Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/154A4396B74311EDB0C38030C4F9AE02.roa
File:                     154A4396B74311EDB0C38030C4F9AE02.roa (raw, json)
Hash identifier:          5gTr6Ckjmvrcs98SMXfKNp3Iym/GR2IOxfXxydmVJtg=
Subject key identifier:   9A:B4:19:6D:A0:F0:F9:F5:7D:67:82:79:B5:27:16:35:28:12:71:39
Certificate issuer:       /CN=A91CE28E/serialNumber=2F6138FE2DB94EF7E33EC083C6825B2A3197ACE6
Certificate serial:       04
Authority key identifier: 2F:61:38:FE:2D:B9:4E:F7:E3:3E:C0:83:C6:82:5B:2A:31:97:AC:E6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2E4_i25TvfjPsCDxoJbKjGXrOY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/154A4396B74311EDB0C38030C4F9AE02.roa
Signing time:             Tue 28 Feb 2023 08:37:07 +0000
ROA not before:           Tue 28 Feb 2023 08:37:07 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        202.37.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE28E/serialNumber=2F6138FE2DB94EF7E33EC083C6825B2A3197ACE6
        Validity
            Not Before: Feb 28 08:37:07 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=63fdbd32-cddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f5:b5:ea:a1:6e:7a:a7:c7:82:7f:e0:4e:44:
                    5a:19:32:4b:53:ff:c6:f0:37:c8:4c:99:af:af:e9:
                    45:48:42:11:d6:ba:4e:f5:36:a9:56:9c:83:89:d5:
                    6e:5b:37:db:a6:e2:15:5d:f6:08:72:16:c6:06:3d:
                    aa:89:ed:53:a7:cb:72:1a:1a:a2:99:1d:7c:cc:1d:
                    4b:7c:37:eb:1c:46:69:9a:9d:34:89:73:26:18:95:
                    2c:aa:3f:7b:97:9c:d7:0c:bd:99:8d:ec:c5:1e:fc:
                    36:27:38:49:c0:bb:48:20:f2:e7:0a:0f:4d:64:69:
                    6f:9d:d7:dc:09:cd:e7:2b:82:bf:c5:47:78:25:61:
                    9b:7d:6a:96:45:7e:56:74:e5:c7:ca:df:50:ff:85:
                    99:e5:b4:d2:4b:1b:c9:ae:e5:ff:64:93:e8:70:af:
                    d7:7e:66:34:26:f0:f0:02:ab:ec:06:af:27:12:43:
                    53:82:9d:69:b2:cb:6f:f3:04:6e:3b:f2:ad:04:15:
                    25:96:30:9e:c5:da:2e:83:a7:77:e1:ae:97:b2:c6:
                    56:e4:47:72:82:d5:14:27:e1:52:15:f0:38:82:e1:
                    3f:fe:88:c7:ef:d6:0e:1c:2d:85:38:f7:49:b7:52:
                    0a:60:13:b8:34:9f:b5:b5:28:55:1e:f7:08:66:8c:
                    99:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:B4:19:6D:A0:F0:F9:F5:7D:67:82:79:B5:27:16:35:28:12:71:39
            X509v3 Authority Key Identifier:
                keyid:2F:61:38:FE:2D:B9:4E:F7:E3:3E:C0:83:C6:82:5B:2A:31:97:AC:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/L2E4_i25TvfjPsCDxoJbKjGXrOY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2E4_i25TvfjPsCDxoJbKjGXrOY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/154A4396B74311EDB0C38030C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.37.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:0b:1a:a2:33:54:e0:d5:26:dd:06:a9:72:47:86:53:3e:60:
         1f:54:2c:30:27:64:d9:50:a4:84:31:2f:df:f1:ce:e2:20:a1:
         6d:1a:f5:34:7c:72:5e:93:d9:85:3d:90:bf:4b:64:5c:e6:21:
         c9:ab:21:89:d1:e8:cf:e1:74:75:a5:11:0c:51:a6:2f:21:62:
         5a:cc:f9:ca:0f:f5:d2:2d:21:d3:2f:31:1b:3f:a6:44:3a:28:
         14:d3:8e:7c:d3:a7:70:7c:2c:e5:e7:95:13:4f:5b:af:f2:a1:
         c2:a2:a8:5f:e3:7f:ef:f7:c9:4c:c1:c6:89:c1:97:e4:eb:58:
         e3:a9:cc:69:68:ce:ee:b4:d9:45:65:8b:9a:ba:0d:19:f3:b4:
         2f:de:98:ed:6e:60:7d:c5:ef:92:15:e6:39:09:01:74:e5:4b:
         ad:0d:97:6b:11:57:12:41:9b:23:0d:63:41:34:40:bb:82:f8:
         8d:60:a7:ae:bd:3c:7e:1e:8c:89:a7:bb:31:9e:05:5b:db:8b:
         f1:f5:c6:16:df:6c:f0:b6:07:41:12:ba:5d:44:b8:0c:e4:fb:
         31:a9:25:e1:ef:b9:f6:09:29:56:92:14:35:3f:11:3e:17:09:
         05:bd:9a:90:76:bb:f9:94:be:df:fe:39:75:f7:76:59:13:ba:
         5a:7f:9d:8d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RTI4RTExMC8GA1UEBRMoMkY2MTM4RkUyREI5NEVGN0UzM0VDMDgzQzY4MjVCMkEz
MTk3QUNFNjAeFw0yMzAyMjgwODM3MDdaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZmRiZDMyLWNkZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDX9bXqoW56p8eCf+BORFoZMktT/8bwN8hMma+v6UVIQhHWuk71NqlWnIOJ1W5b
N9um4hVd9ghyFsYGPaqJ7VOny3IaGqKZHXzMHUt8N+scRmmanTSJcyYYlSyqP3uX
nNcMvZmN7MUe/DYnOEnAu0gg8ucKD01kaW+d19wJzecrgr/FR3glYZt9apZFflZ0
5cfK31D/hZnltNJLG8mu5f9kk+hwr9d+ZjQm8PACq+wGrycSQ1OCnWmyy2/zBG47
8q0EFSWWMJ7F2i6Dp3fhrpeyxlbkR3KC1RQn4VIV8DiC4T/+iMfv1g4cLYU490m3
UgpgE7g0n7W1KFUe9whmjJlrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmrQZbaDw
+fV9Z4J5tScWNSgScTkwHwYDVR0jBBgwFoAUL2E4/i25TvfjPsCDxoJbKjGXrOYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFMjhFL0RERUE3Mjc0Qjcz
QjExRUQ5MTYzOTQ4M0M0RjlBRTAyL0wyRTRfaTI1VHZmalBzQ0R4b0piS2pHWHJP
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTDJFNF9pMjVUdmZqUHNDRHhvSmJLakdYck9ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTI4RS9EREVBNzI3NEI3M0IxMUVEOTE2Mzk0ODNDNEY5QUUwMi8xNTRBNDM5NkI3
NDMxMUVEQjBDMzgwMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMolSDANBgkqhkiG9w0BAQsFAAOCAQEAegsaojNU4NUm3Qap
ckeGUz5gH1QsMCdk2VCkhDEv3/HO4iChbRr1NHxyXpPZhT2Qv0tkXOYhyashidHo
z+F0daURDFGmLyFiWsz5yg/10i0h0y8xGz+mRDooFNOOfNOncHws5eeVE09br/Kh
wqKoX+N/7/fJTMHGicGX5OtY46nMaWjO7rTZRWWLmroNGfO0L96Y7W5gfcXvkhXm
OQkBdOVLrQ2XaxFXEkGbIw1jQTRAu4L4jWCnrr08fh6Miae7MZ4FW9uL8fXGFt9s
8LYHQRK6XUS4DOT7Makl4e+59gkpVpIUNT8RPhcJBb2akHa7+ZS+3/45dfd2WRO6
Wn+djQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org