Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/6A7E1AD0686C11ECA519F460C4F9AE02.roa
File:                     6A7E1AD0686C11ECA519F460C4F9AE02.roa (raw, json)
Hash identifier:          jQ5vZIpM4TLysl3PitBlqAr5LcBB2zebN8N/V6gI1Pk=
Subject key identifier:   81:95:9E:AD:A4:8B:BF:8D:A3:79:DC:CE:46:DB:40:AB:E2:54:EA:28
Certificate issuer:       /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918
Certificate serial:       06E0
Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/6A7E1AD0686C11ECA519F460C4F9AE02.roa
Signing time:             Wed 02 Nov 2022 05:27:56 +0000
ROA not before:           Wed 02 Nov 2022 05:27:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     38138
IP address blocks:        114.129.8.0/22 maxlen: 22
                          114.129.8.0/24 maxlen: 24
                          114.129.9.0/24 maxlen: 24
                          114.129.10.0/24 maxlen: 24
                          114.129.11.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1760 (0x6e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918
        Validity
            Not Before: Nov  2 05:27:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6361ffdc-c48e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:01:d8:59:8d:18:d8:bf:f3:6b:9e:98:b6:a2:
                    6d:a4:87:b6:74:cc:7e:c3:b7:65:d9:09:62:4f:d9:
                    4e:c7:a9:c6:9b:ec:08:d6:b6:f2:40:90:03:b6:f7:
                    54:48:2a:9b:e3:63:98:4a:e5:70:b0:e4:97:ea:0a:
                    c7:9f:51:3a:bb:03:d1:d6:c6:2b:ae:4a:b3:db:76:
                    51:2a:9c:2a:31:2a:37:07:75:e0:93:15:c8:39:80:
                    1d:49:bc:4e:08:74:af:9d:ab:46:b8:86:56:0e:69:
                    79:c8:f8:ad:97:25:65:52:a4:00:a4:c6:fb:32:17:
                    e7:59:25:ab:3b:96:f9:41:f8:10:89:7d:48:a0:6d:
                    0e:91:4c:48:85:20:fe:80:b2:50:49:8a:ac:b7:ca:
                    da:a1:fa:42:7b:f0:e2:44:32:c9:a2:87:7f:73:24:
                    71:aa:03:8f:02:82:5c:1d:5f:e9:3f:5a:1d:c1:4b:
                    36:1a:fe:58:56:c0:7c:6c:c5:50:ad:c2:4b:31:38:
                    e1:bb:43:2f:a9:22:73:9c:76:e1:e7:2b:9d:d6:c7:
                    3e:05:74:f9:ee:f2:95:72:f9:04:52:56:42:59:e7:
                    30:45:9d:f6:ab:7c:a2:70:4e:1c:e1:3d:ac:94:22:
                    44:d0:78:2c:14:7d:ed:42:95:61:08:c5:c2:23:b7:
                    3e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:95:9E:AD:A4:8B:BF:8D:A3:79:DC:CE:46:DB:40:AB:E2:54:EA:28
            X509v3 Authority Key Identifier:
                keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/6A7E1AD0686C11ECA519F460C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.129.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:47:20:3c:a1:77:08:ea:50:7d:0e:1d:21:cc:ad:3d:bb:bd:
         41:88:8e:93:42:4d:e6:a0:9d:21:85:b1:5f:ee:48:4e:0b:74:
         9d:6e:8b:67:50:57:a4:9d:51:40:cd:67:57:a2:d1:76:61:5e:
         b4:23:05:50:12:a0:6d:63:69:32:69:8b:66:f2:6a:ad:21:c0:
         9f:0b:ca:af:b1:f7:54:d8:e9:aa:f0:28:a5:6a:c8:5d:62:9c:
         bd:96:9f:a7:f1:db:0d:52:13:f2:a4:71:82:bd:81:e1:56:5e:
         0d:0b:5c:b0:dc:c7:b9:28:9d:06:f6:73:e4:d0:f7:3b:e3:32:
         87:74:eb:a9:f1:94:03:e1:34:25:33:19:cb:0e:a0:19:84:ea:
         2e:48:b8:78:3e:67:dd:95:d5:02:38:6b:08:61:f4:35:4e:7f:
         e5:38:3e:db:f7:8c:1d:a2:60:e5:7b:a0:ee:0b:f2:b8:ac:2e:
         3c:ba:35:9d:ce:44:d6:f4:39:50:4e:e1:9c:46:99:79:9f:03:
         22:00:51:6f:73:0e:8f:c0:48:fa:7f:6a:3d:c1:43:e7:43:97:
         af:8f:a7:13:4e:60:67:76:ca:a4:de:8e:8c:93:d7:da:5d:f5:
         dc:3a:31:dc:cc:04:5c:6e:b0:dc:a1:a5:d8:6e:9d:2a:bb:97:
         95:ba:0b:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC
RTE2OTA5MTgwHhcNMjIxMTAyMDUyNzU2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYxZmZkYy1jNDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugHYWY0Y2L/za56YtqJtpIe2dMx+w7dl2QliT9lOx6nGm+wI1rbyQJADtvdU
SCqb42OYSuVwsOSX6grHn1E6uwPR1sYrrkqz23ZRKpwqMSo3B3XgkxXIOYAdSbxO
CHSvnatGuIZWDml5yPitlyVlUqQApMb7MhfnWSWrO5b5QfgQiX1IoG0OkUxIhSD+
gLJQSYqst8raofpCe/DiRDLJood/cyRxqgOPAoJcHV/pP1odwUs2Gv5YVsB8bMVQ
rcJLMTjhu0MvqSJznHbh5yud1sc+BXT57vKVcvkEUlZCWecwRZ32q3yicE4c4T2s
lCJE0HgsFH3tQpVhCMXCI7c+TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIGVnq2k
i7+No3nczkbbQKviVOooMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5
NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvNkE3RTFBRDA2
ODZDMTFFQ0E1MTlGNDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJygQgwDQYJKoZIhvcNAQELBQADggEBAKFHIDyhdwjqUH0O
HSHMrT27vUGIjpNCTeagnSGFsV/uSE4LdJ1ui2dQV6SdUUDNZ1ei0XZhXrQjBVAS
oG1jaTJpi2byaq0hwJ8Lyq+x91TY6arwKKVqyF1inL2Wn6fx2w1SE/KkcYK9geFW
Xg0LXLDcx7konQb2c+TQ9zvjMod066nxlAPhNCUzGcsOoBmE6i5IuHg+Z92V1QI4
awhh9DVOf+U4Ptv3jB2iYOV7oO4L8risLjy6NZ3ORNb0OVBO4ZxGmXmfAyIAUW9z
Do/ASPp/aj3BQ+dDl6+PpxNOYGd2yqTejoyT19pd9dw6MdzMBFxusNyhpdhunSq7
l5W6C5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org