Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/B7902A8E209711EB9533BC74C4F9AE02.roa
File:                     B7902A8E209711EB9533BC74C4F9AE02.roa (raw, json)
Hash identifier:          AePUlCw8lke9/6b0OEKmiCN3VLFd578Sf+xbqm8Z/Qg=
Subject key identifier:   CD:0D:E8:52:E4:5E:16:38:08:C8:6A:2A:E9:EC:17:53:45:FC:EC:D6
Certificate issuer:       /CN=A91B6E73/serialNumber=4A17AF66A048FC81DAE8545F7E35D9DAABD40271
Certificate serial:       0E0B
Authority key identifier: 4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/B7902A8E209711EB9533BC74C4F9AE02.roa
Signing time:             Tue 18 Jan 2022 06:36:47 +0000
ROA not before:           Tue 18 Jan 2022 06:36:47 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     140096
IP address blocks:        124.108.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3595 (0xe0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B6E73/serialNumber=4A17AF66A048FC81DAE8545F7E35D9DAABD40271
        Validity
            Not Before: Jan 18 06:36:47 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=61e65ffe-c7bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fc:ea:ed:73:da:e8:11:2f:20:70:a3:79:a7:
                    d5:e8:cf:e9:69:c2:d9:1e:e2:ba:c4:f7:05:4a:cc:
                    6d:02:d4:8e:97:fb:48:5f:06:16:aa:cb:81:9d:95:
                    58:92:1f:1d:61:32:a7:1e:5b:e7:20:bf:fd:33:c3:
                    99:c7:ad:1e:80:31:09:b8:90:0c:cc:b1:fb:c7:b1:
                    49:21:a0:00:30:61:65:17:02:ff:7c:33:15:5f:49:
                    3c:f8:f6:f3:15:78:76:1b:03:30:23:b2:fe:8d:c4:
                    98:f9:c2:87:29:22:54:1c:74:6c:95:db:12:31:c4:
                    09:07:14:29:d8:a4:18:a4:d7:1f:94:4c:51:da:88:
                    f7:5d:25:e0:df:56:15:01:17:71:7a:d1:ae:c3:c3:
                    11:68:3b:4d:1f:5b:1e:b6:66:eb:78:3f:3c:b9:5f:
                    f3:c1:bb:81:49:bc:07:9b:27:9d:d2:24:a8:20:f3:
                    84:46:08:2a:f0:a4:79:af:a3:2b:08:56:c2:67:05:
                    96:aa:89:2c:b4:7e:6f:09:54:50:94:fb:2e:a4:0b:
                    1a:27:a6:dc:9f:93:9d:dc:9e:a6:42:4e:ca:4b:fc:
                    e6:32:f9:a4:54:e5:4f:e9:65:a1:e4:34:11:01:e4:
                    56:5b:15:2c:a0:75:c2:0e:f1:dc:1a:dd:05:38:b5:
                    68:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:0D:E8:52:E4:5E:16:38:08:C8:6A:2A:E9:EC:17:53:45:FC:EC:D6
            X509v3 Authority Key Identifier:
                keyid:4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/ShevZqBI_IHa6FRffjXZ2qvUAnE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/B7902A8E209711EB9533BC74C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.108.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:62:e2:1f:a3:de:af:de:4e:19:fb:0c:74:b6:f4:99:81:69:
         71:b5:72:01:5c:93:6d:99:70:8f:3a:29:86:21:c1:b2:8e:1a:
         68:dc:44:59:52:ef:9d:00:64:bd:6b:73:ed:a4:ad:b0:07:91:
         07:23:ca:8a:6e:7c:bf:92:cf:3a:bb:97:15:55:89:e0:95:c6:
         b3:d2:32:26:00:c6:d5:72:91:fe:d2:67:13:ef:a6:ba:26:87:
         54:91:24:38:2a:9e:af:c2:e9:13:02:15:5f:63:f1:65:9b:b2:
         37:5d:37:16:f9:3e:0b:04:4a:22:61:91:61:ad:de:32:16:44:
         6f:19:10:fd:e4:2e:7c:45:49:be:fd:84:ed:79:30:af:75:45:
         9d:1b:34:b5:85:23:5c:1a:06:72:9f:47:4e:15:c9:65:ee:72:
         80:b9:55:85:d9:aa:f3:4b:e3:2f:70:13:73:52:ff:a5:92:47:
         ab:fa:6b:2d:93:1a:d1:50:ea:14:1e:47:11:69:8d:09:92:01:
         a6:3e:89:ec:9c:6c:7b:2c:a2:3a:f3:9d:11:4a:ba:7b:6b:00:
         54:dc:74:f3:4b:72:f3:93:84:06:33:21:f7:26:b0:8b:9f:ad:
         f5:8a:47:1a:c0:5f:a6:81:cf:04:9f:4e:54:4f:01:82:41:a5:
         0a:45:b6:58
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZFNzMxMTAvBgNVBAUTKDRBMTdBRjY2QTA0OEZDODFEQUU4NTQ1RjdFMzVEOURB
QUJENDAyNzEwHhcNMjIwMTE4MDYzNjQ3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWU2NWZmZS1jN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxvzq7XPa6BEvIHCjeafV6M/pacLZHuK6xPcFSsxtAtSOl/tIXwYWqsuBnZVY
kh8dYTKnHlvnIL/9M8OZx60egDEJuJAMzLH7x7FJIaAAMGFlFwL/fDMVX0k8+Pbz
FXh2GwMwI7L+jcSY+cKHKSJUHHRsldsSMcQJBxQp2KQYpNcflExR2oj3XSXg31YV
ARdxetGuw8MRaDtNH1setmbreD88uV/zwbuBSbwHmyed0iSoIPOERggq8KR5r6Mr
CFbCZwWWqokstH5vCVRQlPsupAsaJ6bcn5Od3J6mQk7KS/zmMvmkVOVP6WWh5DQR
AeRWWxUsoHXCDvHcGt0FOLVoaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM0N6FLk
XhY4CMhqKunsF1NF/OzWMB8GA1UdIwQYMBaAFEoXr2agSPyB2uhUX3412dqr1AJx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkU3My9GNDFENDBGMkVB
MDkxMUU4QURBMkVEMENDNEY5QUUwMi9TaGV2WnFCSV9JSGE2RlJmZmpYWjJxdlVB
bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NoZXZacUJJX0lIYTZGUmZmalhaMnF2VUFuRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZFNzMvRjQxRDQwRjJFQTA5MTFFOEFEQTJFRDBDQzRGOUFFMDIvQjc5MDJBOEUy
MDk3MTFFQjk1MzNCQzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB8bBUwDQYJKoZIhvcNAQELBQADggEBAJ5i4h+j3q/eThn7
DHS29JmBaXG1cgFck22ZcI86KYYhwbKOGmjcRFlS750AZL1rc+2krbAHkQcjyopu
fL+Szzq7lxVVieCVxrPSMiYAxtVykf7SZxPvpromh1SRJDgqnq/C6RMCFV9j8WWb
sjddNxb5PgsESiJhkWGt3jIWRG8ZEP3kLnxFSb79hO15MK91RZ0bNLWFI1waBnKf
R04VyWXucoC5VYXZqvNL4y9wE3NS/6WSR6v6ay2TGtFQ6hQeRxFpjQmSAaY+ieyc
bHssojrznRFKuntrAFTcdPNLcvOThAYzIfcmsIufrfWKRxrAX6aBzwSfTlRPAYJB
pQpFtlg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org