Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/41EA9CCC8E8111EAB2038B6BC4F9AE02.roa
File:                     41EA9CCC8E8111EAB2038B6BC4F9AE02.roa (raw, json)
Hash identifier:          XT70IxFuPrTLBc1mhfHMvPwlzJGtjawL3ruESi1U+V4=
Subject key identifier:   B9:55:79:73:10:AD:84:93:84:E4:C0:85:08:44:B4:5E:75:B7:20:5D
Certificate issuer:       /CN=A911681C/serialNumber=8D5BE6F50585DAFE7B4806BA09E225B0CC6F290B
Certificate serial:       07A7
Authority key identifier: 8D:5B:E6:F5:05:85:DA:FE:7B:48:06:BA:09:E2:25:B0:CC:6F:29:0B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jVvm9QWF2v57SAa6CeIlsMxvKQs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/41EA9CCC8E8111EAB2038B6BC4F9AE02.roa
Signing time:             Mon 31 Oct 2022 22:28:17 +0000
ROA not before:           Mon 31 Oct 2022 22:28:17 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     45355
IP address blocks:        203.190.216.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1959 (0x7a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911681C/serialNumber=8D5BE6F50585DAFE7B4806BA09E225B0CC6F290B
        Validity
            Not Before: Oct 31 22:28:17 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63604c00-99e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a3:3b:60:df:d0:da:ff:b0:7d:6d:27:e3:63:
                    31:eb:33:7b:37:0e:25:e4:14:42:d2:6d:19:f3:78:
                    32:ac:41:69:d1:e7:97:f7:9a:4c:99:9c:09:23:fc:
                    23:23:ed:c1:73:9c:93:6a:c6:37:a8:2b:64:29:be:
                    d9:40:70:27:81:a8:49:58:d3:a5:7e:b2:fe:56:46:
                    fd:8f:b7:98:79:71:3d:33:ca:89:b3:9e:cb:b1:8d:
                    43:d0:ff:0e:a9:08:0e:8c:41:c9:5e:41:69:58:62:
                    d1:4a:9f:9f:81:7e:5a:02:0d:34:67:ee:69:60:85:
                    17:91:a7:52:32:f1:5d:99:a6:ae:8c:8d:22:d4:e1:
                    ae:be:58:ee:e6:1f:be:1a:89:86:46:6d:2e:80:7e:
                    47:24:66:85:86:fe:1d:dd:b2:36:8e:74:45:78:f2:
                    2f:e4:29:28:32:1f:36:f1:6a:d1:fa:84:0e:ac:ec:
                    4b:81:df:63:fc:a3:1c:7d:e6:e0:94:d4:4a:16:99:
                    58:90:43:c3:d2:1c:96:33:6e:16:d9:e5:cc:27:7c:
                    6a:88:09:90:37:80:f2:e6:48:8d:37:0c:d6:75:b9:
                    79:9a:96:ef:23:41:95:4b:47:b4:6c:cc:fc:a5:d9:
                    36:73:c3:83:60:23:0d:c6:c7:2d:08:c9:a7:e0:dd:
                    61:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:55:79:73:10:AD:84:93:84:E4:C0:85:08:44:B4:5E:75:B7:20:5D
            X509v3 Authority Key Identifier:
                keyid:8D:5B:E6:F5:05:85:DA:FE:7B:48:06:BA:09:E2:25:B0:CC:6F:29:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/jVvm9QWF2v57SAa6CeIlsMxvKQs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jVvm9QWF2v57SAa6CeIlsMxvKQs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911681C/BC78E36A8E7F11EA9471D168C4F9AE02/41EA9CCC8E8111EAB2038B6BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.190.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:04:49:11:98:20:9b:28:fe:b7:39:65:a4:b4:75:cd:5c:0f:
         bc:c3:98:fe:74:75:a9:0d:01:7a:a6:17:ed:9a:5a:ad:b5:15:
         6f:f5:99:a7:93:44:bb:70:67:c3:32:fa:3e:f6:57:73:eb:ee:
         3c:53:ae:4e:63:01:f0:c6:0a:41:21:48:e5:c0:d0:f1:60:e0:
         58:92:4f:1e:71:b8:1f:33:9d:0e:24:ef:e1:68:5c:84:f1:ab:
         38:09:65:b9:a7:c1:2e:47:dc:31:41:0d:75:7c:b5:10:27:69:
         2e:e8:71:da:4a:ea:68:34:83:68:f1:df:52:95:bb:a4:7e:e9:
         f4:5c:3d:24:c0:5f:84:28:db:5f:c2:20:7b:97:ef:a8:6a:4b:
         c6:83:cd:fe:12:da:99:d7:6c:97:42:c9:0b:e2:bc:18:0c:eb:
         47:1e:ed:ea:71:f0:57:b7:59:c2:1b:a6:d5:dd:1c:91:54:4c:
         f5:58:65:b4:f7:bb:fb:b3:dd:eb:e2:16:1a:09:16:ab:03:7a:
         63:83:28:78:b7:6a:1b:dd:1c:44:80:d7:70:87:2f:ec:1a:9d:
         2b:b5:94:c5:d4:4c:dc:2a:10:7b:e0:35:de:bc:9f:70:9d:02:
         00:79:04:0d:aa:db:43:21:24:ea:b6:25:4d:6c:e6:58:b1:92:
         89:f0:f6:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB6cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY4MUMxMTAvBgNVBAUTKDhENUJFNkY1MDU4NURBRkU3QjQ4MDZCQTA5RTIyNUIw
Q0M2RjI5MEIwHhcNMjIxMDMxMjIyODE3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYwNGMwMC05OWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1aM7YN/Q2v+wfW0n42Mx6zN7Nw4l5BRC0m0Z83gyrEFp0eeX95pMmZwJI/wj
I+3Bc5yTasY3qCtkKb7ZQHAngahJWNOlfrL+Vkb9j7eYeXE9M8qJs57LsY1D0P8O
qQgOjEHJXkFpWGLRSp+fgX5aAg00Z+5pYIUXkadSMvFdmaaujI0i1OGuvlju5h++
GomGRm0ugH5HJGaFhv4d3bI2jnRFePIv5CkoMh828WrR+oQOrOxLgd9j/KMcfebg
lNRKFplYkEPD0hyWM24W2eXMJ3xqiAmQN4Dy5kiNNwzWdbl5mpbvI0GVS0e0bMz8
pdk2c8ODYCMNxsctCMmn4N1hYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLlVeXMQ
rYSThOTAhQhEtF51tyBdMB8GA1UdIwQYMBaAFI1b5vUFhdr+e0gGugniJbDMbykL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjgxQy9CQzc4RTM2QThF
N0YxMUVBOTQ3MUQxNjhDNEY5QUUwMi9qVnZtOVFXRjJ2NTdTQWE2Q2VJbHNNeHZL
UXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pWdm05UVdGMnY1N1NBYTZDZUlsc014dktRcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY4MUMvQkM3OEUzNkE4RTdGMTFFQTk0NzFEMTY4QzRGOUFFMDIvNDFFQTlDQ0M4
RTgxMTFFQUIyMDM4QjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLvtgwDQYJKoZIhvcNAQELBQADggEBABEESRGYIJso/rc5
ZaS0dc1cD7zDmP50dakNAXqmF+2aWq21FW/1maeTRLtwZ8My+j72V3Pr7jxTrk5j
AfDGCkEhSOXA0PFg4FiSTx5xuB8znQ4k7+FoXITxqzgJZbmnwS5H3DFBDXV8tRAn
aS7ocdpK6mg0g2jx31KVu6R+6fRcPSTAX4Qo21/CIHuX76hqS8aDzf4S2pnXbJdC
yQvivBgM60ce7epx8Fe3WcIbptXdHJFUTPVYZbT3u/uz3eviFhoJFqsDemODKHi3
ahvdHESA13CHL+wanSu1lMXUTNwqEHvgNd68n3CdAgB5BA2q20MhJOq2JU1s5lix
konw9qw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org