Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/716DA39643B611EB9FB8597CC4F9AE02.roa
File:                     716DA39643B611EB9FB8597CC4F9AE02.roa (raw, json)
Hash identifier:          3eY4w69Xr1knkLmYYJThSx5lMOrV7TitR7h31rdxB3Y=
Subject key identifier:   B5:A1:3F:63:0F:2F:D8:BB:88:2E:D3:B4:B8:ED:52:74:EE:62:E7:4D
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       30F5
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/716DA39643B611EB9FB8597CC4F9AE02.roa
Signing time:             Mon 31 Jan 2022 14:40:32 +0000
ROA not before:           Mon 31 Jan 2022 14:40:32 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     23966
IP address blocks:        202.69.51.0/24 maxlen: 24
                          202.69.52.0/24 maxlen: 24
                          202.69.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12533 (0x30f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Jan 31 14:40:32 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=61f7f4e0-4c59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9f:d1:30:3a:35:2e:e2:b2:10:21:26:1a:02:
                    99:92:c6:e4:92:c8:92:54:5b:09:09:83:b4:bd:1a:
                    0b:7d:a9:cb:96:ee:3e:fb:44:e0:e4:02:25:80:28:
                    c6:a4:17:af:c3:95:ce:53:e1:0e:87:44:ac:bc:b3:
                    57:96:94:c0:12:5c:d2:fb:b6:9e:95:ab:06:c6:25:
                    2d:0b:c8:f8:8e:9a:f7:22:29:42:11:d5:12:69:e2:
                    a0:88:65:75:bb:05:21:0e:2b:43:41:2b:4a:e9:5c:
                    d2:36:54:50:4b:1d:8e:b0:5d:00:ea:01:7a:6c:b1:
                    ba:c4:af:77:f8:85:02:18:78:78:4c:db:9c:13:52:
                    37:c4:df:9f:51:b8:5f:b2:2f:d8:e2:cf:b6:b2:03:
                    dc:3a:88:78:c4:11:d6:d6:77:38:18:0f:d0:26:7d:
                    aa:a1:23:1b:f5:85:ea:bd:5f:2d:99:45:c8:dd:87:
                    60:14:f6:fc:99:52:c4:f2:7d:6a:c8:e8:88:3a:9c:
                    ed:ca:2c:80:06:28:af:4b:93:87:93:7a:59:fd:85:
                    8c:4b:92:a8:c8:1c:29:4d:a6:3e:68:54:76:7d:82:
                    28:85:a2:d0:93:8b:ba:c0:5a:3c:92:93:55:dc:4d:
                    86:3f:80:2b:fa:d3:02:e9:86:39:82:46:32:d1:86:
                    39:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:A1:3F:63:0F:2F:D8:BB:88:2E:D3:B4:B8:ED:52:74:EE:62:E7:4D
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/716DA39643B611EB9FB8597CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.69.51.0-202.69.53.255

    Signature Algorithm: sha256WithRSAEncryption
         6e:d5:55:80:b6:ce:07:a8:86:26:8a:5b:ca:eb:cb:82:c5:8b:
         5e:81:63:05:ef:66:00:8b:26:a7:21:63:c3:e5:88:23:de:9f:
         fe:fd:2d:7d:0a:68:d7:dc:cc:31:e5:1a:0c:7c:72:1d:ac:3a:
         eb:b4:18:d4:d8:76:64:f1:fd:6e:83:a2:3b:83:0a:3a:c4:03:
         8d:78:0d:a4:29:22:92:b5:9a:ba:0a:4b:02:9c:d5:5c:99:b3:
         20:af:20:a9:da:92:e0:c8:d4:e5:ed:a7:8d:e9:a8:16:04:03:
         28:98:ce:9f:e6:b4:37:fe:de:f3:c2:33:b1:55:62:aa:ae:52:
         e6:e1:13:bf:92:5c:2f:bb:92:6d:77:57:9d:0c:af:cc:5f:e3:
         51:3b:69:ea:14:90:28:ec:bd:e9:cb:3e:4a:3c:8a:9a:87:7f:
         86:3f:24:f9:ed:4e:bb:1c:7e:9b:58:37:c4:69:43:c4:63:f3:
         bf:2d:a7:e0:07:22:70:c5:01:d5:23:7d:90:71:bc:db:fa:d3:
         21:52:07:34:80:94:3d:f1:ae:d5:69:96:1c:77:27:96:24:15:
         ba:7b:0c:8e:08:2f:fe:cd:9c:d1:b1:ee:68:ec:5c:d4:49:14:
         85:36:f3:c7:0b:eb:9c:62:08:9f:f9:3d:2f:b4:d8:b1:fa:d1:
         b7:fc:ff:0a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICMPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjIwMTMxMTQ0MDMyWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3ZjRlMC00YzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZ/RMDo1LuKyECEmGgKZksbkksiSVFsJCYO0vRoLfanLlu4++0Tg5AIlgCjG
pBevw5XOU+EOh0SsvLNXlpTAElzS+7aelasGxiUtC8j4jpr3IilCEdUSaeKgiGV1
uwUhDitDQStK6VzSNlRQSx2OsF0A6gF6bLG6xK93+IUCGHh4TNucE1I3xN+fUbhf
si/Y4s+2sgPcOoh4xBHW1nc4GA/QJn2qoSMb9YXqvV8tmUXI3YdgFPb8mVLE8n1q
yOiIOpztyiyABiivS5OHk3pZ/YWMS5KoyBwpTaY+aFR2fYIohaLQk4u6wFo8kpNV
3E2GP4Ar+tMC6YY5gkYy0YY5uQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFLWhP2MP
L9i7iC7TtLjtUnTuYudNMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNzE2REEzOTY0
M0I2MTFFQjlGQjg1OTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMpFMwMEAcpFNDANBgkqhkiG9w0BAQsFAAOCAQEAbtVV
gLbOB6iGJopbyuvLgsWLXoFjBe9mAIsmpyFjw+WII96f/v0tfQpo19zMMeUaDHxy
Haw667QY1Nh2ZPH9boOiO4MKOsQDjXgNpCkikrWaugpLApzVXJmzIK8gqdqS4MjU
5e2njemoFgQDKJjOn+a0N/7e88IzsVViqq5S5uETv5JcL7uSbXdXnQyvzF/jUTtp
6hSQKOy96cs+SjyKmod/hj8k+e1Ouxx+m1g3xGlDxGPzvy2n4AcicMUB1SN9kHG8
2/rTIVIHNICUPfGu1WmWHHcnliQVunsMjggv/s2c0bHuaOxc1EkUhTbzxwvrnGII
n/k9L7TYsfrRt/z/Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org