Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/E7A9EE68FD5D11ECB7EE8585C4F9AE02.roa
File:                     E7A9EE68FD5D11ECB7EE8585C4F9AE02.roa (raw, json)
Hash identifier:          /UK54KXm7Cj8FMd0vnfh9j2Ex6mR5DNvuZp3GagF7fA=
Subject key identifier:   AF:96:09:D9:A4:4E:D4:63:D7:4E:E5:78:9B:D0:29:3C:4E:7D:A7:90
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       3241
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/E7A9EE68FD5D11ECB7EE8585C4F9AE02.roa
Signing time:             Wed 06 Jul 2022 19:00:30 +0000
ROA not before:           Wed 06 Jul 2022 19:00:30 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     17557
IP address blocks:        202.69.33.0/24 maxlen: 24
                          202.69.36.0/24 maxlen: 24
                          202.69.40.0/24 maxlen: 24
                          202.69.41.0/24 maxlen: 24
                          202.69.42.0/24 maxlen: 24
                          202.69.45.0/24 maxlen: 24
                          202.69.46.0/24 maxlen: 24
                          202.69.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12865 (0x3241)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Jul  6 19:00:30 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62c5dbce-ce55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b3:50:0c:68:a7:a7:18:1b:61:50:d1:a4:d6:
                    d0:fb:78:19:50:b3:3d:2f:29:11:df:a5:8d:1f:c2:
                    66:b5:f3:ca:c4:ad:f9:e0:81:b6:f8:c0:f3:96:92:
                    7b:e0:14:2d:d5:a1:21:e7:69:0e:3a:60:30:5a:01:
                    b7:e6:db:60:73:c9:49:5c:31:13:77:5d:5d:7a:ea:
                    db:66:18:44:56:82:07:03:fa:f3:8a:f9:69:72:45:
                    62:1e:46:55:eb:88:fe:15:04:5b:01:04:c9:bb:65:
                    7d:dc:66:ad:ee:27:63:cb:38:ed:31:fa:b7:8f:69:
                    35:64:57:e4:30:6c:6e:b4:4d:5d:b8:f0:62:e8:68:
                    2f:69:c6:a0:4c:5e:c6:c6:ac:e0:25:90:e2:b2:31:
                    84:47:2d:df:a4:09:d4:8c:b6:ca:cf:37:e2:e0:c5:
                    d1:2b:89:01:19:27:74:93:44:87:7a:28:5c:7b:eb:
                    c8:bc:22:66:37:d9:19:ed:23:7c:f2:c6:56:27:e6:
                    1d:dd:53:6a:a9:89:02:75:69:ac:58:f1:fc:f8:32:
                    78:a7:1c:b4:4a:d8:7e:2a:95:ce:a2:75:05:bd:56:
                    d5:c8:b1:91:91:7e:4f:59:07:d5:30:a8:be:e3:86:
                    01:86:fa:3c:8d:79:28:d8:ed:19:0d:cb:b9:82:f3:
                    28:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:96:09:D9:A4:4E:D4:63:D7:4E:E5:78:9B:D0:29:3C:4E:7D:A7:90
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/E7A9EE68FD5D11ECB7EE8585C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.69.33.0/24
                  202.69.36.0/24
                  202.69.40.0-202.69.42.255
                  202.69.45.0-202.69.47.255

    Signature Algorithm: sha256WithRSAEncryption
         a4:f3:84:b3:a3:f9:08:c6:28:ae:86:cb:45:78:69:18:84:66:
         0f:87:eb:c3:3e:6d:b5:15:41:e9:01:49:bb:1c:46:8a:ce:ec:
         02:39:86:03:0c:fe:63:0a:38:46:14:82:2d:9d:69:61:0f:fd:
         9d:79:57:7c:80:4f:60:2a:49:d2:ff:3c:27:ed:66:97:76:d5:
         85:9e:fd:d9:2b:81:8a:10:fe:43:b1:6a:8b:0b:06:e4:0a:81:
         98:4d:9f:c2:28:48:36:a3:7c:85:7f:35:97:c0:df:8b:aa:fe:
         36:9e:28:37:88:95:af:52:37:a4:9d:72:33:c8:42:9b:56:03:
         c8:c2:86:4e:3e:c2:86:07:27:0e:d2:c3:1b:66:28:84:77:af:
         66:75:79:82:48:f1:95:cb:98:13:5e:2b:45:40:10:a1:77:4c:
         54:c5:06:5a:80:db:a3:5d:ae:67:ae:e3:a5:d8:ab:c2:25:78:
         84:77:ed:77:61:c7:51:8e:7e:8f:41:6c:f2:a7:5a:d8:f8:d7:
         76:11:b1:48:fa:e3:6f:13:30:0b:8a:d1:ca:0b:b2:9f:73:77:
         13:f4:ac:68:b5:64:98:c1:99:9e:f4:5f:54:e9:9a:e1:45:d7:
         ce:65:bc:24:0a:e6:e5:20:01:4b:82:b6:c8:5a:9f:46:64:29:
         06:6a:53:db
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICMkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjIwNzA2MTkwMDMwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM1ZGJjZS1jZTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlbNQDGinpxgbYVDRpNbQ+3gZULM9LykR36WNH8JmtfPKxK354IG2+MDzlpJ7
4BQt1aEh52kOOmAwWgG35ttgc8lJXDETd11deurbZhhEVoIHA/rzivlpckViHkZV
64j+FQRbAQTJu2V93Gat7idjyzjtMfq3j2k1ZFfkMGxutE1duPBi6GgvacagTF7G
xqzgJZDisjGERy3fpAnUjLbKzzfi4MXRK4kBGSd0k0SHeihce+vIvCJmN9kZ7SN8
8sZWJ+Yd3VNqqYkCdWmsWPH8+DJ4pxy0Sth+KpXOonUFvVbVyLGRkX5PWQfVMKi+
44YBhvo8jXko2O0ZDcu5gvMotQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFK+WCdmk
TtRj107leJvQKTxOfaeQMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRTdBOUVFNjhG
RDVEMTFFQ0I3RUU4NTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgDBADKRSEDBADKRSQwDAMEA8pFKAMEAMpFKjAMAwQAykUtAwQE
ykUgMA0GCSqGSIb3DQEBCwUAA4IBAQCk84Szo/kIxiiuhstFeGkYhGYPh+vDPm21
FUHpAUm7HEaKzuwCOYYDDP5jCjhGFIItnWlhD/2deVd8gE9gKknS/zwn7WaXdtWF
nv3ZK4GKEP5DsWqLCwbkCoGYTZ/CKEg2o3yFfzWXwN+Lqv42nig3iJWvUjeknXIz
yEKbVgPIwoZOPsKGBycO0sMbZiiEd69mdXmCSPGVy5gTXitFQBChd0xUxQZagNuj
Xa5nruOl2KvCJXiEd+13YcdRjn6PQWzyp1rY+Nd2EbFI+uNvEzALitHKC7Kfc3cT
9KxotWSYwZme9F9U6ZrhRdfOZbwkCublIAFLgrbIWp9GZCkGalPb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org