Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
File:                     F8346C30F9F811EC8FC36B1EC4F9AE02.roa (raw, json)
Hash identifier:          vaVQrpvOP0wEesPHb1nFog/gMpyeAGbu3QqRf+t6jYc=
Subject key identifier:   70:34:45:5B:E9:E5:C9:56:E4:64:02:3D:0E:63:86:95:DD:0A:A2:53
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       3233
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
Signing time:             Sat 02 Jul 2022 11:20:25 +0000
ROA not before:           Sat 02 Jul 2022 11:20:25 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     17557
IP address blocks:        202.69.33.0/24 maxlen: 24
                          202.69.34.0/24 maxlen: 24
                          202.69.36.0/24 maxlen: 24
                          202.69.40.0/24 maxlen: 24
                          202.69.41.0/24 maxlen: 24
                          202.69.42.0/24 maxlen: 24
                          202.69.45.0/24 maxlen: 24
                          202.69.46.0/24 maxlen: 24
                          202.69.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12851 (0x3233)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Jul  2 11:20:25 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=62c029f9-0ef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:71:16:5c:68:f9:f0:10:c7:01:f8:bb:31:02:
                    43:7d:9d:40:49:88:e7:15:27:23:a5:e3:2f:35:33:
                    d7:bd:78:00:86:3c:c3:30:56:6c:47:8d:c2:e5:59:
                    6d:69:e4:19:6a:b3:2d:84:dc:88:75:3e:52:ea:4b:
                    e8:35:64:01:25:08:98:ef:6d:99:4f:65:37:66:7e:
                    53:25:ba:b0:bc:b0:94:87:6f:7e:f8:1d:1b:b2:44:
                    38:73:4c:4a:c8:92:40:b8:3a:b4:b1:88:09:a7:f4:
                    23:b7:eb:c3:52:b0:1b:f1:95:28:41:5e:18:c3:6c:
                    58:3d:be:13:c1:83:3b:fb:52:1d:0b:41:8b:35:ec:
                    de:82:da:b4:9d:6e:24:80:e0:2d:2e:93:cf:2a:7d:
                    79:72:12:a2:0f:07:a7:27:1f:45:cd:15:f2:5b:f2:
                    9c:02:4b:86:53:40:c4:b3:31:45:ef:f5:81:bc:7f:
                    34:f8:f6:52:e5:14:29:a6:e5:73:5f:03:46:c4:0c:
                    88:b7:14:ee:10:0d:e3:4e:12:1d:b6:4d:9b:83:87:
                    0f:09:fc:eb:83:b8:31:7b:88:e3:0b:83:7d:32:44:
                    67:20:68:08:7a:ad:50:e0:c6:e3:6b:7f:0d:1e:7f:
                    d4:8a:d9:2c:2b:e9:e7:7f:7e:ee:20:25:31:17:d2:
                    83:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:34:45:5B:E9:E5:C9:56:E4:64:02:3D:0E:63:86:95:DD:0A:A2:53
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.69.33.0-202.69.34.255
                  202.69.36.0/24
                  202.69.40.0-202.69.42.255
                  202.69.45.0-202.69.47.255

    Signature Algorithm: sha256WithRSAEncryption
         13:9b:4d:e8:18:d0:65:16:ef:d6:7d:57:00:d6:f2:cf:96:f1:
         31:06:aa:a2:10:06:c2:0b:b4:8e:cd:c8:0c:7e:b2:f8:4b:8a:
         72:37:68:5e:e0:2d:e7:81:dd:aa:f2:c1:16:8e:0e:8b:bf:cd:
         75:a6:71:be:78:0d:d5:c9:c7:26:94:75:e1:ae:dd:e1:ac:77:
         d6:f0:ce:dd:89:ec:24:6c:bf:b4:6e:7a:3b:28:3e:70:39:08:
         e8:26:c0:20:d5:dc:0a:76:55:88:9c:9b:e8:4d:35:9e:0c:ce:
         9b:6a:55:62:28:bc:56:4c:29:b4:eb:48:9e:8c:64:e7:77:2c:
         51:8d:99:f9:e2:09:28:c8:f9:65:3d:eb:30:52:c5:72:04:3b:
         4e:ad:76:d9:eb:76:69:b7:aa:c8:d2:3a:9d:53:d9:ce:65:1d:
         dd:cd:46:6e:af:b8:26:51:15:f4:0c:19:91:b4:76:8a:d7:50:
         fe:fb:90:69:30:7a:fa:11:c7:e9:cc:ed:71:a7:a6:fd:d3:35:
         e2:7a:65:4c:74:dc:af:89:1d:be:51:9c:c9:d3:c0:bc:d8:70:
         c8:a5:d5:06:2e:a6:3d:d9:95:3b:d7:33:13:da:59:be:48:15:
         e2:fd:7d:14:4d:6e:93:16:07:c4:86:ac:5e:2e:49:2f:cc:42:
         19:34:b9:04
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICMjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjIwNzAyMTEyMDI1WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMwMjlmOS0wZWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm3EWXGj58BDHAfi7MQJDfZ1ASYjnFScjpeMvNTPXvXgAhjzDMFZsR43C5Vlt
aeQZarMthNyIdT5S6kvoNWQBJQiY722ZT2U3Zn5TJbqwvLCUh29++B0bskQ4c0xK
yJJAuDq0sYgJp/Qjt+vDUrAb8ZUoQV4Yw2xYPb4TwYM7+1IdC0GLNezegtq0nW4k
gOAtLpPPKn15chKiDwenJx9FzRXyW/KcAkuGU0DEszFF7/WBvH80+PZS5RQppuVz
XwNGxAyItxTuEA3jThIdtk2bg4cPCfzrg7gxe4jjC4N9MkRnIGgIeq1Q4Mbja38N
Hn/UitksK+nnf37uICUxF9KDVwIDAQABo4ICvzCCArswHQYDVR0OBBYEFHA0RVvp
5clW5GQCPQ5jhpXdCqJTMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRjgzNDZDMzBG
OUY4MTFFQzhGQzM2QjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDAwDAMEAMpFIQMEAMpFIgMEAMpFJDAMAwQDykUoAwQAykUqMAwD
BADKRS0DBATKRSAwDQYJKoZIhvcNAQELBQADggEBABObTegY0GUW79Z9VwDW8s+W
8TEGqqIQBsILtI7NyAx+svhLinI3aF7gLeeB3arywRaODou/zXWmcb54DdXJxyaU
deGu3eGsd9bwzt2J7CRsv7RuejsoPnA5COgmwCDV3Ap2VYicm+hNNZ4MzptqVWIo
vFZMKbTrSJ6MZOd3LFGNmfniCSjI+WU96zBSxXIEO06tdtnrdmm3qsjSOp1T2c5l
Hd3NRm6vuCZRFfQMGZG0dorXUP77kGkwevoRx+nM7XGnpv3TNeJ6ZUx03K+JHb5R
nMnTwLzYcMil1QYupj3ZlTvXMxPaWb5IFeL9fRRNbpMWB8SGrF4uSS/MQhk0uQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org