Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/2BEAC718C07E11ECB0707F18C4F9AE02.roa
File:                     2BEAC718C07E11ECB0707F18C4F9AE02.roa (raw, json)
Hash identifier:          304O4SPM6T9pou+3a6BSov3YYMjTTZO1TCCsY4SIpYM=
Subject key identifier:   92:00:AD:E5:49:C1:F5:AA:D6:0E:37:74:0F:F3:1C:BE:66:AD:A4:7C
Certificate issuer:       /CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Certificate serial:       077D
Authority key identifier: 6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/2BEAC718C07E11ECB0707F18C4F9AE02.roa
Signing time:             Wed 20 Apr 2022 07:47:48 +0000
ROA not before:           Wed 20 Apr 2022 07:47:48 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     141415
IP address blocks:        223.119.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1917 (0x77d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
        Validity
            Not Before: Apr 20 07:47:48 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=625fbaa3-78de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ca:5d:06:18:b3:4e:bf:58:90:00:29:c9:31:
                    bf:2b:2d:d6:9c:f1:19:c7:9f:81:b4:7b:fc:90:9e:
                    86:ae:f0:bb:93:35:ad:3b:ff:27:30:6a:d4:52:fd:
                    12:47:3b:ed:9f:08:bf:43:11:e1:91:3c:a7:3d:94:
                    c9:30:1a:b8:f1:3d:75:94:e5:59:89:b5:69:92:64:
                    3f:a2:21:a1:50:92:61:a6:09:61:06:86:e4:31:3b:
                    d8:c1:b7:e2:38:90:2b:63:2c:fe:ee:12:9f:12:74:
                    ff:36:cf:23:00:ba:31:74:21:b2:aa:48:5b:38:08:
                    68:de:f5:24:2a:8d:e5:be:81:e5:68:5f:29:ab:f1:
                    ad:cc:db:5f:de:a0:c7:32:67:66:aa:fe:ed:bf:31:
                    0a:11:ee:bf:6d:64:21:11:d7:4e:f9:d9:38:13:52:
                    6a:2c:8e:a7:62:83:b9:0c:3f:84:65:31:ba:5c:63:
                    f5:b6:a5:47:93:3c:2a:dd:24:7e:57:d5:74:e0:11:
                    d1:c5:24:93:04:fa:51:fb:9f:e6:2a:c0:6a:fe:ff:
                    a8:52:da:ce:34:b0:f2:42:0d:ee:b6:b7:d3:c3:50:
                    a0:dc:c7:22:1b:f3:97:62:94:fd:ab:52:5d:bf:83:
                    fd:2c:ae:93:23:6a:b8:6b:b7:15:6f:92:a0:74:c9:
                    93:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:00:AD:E5:49:C1:F5:AA:D6:0E:37:74:0F:F3:1C:BE:66:AD:A4:7C
            X509v3 Authority Key Identifier:
                keyid:6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/2BEAC718C07E11ECB0707F18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.119.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:cd:6a:7a:60:72:f7:71:c4:38:fa:58:60:81:fe:dd:67:84:
         20:cf:49:a1:e9:7e:91:8f:fa:ab:61:e0:d1:04:ef:71:a8:40:
         af:71:ae:2a:2d:b4:b4:f3:5b:fa:8d:5b:c9:53:2b:f8:5a:0a:
         55:eb:c6:44:89:c3:26:e1:d0:ea:d5:c5:89:a4:86:d6:ad:60:
         e3:41:64:f5:12:be:fc:46:99:3f:a6:e3:bc:25:ac:b0:eb:d1:
         a6:5d:05:c1:4b:a0:35:3e:47:a0:7f:82:94:2d:40:2c:df:9c:
         4a:fe:09:bb:09:07:61:f9:d6:63:1e:fe:17:48:21:f5:77:33:
         26:e6:b2:fa:03:a6:ea:d4:65:5c:94:62:7f:ec:0c:bc:7f:a2:
         f6:79:cd:14:09:3d:63:30:44:39:5f:29:98:1b:dd:11:9c:c0:
         60:69:b8:4e:92:dc:72:c0:dc:56:05:d4:4c:49:95:a9:e2:93:
         2f:f0:64:1d:d2:ba:9c:8a:d0:8a:2d:7b:e7:8f:87:c2:db:b8:
         b1:13:e5:d4:6b:59:1e:12:86:be:34:35:63:bc:c8:9f:5e:7c:
         b3:82:44:d4:f1:c8:ca:a6:51:61:92:d9:68:36:b9:50:b2:c2:
         4e:3f:a5:30:18:e7:54:6e:5e:4b:99:4e:fa:c4:21:25:ba:e4:
         6b:3a:c1:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDQUYxMTAvBgNVBAUTKDZFQkQzQTI2OTc4NTEyM0FEQzNGNDk2NjM5QUVERkIx
MEYzMEQ2MTgwHhcNMjIwNDIwMDc0NzQ4WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVmYmFhMy03OGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA08pdBhizTr9YkAApyTG/Ky3WnPEZx5+BtHv8kJ6GrvC7kzWtO/8nMGrUUv0S
Rzvtnwi/QxHhkTynPZTJMBq48T11lOVZibVpkmQ/oiGhUJJhpglhBobkMTvYwbfi
OJArYyz+7hKfEnT/Ns8jALoxdCGyqkhbOAho3vUkKo3lvoHlaF8pq/GtzNtf3qDH
Mmdmqv7tvzEKEe6/bWQhEddO+dk4E1JqLI6nYoO5DD+EZTG6XGP1tqVHkzwq3SR+
V9V04BHRxSSTBPpR+5/mKsBq/v+oUtrONLDyQg3utrfTw1Cg3MciG/OXYpT9q1Jd
v4P9LK6TI2q4a7cVb5KgdMmTawIDAQABo4IClTCCApEwHQYDVR0OBBYEFJIAreVJ
wfWq1g43dA/zHL5mraR8MB8GA1UdIwQYMBaAFG69OiaXhRI63D9JZjmu37EPMNYY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUNBRi9FRUZERkVBNDVF
QTcxMUVBQTVFODMxODRDNEY5QUUwMi9icjA2SnBlRkVqcmNQMGxtT2E3ZnNROHcx
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JyMDZKcGVGRWpyY1AwbG1PYTdmc1E4dzFoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDQUYvRUVGREZFQTQ1RUE3MTFFQUE1RTgzMTg0QzRGOUFFMDIvMkJFQUM3MThD
MDdFMTFFQ0IwNzA3RjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfdzQwDQYJKoZIhvcNAQELBQADggEBAH7NanpgcvdxxDj6
WGCB/t1nhCDPSaHpfpGP+qth4NEE73GoQK9xriottLTzW/qNW8lTK/haClXrxkSJ
wybh0OrVxYmkhtatYONBZPUSvvxGmT+m47wlrLDr0aZdBcFLoDU+R6B/gpQtQCzf
nEr+CbsJB2H51mMe/hdIIfV3MybmsvoDpurUZVyUYn/sDLx/ovZ5zRQJPWMwRDlf
KZgb3RGcwGBpuE6S3HLA3FYF1ExJlaniky/wZB3SupyK0Iote+ePh8LbuLET5dRr
WR4Shr40NWO8yJ9efLOCRNTxyMqmUWGS2Wg2uVCywk4/pTAY51RuXkuZTvrEISW6
5Gs6wQY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org