Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/6EA65A5C324911EEBB9DF032C4F9AE02.roa
File:                     6EA65A5C324911EEBB9DF032C4F9AE02.roa (raw, json)
Hash identifier:          LqlxzHCHC68DKJ5YZ3bY8WZTZkQ5UBQzPMjqNMMEt5Q=
Subject key identifier:   EE:79:DC:B8:89:A7:93:8F:C3:0E:CD:AF:74:71:A0:C5:6C:61:03:03
Certificate issuer:       /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial:       0660
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/6EA65A5C324911EEBB9DF032C4F9AE02.roa
Signing time:             Thu 03 Aug 2023 22:02:27 +0000
ROA not before:           Thu 03 Aug 2023 22:02:27 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        202.139.244.0/22 maxlen: 24
                          202.139.248.0/22 maxlen: 24
                          202.148.136.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1632 (0x660)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
        Validity
            Not Before: Aug  3 22:02:27 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=64cc23f2-a387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:48:0b:c1:70:90:08:bc:3d:43:4a:32:71:16:
                    57:9a:94:6f:7b:43:9c:a2:32:36:3d:6e:11:97:ee:
                    bd:07:a7:a7:f2:bd:43:d2:f4:f1:d5:d7:e4:6a:f1:
                    04:32:64:91:df:ba:4d:9b:2e:72:72:3d:2c:38:02:
                    97:4f:84:12:e1:fb:4b:dc:d7:63:6c:5b:9b:5e:86:
                    1c:e6:18:f1:53:dd:61:cd:89:63:15:b9:a8:4f:87:
                    9d:be:ce:e3:95:ae:bb:3a:67:2a:fb:1f:77:b0:69:
                    fd:3e:0c:c2:83:f1:34:94:e6:6a:66:3c:a3:21:42:
                    e6:44:a1:03:d2:bc:d5:38:45:d4:91:70:84:15:e9:
                    bc:2b:7c:c6:c1:de:14:49:d1:86:41:df:30:6d:48:
                    9f:27:ee:75:26:17:11:8c:df:7a:9a:bc:ce:20:ba:
                    a7:f1:2e:dd:9e:1e:5b:9b:af:20:ce:dc:b1:31:48:
                    b4:d7:74:2e:15:57:33:4f:24:01:16:f7:8b:3f:3a:
                    ac:3c:2f:f6:41:27:33:ac:91:2d:26:03:26:93:a0:
                    4a:a2:45:11:9d:00:83:4d:b5:b0:2c:38:f7:48:df:
                    d3:38:d4:4b:13:df:0f:23:ad:63:79:60:29:1b:38:
                    dc:d1:4e:36:01:87:15:0c:7d:5c:ec:26:f5:89:8b:
                    25:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:79:DC:B8:89:A7:93:8F:C3:0E:CD:AF:74:71:A0:C5:6C:61:03:03
            X509v3 Authority Key Identifier:
                keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/6EA65A5C324911EEBB9DF032C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.139.244.0-202.139.251.255
                  202.148.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:b3:76:2a:13:d4:e5:0d:54:2d:04:2b:a7:d5:4d:e7:98:df:
         77:eb:c0:19:bd:f4:32:14:69:00:11:56:f9:60:57:e8:1b:34:
         d9:6d:19:84:20:d6:b1:07:34:c6:05:17:82:97:a1:77:d0:fa:
         94:38:fb:61:8d:6e:92:fe:e2:a4:63:f5:a5:46:45:11:9a:93:
         2a:05:12:10:17:9c:8b:c3:bb:b5:d6:7e:07:a2:78:31:36:55:
         66:26:8d:53:ae:3b:4d:77:c5:da:f9:22:95:1b:77:a8:c8:db:
         8a:79:0f:6d:69:72:81:bc:ca:3d:f5:2f:e4:78:d9:86:be:c6:
         bc:b9:4b:0f:1b:e8:c7:70:74:88:89:bd:58:a2:67:64:a9:1e:
         e2:37:0b:30:68:f4:35:69:21:6d:f2:72:ba:95:8b:48:03:9f:
         71:7c:78:54:b7:29:e4:fc:7d:a9:14:08:86:30:0a:4f:8a:05:
         e7:31:b5:ab:ba:15:9f:b8:16:e5:93:9e:9b:1c:8c:7c:e2:2d:
         e5:a1:82:7c:ce:1f:4e:51:d7:6e:7c:32:f6:79:9a:8d:e0:c6:
         85:a1:d5:db:ff:83:f7:2a:88:4f:c7:0a:65:8e:04:e2:cc:0a:
         17:d4:30:d5:30:ad:d9:cc:30:2e:6d:97:84:d3:4a:6c:98:6b:
         81:24:d5:4d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjMwODAzMjIwMjI3WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNjMjNmMi1hMzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5UgLwXCQCLw9Q0oycRZXmpRve0OcojI2PW4Rl+69B6en8r1D0vTx1dfkavEE
MmSR37pNmy5ycj0sOAKXT4QS4ftL3NdjbFubXoYc5hjxU91hzYljFbmoT4edvs7j
la67Omcq+x93sGn9PgzCg/E0lOZqZjyjIULmRKED0rzVOEXUkXCEFem8K3zGwd4U
SdGGQd8wbUifJ+51JhcRjN96mrzOILqn8S7dnh5bm68gztyxMUi013QuFVczTyQB
FveLPzqsPC/2QSczrJEtJgMmk6BKokURnQCDTbWwLDj3SN/TONRLE98PI61jeWAp
Gzjc0U42AYcVDH1c7Cb1iYslKQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFO553LiJ
p5OPww7Nr3RxoMVsYQMDMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvNkVBNjVBNUMz
MjQ5MTFFRUJCOURGMDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAsqL9AMEAsqL+AMEAsqUiDANBgkqhkiG9w0BAQsFAAOC
AQEAcbN2KhPU5Q1ULQQrp9VN55jfd+vAGb30MhRpABFW+WBX6Bs02W0ZhCDWsQc0
xgUXgpehd9D6lDj7YY1ukv7ipGP1pUZFEZqTKgUSEBeci8O7tdZ+B6J4MTZVZiaN
U647TXfF2vkilRt3qMjbinkPbWlygbzKPfUv5HjZhr7GvLlLDxvox3B0iIm9WKJn
ZKke4jcLMGj0NWkhbfJyupWLSAOfcXx4VLcp5Px9qRQIhjAKT4oF5zG1q7oVn7gW
5ZOemxyMfOIt5aGCfM4fTlHXbnwy9nmajeDGhaHV2/+D9yqIT8cKZY4E4swKF9Qw
1TCt2cwwLm2XhNNKbJhrgSTVTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org