Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF46FBD8C85611ED9065AD29C4F9AE02.roa
File:                     EF46FBD8C85611ED9065AD29C4F9AE02.roa (raw, json)
Hash identifier:          DonLfHYX5siPFGEuoye3rQwlNr79i2XQq8T6aq6EiGo=
Subject key identifier:   7E:01:5A:BB:ED:EE:93:39:C7:A7:04:C6:7C:C1:FC:F7:41:5D:AE:8C
Certificate issuer:       /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial:       0442
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF46FBD8C85611ED9065AD29C4F9AE02.roa
Signing time:             Wed 22 Mar 2023 02:12:03 +0000
ROA not before:           Wed 22 Mar 2023 02:12:03 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     141466
IP address blocks:        150.129.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1090 (0x442)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
        Validity
            Not Before: Mar 22 02:12:03 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=641a63f2-d416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:11:14:16:52:49:1f:e8:26:3f:5c:b3:6e:bc:
                    07:ec:0b:03:19:49:b9:9a:eb:d4:03:6c:ee:77:58:
                    be:08:0d:66:e0:cb:e2:ca:8a:27:14:54:61:15:49:
                    77:6b:91:81:ac:68:ab:e2:55:fc:c9:2b:f8:ad:1c:
                    cc:34:ee:85:e8:ea:ca:55:11:f4:3a:d5:62:f9:f5:
                    c6:52:ae:75:2e:af:43:d4:ca:fc:77:35:4f:a1:dd:
                    a4:c0:b6:e5:d6:79:16:10:d0:dc:83:04:22:42:e4:
                    76:89:43:8f:06:b1:a1:15:e6:81:cb:c0:92:1a:2e:
                    ec:48:cf:54:cc:c9:d9:b5:22:b6:c8:1b:b8:9b:a9:
                    2f:8f:31:ad:a0:fd:45:27:c2:12:91:b2:36:ee:43:
                    64:a7:1a:f6:ae:d7:79:3c:83:fc:88:47:2f:df:c5:
                    3c:40:ec:40:61:df:90:b4:ea:f1:97:4c:f0:6a:23:
                    57:5e:b6:8c:54:aa:ea:a1:cc:9d:37:2c:86:ce:c7:
                    55:6b:5e:89:34:5b:50:f6:ae:eb:7e:0b:2b:07:91:
                    35:d9:37:69:98:9a:05:77:6c:75:d0:77:f2:39:45:
                    9b:89:40:cd:4f:6e:57:1f:b5:99:8d:16:5d:01:74:
                    e6:be:2b:dc:21:ce:70:ac:b7:21:fd:ec:2e:a0:af:
                    fe:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:01:5A:BB:ED:EE:93:39:C7:A7:04:C6:7C:C1:FC:F7:41:5D:AE:8C
            X509v3 Authority Key Identifier:
                keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF46FBD8C85611ED9065AD29C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.129.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:e8:80:88:b3:b7:92:af:36:3f:8c:d7:0f:6e:53:50:2c:ba:
         5b:a8:21:b5:38:f7:2e:64:0c:dd:d7:c5:dd:ef:9c:19:4b:00:
         96:56:f9:17:ff:45:1f:2a:fe:d1:87:a0:b1:a6:53:41:a0:b2:
         f3:35:4c:18:80:fd:09:09:d7:4b:51:e5:94:38:91:64:37:53:
         4a:77:6c:5c:2b:31:ab:08:77:bf:cc:ac:e0:03:f5:3e:ab:35:
         9c:40:73:73:3a:e9:72:e8:c8:47:ab:e0:ca:fd:4c:ed:a0:c0:
         7d:09:92:47:fd:1a:50:bf:bc:ad:70:59:4d:dd:58:84:a0:57:
         e0:73:45:f3:64:55:23:7a:5c:38:ab:6f:44:ef:24:1a:ed:f3:
         6a:c7:94:89:2c:f8:eb:a2:f4:a8:8f:50:21:c0:c3:37:16:d9:
         75:9a:49:3b:33:7d:e8:31:88:8c:b0:a1:20:e6:70:9d:4e:28:
         8e:88:c4:4c:1c:8b:f3:f7:ea:23:7f:91:96:38:6f:65:14:69:
         81:80:58:1d:18:55:26:61:db:1b:e6:05:29:d4:f7:9e:ea:79:
         68:7f:a2:8e:6b:85:38:c7:fd:a8:06:6a:c2:6d:61:63:a7:58:
         34:95:2b:06:98:40:f2:63:3d:40:1f:04:fa:29:f8:d2:a4:5b:
         43:cb:4d:85
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMwMzIyMDIxMjAzWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFhNjNmMi1kNDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2xEUFlJJH+gmP1yzbrwH7AsDGUm5muvUA2zud1i+CA1m4MviyoonFFRhFUl3
a5GBrGir4lX8ySv4rRzMNO6F6OrKVRH0OtVi+fXGUq51Lq9D1Mr8dzVPod2kwLbl
1nkWENDcgwQiQuR2iUOPBrGhFeaBy8CSGi7sSM9UzMnZtSK2yBu4m6kvjzGtoP1F
J8ISkbI27kNkpxr2rtd5PIP8iEcv38U8QOxAYd+QtOrxl0zwaiNXXraMVKrqocyd
NyyGzsdVa16JNFtQ9q7rfgsrB5E12TdpmJoFd2x10HfyOUWbiUDNT25XH7WZjRZd
AXTmvivcIc5wrLch/ewuoK/+AwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH4BWrvt
7pM5x6cExnzB/PdBXa6MMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRUY0NkZCRDhD
ODU2MTFFRDkwNjVBRDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACWgSkwDQYJKoZIhvcNAQELBQADggEBAAnogIizt5KvNj+M
1w9uU1AsuluoIbU49y5kDN3Xxd3vnBlLAJZW+Rf/RR8q/tGHoLGmU0GgsvM1TBiA
/QkJ10tR5ZQ4kWQ3U0p3bFwrMasId7/MrOAD9T6rNZxAc3M66XLoyEer4Mr9TO2g
wH0Jkkf9GlC/vK1wWU3dWISgV+BzRfNkVSN6XDirb0TvJBrt82rHlIks+Oui9KiP
UCHAwzcW2XWaSTszfegxiIywoSDmcJ1OKI6IxEwci/P36iN/kZY4b2UUaYGAWB0Y
VSZh2xvmBSnU957qeWh/oo5rhTjH/agGasJtYWOnWDSVKwaYQPJjPUAfBPop+NKk
W0PLTYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org