Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C74745EE78A411EE9B727757C4F9AE02.roa
File:                     C74745EE78A411EE9B727757C4F9AE02.roa (raw, json)
Hash identifier:          CPK6l3WzFGuBjEaCrOfkGhWKU+TTadNKdi/g7Td8U98=
Subject key identifier:   B5:10:67:75:08:CF:B7:AB:3E:73:29:D6:D7:97:05:32:B4:D1:43:B2
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       33FF
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C74745EE78A411EE9B727757C4F9AE02.roa
Signing time:             Wed 01 Nov 2023 10:52:41 +0000
ROA not before:           Wed 01 Nov 2023 10:52:41 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     140499
IP address blocks:        121.46.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13311 (0x33ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Nov  1 10:52:41 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=65422df9-5833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3e:66:52:2f:73:20:e5:28:e3:80:d5:21:f8:
                    cf:17:68:0d:96:ca:92:e2:ce:8f:32:63:76:16:53:
                    df:91:54:da:c1:05:23:60:e5:6c:ed:7a:bc:ad:6e:
                    8c:08:18:d6:92:54:d1:52:ca:a1:43:51:4c:dc:12:
                    88:a2:86:2a:2a:53:99:a2:78:30:41:80:8f:12:18:
                    9a:99:bd:1f:81:fb:39:cf:06:0b:49:83:5a:5e:bc:
                    c0:3f:1d:db:39:4d:db:09:a4:90:fe:f6:18:cd:a2:
                    3b:bf:87:5d:cd:20:01:db:0a:37:21:25:7a:bd:c9:
                    bf:da:f1:94:be:a7:31:05:02:40:2e:a2:9e:67:ad:
                    9d:c7:3e:fc:1b:ca:a7:bb:8d:a0:71:f4:6a:9e:e0:
                    f6:d4:92:b1:47:83:da:8b:ee:51:d1:87:7e:28:13:
                    83:38:59:07:fd:2c:01:11:67:7e:72:d7:2d:19:b6:
                    f0:a8:18:e5:71:c8:77:10:59:5b:39:8a:3c:a9:86:
                    67:4d:d2:90:5e:5e:ed:ce:b0:70:e1:a5:e3:89:b3:
                    4c:b7:a5:13:bd:6b:5d:00:4f:f5:36:15:61:bb:03:
                    d8:ec:09:41:34:eb:59:77:01:e2:69:b4:e3:cf:01:
                    8d:ad:7b:b7:b7:c8:fd:14:b8:6d:a8:e7:0f:ad:aa:
                    12:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:10:67:75:08:CF:B7:AB:3E:73:29:D6:D7:97:05:32:B4:D1:43:B2
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C74745EE78A411EE9B727757C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.46.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:65:65:3a:6f:ab:6a:4a:03:fb:5b:6c:07:eb:04:82:bc:21:
         2e:52:9f:f6:d7:23:28:e3:7b:e8:2c:97:df:53:0d:75:d1:6d:
         7b:e3:73:25:95:13:5a:19:d7:96:77:d8:da:f3:e1:61:75:74:
         dd:09:ea:cf:9a:f9:00:de:5c:c1:0d:b4:d2:98:cd:ec:96:83:
         1a:c2:cd:8e:77:2d:65:b2:eb:ec:6b:a6:98:81:14:2a:d9:4f:
         94:c6:df:c1:ce:68:c3:c0:79:81:4f:9d:e4:bd:5a:1a:83:d0:
         d5:b3:91:8e:6e:17:a6:0c:25:64:7d:bd:57:88:d7:fe:fd:64:
         8b:dd:a5:bc:6a:c8:cb:fb:a6:ad:b8:57:90:0d:41:f9:7c:a3:
         b6:1f:88:97:e7:9a:fb:93:4f:87:45:85:0b:48:22:ac:41:64:
         3d:18:e1:b7:4f:5f:74:4f:aa:37:bc:8e:ae:9c:5c:e0:74:16:
         09:20:7a:4b:18:48:2c:24:33:b9:51:27:55:ea:0a:86:da:76:
         43:e8:59:a4:bf:8a:02:a9:f6:13:7f:95:5e:8d:fe:4a:c9:7c:
         02:5d:98:05:db:f7:f0:3d:a9:88:be:70:48:53:bb:53:75:d8:
         f0:49:94:95:2e:ee:04:38:ee:27:00:eb:e3:a5:42:d2:2f:be:
         65:fa:cf:dd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTAxMTA1MjQxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQyMmRmOS01ODMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1j5mUi9zIOUo44DVIfjPF2gNlsqS4s6PMmN2FlPfkVTawQUjYOVs7Xq8rW6M
CBjWklTRUsqhQ1FM3BKIooYqKlOZongwQYCPEhiamb0fgfs5zwYLSYNaXrzAPx3b
OU3bCaSQ/vYYzaI7v4ddzSAB2wo3ISV6vcm/2vGUvqcxBQJALqKeZ62dxz78G8qn
u42gcfRqnuD21JKxR4Pai+5R0Yd+KBODOFkH/SwBEWd+ctctGbbwqBjlcch3EFlb
OYo8qYZnTdKQXl7tzrBw4aXjibNMt6UTvWtdAE/1NhVhuwPY7AlBNOtZdwHiabTj
zwGNrXu3t8j9FLhtqOcPraoScwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLUQZ3UI
z7erPnMp1teXBTK00UOyMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQzc0NzQ1RUU3
OEE0MTFFRTlCNzI3NzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5LkMwDQYJKoZIhvcNAQELBQADggEBAK1lZTpvq2pKA/tb
bAfrBIK8IS5Sn/bXIyjje+gsl99TDXXRbXvjcyWVE1oZ15Z32Nrz4WF1dN0J6s+a
+QDeXMENtNKYzeyWgxrCzY53LWWy6+xrppiBFCrZT5TG38HOaMPAeYFPneS9WhqD
0NWzkY5uF6YMJWR9vVeI1/79ZIvdpbxqyMv7pq24V5ANQfl8o7YfiJfnmvuTT4dF
hQtIIqxBZD0Y4bdPX3RPqje8jq6cXOB0FgkgeksYSCwkM7lRJ1XqCobadkPoWaS/
igKp9hN/lV6N/krJfAJdmAXb9/A9qYi+cEhTu1N12PBJlJUu7gQ47icA6+OlQtIv
vmX6z90=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org