EC93C4B641C4F9AE02.roa
File:                     BD7E062491D311EC93C4B641C4F9AE02.roa (raw, json)
Hash identifier:          tRyHcyJWuTvrv2uwL1w19oKqTU5OlKj1eNaBukAgoKs=
Subject key identifier:   68:30:12:34:52:DB:89:86:8B:90:B1:82:38:BF:11:11:31:9F:5B:AA
Certificate issuer:       /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial:       0135
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD7E062491D311EC93C4B641C4F9AE02.roa
Signing time:             Sat 19 Feb 2022 22:31:55 +0000
ROA not before:           Sat 19 Feb 2022 22:31:55 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     64515
IP address blocks:        202.43.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 309 (0x135)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
        Validity
            Not Before: Feb 19 22:31:55 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62116fda-47e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e4:29:e8:14:5b:14:58:ae:41:9b:18:31:05:
                    1c:9b:0f:a2:46:dd:c4:0a:e6:66:7e:63:ed:47:15:
                    12:4e:96:29:6c:38:c3:f6:9f:ae:b3:0c:59:23:dc:
                    56:8b:c0:05:d0:c1:e2:20:09:8b:cf:e7:18:56:85:
                    77:0d:82:f8:c3:d2:b7:f9:c5:f2:00:a6:45:f9:7b:
                    7a:f7:09:bb:ee:49:b6:9a:bf:01:f0:29:60:3c:79:
                    75:73:24:01:1e:e3:a2:92:3e:80:b6:56:04:c3:de:
                    ac:53:bc:2b:bd:93:d8:7a:17:33:dc:78:2d:01:27:
                    49:ad:40:45:e0:14:12:67:e8:90:17:ed:17:2a:56:
                    e6:39:fa:fc:3e:35:78:c7:cc:00:9a:92:c2:92:8f:
                    db:6b:42:9e:d9:bd:3f:23:6b:cd:22:da:e6:eb:3b:
                    24:c3:39:5b:30:f6:05:f7:07:e3:c3:fe:e7:78:cb:
                    73:d9:83:25:5a:a8:8a:25:0b:32:b7:90:2d:31:24:
                    fa:bd:33:36:85:f3:28:84:bc:52:08:5f:0f:7b:1c:
                    55:42:72:57:3a:a3:4c:1a:1c:7f:ad:a7:2f:b7:17:
                    d9:62:c7:81:f1:ab:7d:d7:cc:a2:6c:cb:ee:ac:9b:
                    55:b4:76:ff:31:79:7f:71:f3:f2:25:bb:b9:f6:4c:
                    16:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:30:12:34:52:DB:89:86:8B:90:B1:82:38:BF:11:11:31:9F:5B:AA
            X509v3 Authority Key Identifier:
                keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/BD7E062491D311EC93C4B641C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.43.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:e8:2e:22:d4:00:e0:19:18:a2:c8:74:ec:04:ca:96:b2:07:
         27:25:23:06:74:90:c5:4f:da:b5:3d:f5:98:0b:5c:45:e5:e0:
         f4:2c:d8:ed:77:1b:72:b8:4f:5f:0f:2d:b9:5f:30:c8:b1:56:
         2e:c5:7d:c0:ad:cd:b0:dc:48:66:2a:0a:95:95:a4:1e:56:d8:
         a7:08:37:5e:67:20:e3:76:12:8d:1f:0f:55:65:d1:88:b4:eb:
         7d:68:ed:d8:49:a0:5f:68:92:54:34:77:54:14:b8:e1:97:51:
         0d:d0:ca:37:8f:19:aa:5c:4e:65:c0:30:63:a8:82:32:0e:bf:
         f7:8c:bc:7a:94:19:8f:9b:f3:03:a6:45:52:9e:ea:85:ed:9a:
         4d:34:39:35:f3:af:da:9f:0d:eb:db:15:0e:93:6f:f1:24:17:
         45:af:7d:8b:ac:71:db:84:2a:f3:eb:1e:ba:63:b7:f4:b7:44:
         a1:bd:52:c0:6d:cd:0e:54:ed:a8:3c:e4:c1:5c:24:85:b6:b5:
         e9:66:7a:f2:0a:42:5a:fe:f7:4f:45:62:c0:8c:22:d7:3f:48:
         fa:83:85:05:03:e3:99:24:b5:90:bb:e6:0c:49:1c:7a:70:2f:
         67:59:1d:ea:19:84:49:05:b7:bc:3b:95:1c:f7:75:9c:d8:84:
         35:80:a0:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIwMjE5MjIzMTU1WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjExNmZkYS00N2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzuQp6BRbFFiuQZsYMQUcmw+iRt3ECuZmfmPtRxUSTpYpbDjD9p+uswxZI9xW
i8AF0MHiIAmLz+cYVoV3DYL4w9K3+cXyAKZF+Xt69wm77km2mr8B8ClgPHl1cyQB
HuOikj6AtlYEw96sU7wrvZPYehcz3HgtASdJrUBF4BQSZ+iQF+0XKlbmOfr8PjV4
x8wAmpLCko/ba0Ke2b0/I2vNItrm6zskwzlbMPYF9wfjw/7neMtz2YMlWqiKJQsy
t5AtMST6vTM2hfMohLxSCF8PexxVQnJXOqNMGhx/racvtxfZYseB8at918yibMvu
rJtVtHb/MXl/cfPyJbu59kwWSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGgwEjRS
24mGi5Cxgji/ERExn1uqMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQkQ3RTA2MjQ5
MUQzMTFFQzkzQzRCNjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBAFPoLiLUAOAZGKLI
dOwEypayByclIwZ0kMVP2rU99ZgLXEXl4PQs2O13G3K4T18PLblfMMixVi7FfcCt
zbDcSGYqCpWVpB5W2KcIN15nION2Eo0fD1Vl0Yi0631o7dhJoF9oklQ0d1QUuOGX
UQ3QyjePGapcTmXAMGOogjIOv/eMvHqUGY+b8wOmRVKe6oXtmk00OTXzr9qfDevb
FQ6Tb/EkF0WvfYuscduEKvPrHrpjt/S3RKG9UsBtzQ5U7ag85MFcJIW2telmevIK
Qlr+909FYsCMItc/SPqDhQUD45kktZC75gxJHHpwL2dZHeoZhEkFt7w7lRz3dZzY
hDWAoFE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org