Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/0B82037066BC11EE8F1DAE86C4F9AE02.roa
File:                     0B82037066BC11EE8F1DAE86C4F9AE02.roa (raw, json)
Hash identifier:          e3jLURlypRMf5LUVr/2qDAOL2pHbbr2V0cPtqRWXK7M=
Subject key identifier:   89:60:4C:0F:49:E5:9A:F5:2B:AD:56:D6:E4:D6:5C:EA:2E:92:25:30
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       33EA
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/0B82037066BC11EE8F1DAE86C4F9AE02.roa
Signing time:             Mon 09 Oct 2023 15:53:53 +0000
ROA not before:           Mon 09 Oct 2023 15:53:53 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     174
IP address blocks:        116.90.100.0/24 maxlen: 24
                          116.90.101.0/24 maxlen: 24
                          116.90.102.0/24 maxlen: 24
                          116.90.103.0/24 maxlen: 24
                          116.90.104.0/24 maxlen: 24
                          116.90.105.0/24 maxlen: 24
                          116.90.112.0/24 maxlen: 24
                          116.90.113.0/24 maxlen: 24
                          116.90.114.0/24 maxlen: 24
                          116.90.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13290 (0x33ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Oct  9 15:53:53 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=65242211-57e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:72:2a:a1:f7:35:b3:51:12:a4:78:10:e2:be:
                    03:f8:19:de:14:7c:cd:cc:6d:48:d4:94:52:1b:b8:
                    87:06:5b:72:03:23:ed:3a:1c:1d:71:c3:9e:ff:35:
                    8f:cc:e8:9b:d6:73:61:e5:2e:ea:68:fd:b6:3a:6e:
                    4b:f7:ca:7f:cc:2e:e8:b8:85:89:a2:8d:03:0c:4c:
                    64:dc:ea:20:74:5b:61:dc:33:cb:f5:68:af:d2:3e:
                    dd:f2:f9:e3:48:e2:eb:44:2e:84:6f:0e:27:9d:5d:
                    7d:92:79:c3:6a:4e:0f:15:30:32:bb:69:cc:ff:04:
                    35:ca:13:79:7b:c6:e8:61:f7:48:d2:10:92:b3:06:
                    08:29:96:e8:a6:ca:3d:f3:7a:4b:ae:79:3f:e2:18:
                    bd:83:d1:3f:9b:2f:a5:b9:44:11:70:fb:fd:d5:bd:
                    75:bc:fd:66:4c:4f:96:fa:d0:41:05:dd:f6:31:48:
                    aa:84:97:2a:58:23:39:ee:47:94:3d:e9:3c:ef:eb:
                    e2:50:39:0d:25:b6:c4:7a:53:01:7b:29:9b:03:5b:
                    c0:ec:c8:9f:34:fb:de:8a:d0:73:c5:c8:7b:6d:2b:
                    59:66:02:30:c0:41:19:84:de:73:65:fd:00:2e:34:
                    55:5f:16:6f:0e:e3:db:f3:b6:60:1b:6e:58:7a:39:
                    c1:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:60:4C:0F:49:E5:9A:F5:2B:AD:56:D6:E4:D6:5C:EA:2E:92:25:30
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/0B82037066BC11EE8F1DAE86C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.90.100.0-116.90.105.255
                  116.90.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:7a:8e:33:fe:32:56:57:de:63:64:52:8b:83:64:8d:59:ee:
         4a:56:ea:a4:8e:ad:a3:66:f2:84:53:67:a7:60:45:5e:19:be:
         1a:ac:14:cf:2f:ca:4b:b6:5e:b5:09:fd:0c:13:c8:80:77:73:
         02:44:3e:48:96:36:81:6e:30:cf:a9:fc:39:db:8e:2a:bb:f0:
         af:2d:19:24:3a:9b:f7:0f:83:38:11:32:74:e3:a6:55:9d:c7:
         d6:be:5c:d1:49:2b:91:00:d6:47:8c:33:60:1e:44:45:ef:b6:
         b9:67:6c:70:aa:51:d3:47:36:f3:14:60:3d:d8:75:fd:5a:b3:
         ab:d4:74:b6:ec:63:c0:82:c1:bb:65:9d:24:87:08:fc:e6:a6:
         b0:48:69:c3:65:21:07:be:e6:24:e5:5a:ab:16:79:f1:79:81:
         e3:c9:c6:6b:72:89:f6:d9:c6:05:59:37:a6:87:f6:a9:42:73:
         b4:90:15:62:5b:9a:96:d1:29:cd:89:3c:0e:6d:1e:a8:ff:31:
         12:f7:09:cf:16:bf:18:af:27:48:e0:6b:bb:36:63:23:bb:59:
         00:d0:39:f4:2e:97:86:8f:9e:e4:66:38:e6:0d:cd:30:b2:f1:
         21:1b:55:59:21:e7:4f:40:e8:5c:54:84:70:42:aa:90:1d:b9:
         da:4b:94:db
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICM+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMDA5MTU1MzUzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI0MjIxMS01N2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtHIqofc1s1ESpHgQ4r4D+BneFHzNzG1I1JRSG7iHBltyAyPtOhwdccOe/zWP
zOib1nNh5S7qaP22Om5L98p/zC7ouIWJoo0DDExk3OogdFth3DPL9Wiv0j7d8vnj
SOLrRC6Ebw4nnV19knnDak4PFTAyu2nM/wQ1yhN5e8boYfdI0hCSswYIKZbopso9
83pLrnk/4hi9g9E/my+luUQRcPv91b11vP1mTE+W+tBBBd32MUiqhJcqWCM57keU
Pek87+viUDkNJbbEelMBeymbA1vA7MifNPveitBzxch7bStZZgIwwEEZhN5zZf0A
LjRVXxZvDuPb87ZgG25YejnBQwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIlgTA9J
5Zr1K61W1uTWXOoukiUwMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMEI4MjAzNzA2
NkJDMTFFRThGMURBRTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAnRaZAMEAXRaaAMEAnRacDANBgkqhkiG9w0BAQsFAAOC
AQEAFHqOM/4yVlfeY2RSi4NkjVnuSlbqpI6to2byhFNnp2BFXhm+GqwUzy/KS7Ze
tQn9DBPIgHdzAkQ+SJY2gW4wz6n8OduOKrvwry0ZJDqb9w+DOBEydOOmVZ3H1r5c
0UkrkQDWR4wzYB5ERe+2uWdscKpR00c28xRgPdh1/Vqzq9R0tuxjwILBu2WdJIcI
/OamsEhpw2UhB77mJOVaqxZ58XmB48nGa3KJ9tnGBVk3pof2qUJztJAVYlualtEp
zYk8Dm0eqP8xEvcJzxa/GK8nSOBruzZjI7tZANA59C6Xho+e5GY45g3NMLLxIRtV
WSHnT0DoXFSEcEKqkB252kuU2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org