Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/9066FF78CB8611ECB5F21C41C4F9AE02.roa
File:                     9066FF78CB8611ECB5F21C41C4F9AE02.roa (raw, json)
Hash identifier:          vGL6LQHn+m2DXlrlnDEMMsswPH/+aUH/XeOdfj2OCTc=
Subject key identifier:   6E:28:5B:BA:32:52:EC:56:CF:8D:01:5C:09:D1:4B:E9:26:DA:BC:25
Certificate issuer:       /CN=A91BBF7F/serialNumber=D5F6DD63C0381060AFFBC9D20ED30F07FBDE88EA
Certificate serial:       0BBC
Authority key identifier: D5:F6:DD:63:C0:38:10:60:AF:FB:C9:D2:0E:D3:0F:07:FB:DE:88:EA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fbdY8A4EGCv-8nSDtMPB_veiOo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/9066FF78CB8611ECB5F21C41C4F9AE02.roa
Signing time:             Tue 10 May 2022 19:06:20 +0000
ROA not before:           Tue 10 May 2022 19:06:20 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     142546
IP address blocks:        2001:df0:5f80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3004 (0xbbc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BBF7F/serialNumber=D5F6DD63C0381060AFFBC9D20ED30F07FBDE88EA
        Validity
            Not Before: May 10 19:06:20 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627ab7ac-c62f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:79:1b:fd:88:16:b4:41:14:ef:42:64:d1:ea:
                    45:19:65:64:bd:b8:73:7f:de:3d:99:3e:df:7d:a3:
                    64:de:3f:a1:67:16:36:18:d7:26:62:0b:f2:17:24:
                    d3:d3:17:e7:b8:5b:f4:32:36:8e:e4:59:ea:9c:86:
                    1e:92:0b:7e:56:b3:85:72:1c:32:f4:58:7b:2e:96:
                    61:4b:a4:47:45:ee:7f:53:b4:ca:1b:b7:35:bb:8a:
                    47:c2:cc:ab:18:10:f6:6b:65:32:c1:04:9d:2a:0b:
                    0a:5f:3e:b3:ad:94:e3:cf:54:ff:02:f8:53:b6:ad:
                    06:60:a6:25:28:c6:fa:f3:29:5e:91:d0:6f:c9:83:
                    8b:4c:f7:87:e0:a9:cc:df:c3:7d:33:a6:72:af:fd:
                    1d:4e:a5:6c:78:48:9a:d7:1c:de:c9:12:e2:f6:e1:
                    dc:36:3a:6d:75:65:36:fe:15:18:77:27:44:54:f6:
                    95:ab:e7:f2:9e:85:3d:6b:0c:12:4b:22:9d:b6:be:
                    04:7e:12:12:b7:a8:05:34:45:75:36:8b:2a:ff:a2:
                    dc:31:77:4d:5b:47:26:a2:71:5c:38:41:c8:f0:21:
                    44:c8:10:fb:cd:db:34:5b:60:46:e3:ef:95:83:bc:
                    06:98:1f:18:81:76:39:24:4f:04:63:10:6c:d5:ce:
                    8d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:28:5B:BA:32:52:EC:56:CF:8D:01:5C:09:D1:4B:E9:26:DA:BC:25
            X509v3 Authority Key Identifier:
                keyid:D5:F6:DD:63:C0:38:10:60:AF:FB:C9:D2:0E:D3:0F:07:FB:DE:88:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/1fbdY8A4EGCv-8nSDtMPB_veiOo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fbdY8A4EGCv-8nSDtMPB_veiOo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/9066FF78CB8611ECB5F21C41C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:5f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         3c:4e:75:65:a5:84:50:f2:a7:e2:87:64:f2:3b:d0:d0:d4:14:
         ac:43:8c:c4:cc:a6:45:e9:0c:73:5d:1e:cb:eb:b0:b4:6e:df:
         fd:46:83:b5:94:d5:10:eb:fa:cf:6d:b8:4b:e5:6f:b6:69:64:
         ee:96:ae:3d:23:96:d5:47:af:e2:df:bb:13:8c:61:d0:82:0e:
         f7:1a:41:d6:d4:0c:53:69:b5:8e:79:21:e0:16:83:b6:d0:97:
         98:39:6f:bc:c9:94:a7:60:81:0c:3a:e0:e5:9e:5f:52:ba:6b:
         81:6e:11:a3:84:b8:a6:42:4e:34:78:03:77:2a:22:a4:33:de:
         3d:e5:f4:dc:5e:09:67:82:0a:b0:50:9b:a8:55:36:e6:39:fe:
         f6:2d:44:dc:6e:e1:e9:80:fb:45:8c:a8:18:9e:c9:2e:a3:a9:
         6a:c3:a7:d7:4d:4e:e0:41:fe:52:3c:52:76:ea:a9:c3:df:91:
         1f:eb:02:30:20:36:5d:8e:ca:41:e1:5b:ce:4a:7e:a5:a7:ce:
         e1:75:05:c5:31:d7:ae:f8:27:ff:6c:68:d4:4b:d7:21:bc:b0:
         e2:2a:eb:dc:e0:a0:f8:5a:bc:c0:38:6f:ef:6d:4a:b8:d4:28:
         4b:6f:db:01:4c:86:5a:c2:e7:ee:a6:8c:7d:3e:8d:fc:7e:d9:
         46:93:db:06
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICC7wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJGN0YxMTAvBgNVBAUTKEQ1RjZERDYzQzAzODEwNjBBRkZCQzlEMjBFRDMwRjA3
RkJERTg4RUEwHhcNMjIwNTEwMTkwNjIwWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdhYjdhYy1jNjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs3kb/YgWtEEU70Jk0epFGWVkvbhzf949mT7ffaNk3j+hZxY2GNcmYgvyFyTT
0xfnuFv0MjaO5FnqnIYekgt+VrOFchwy9Fh7LpZhS6RHRe5/U7TKG7c1u4pHwsyr
GBD2a2UywQSdKgsKXz6zrZTjz1T/AvhTtq0GYKYlKMb68ylekdBvyYOLTPeH4KnM
38N9M6Zyr/0dTqVseEia1xzeyRLi9uHcNjptdWU2/hUYdydEVPaVq+fynoU9awwS
SyKdtr4EfhISt6gFNEV1Nosq/6LcMXdNW0cmonFcOEHI8CFEyBD7zds0W2BG4++V
g7wGmB8YgXY5JE8EYxBs1c6NAwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFG4oW7oy
UuxWz40BXAnRS+km2rwlMB8GA1UdIwQYMBaAFNX23WPAOBBgr/vJ0g7TDwf73ojq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkY3Ri80NTNFQjZGNDg3
NDUxMUU5QkY4NjQ0NUNDNEY5QUUwMi8xZmJkWThBNEVHQ3YtOG5TRHRNUEJfdmVp
T28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFmYmRZOEE0RUdDdi04blNEdE1QQl92ZWlPby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJGN0YvNDUzRUI2RjQ4NzQ1MTFFOUJGODY0NDVDQzRGOUFFMDIvOTA2NkZGNzhD
Qjg2MTFFQ0I1RjIxQzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wX4AwDQYJKoZIhvcNAQELBQADggEBADxOdWWlhFDy
p+KHZPI70NDUFKxDjMTMpkXpDHNdHsvrsLRu3/1Gg7WU1RDr+s9tuEvlb7ZpZO6W
rj0jltVHr+LfuxOMYdCCDvcaQdbUDFNptY55IeAWg7bQl5g5b7zJlKdggQw64OWe
X1K6a4FuEaOEuKZCTjR4A3cqIqQz3j3l9NxeCWeCCrBQm6hVNuY5/vYtRNxu4emA
+0WMqBieyS6jqWrDp9dNTuBB/lI8UnbqqcPfkR/rAjAgNl2OykHhW85KfqWnzuF1
BcUx1674J/9saNRL1yG8sOIq69zgoPhavMA4b+9tSrjUKEtv2wFMhlrC5+6mjH0+
jfx+2UaT2wY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org