Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AEF665408C5011EAAF149513C4F9AE02.roa
File:                     AEF665408C5011EAAF149513C4F9AE02.roa (raw, json)
Hash identifier:          iXPT3z7W3wC3R3+oZFM4VrZtHJ1chsxoDKaaCCLqaZ4=
Subject key identifier:   D8:83:C1:8D:B2:3B:39:F7:F4:F1:94:A6:70:E6:D5:B8:2C:43:35:4E
Certificate issuer:       /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial:       26F6
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AEF665408C5011EAAF149513C4F9AE02.roa
Signing time:             Tue 10 Jan 2023 16:32:48 +0000
ROA not before:           Tue 10 Jan 2023 16:32:48 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     138915
IP address blocks:        49.229.95.0/24 maxlen: 24
                          2405:9800:c92d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9974 (0x26f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
        Validity
            Not Before: Jan 10 16:32:48 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=63bd9330-8077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:75:3b:1b:d5:8f:7d:eb:23:6a:fa:2b:58:2b:
                    d1:c8:19:2e:40:9d:74:0e:42:e1:c9:6a:b3:b8:0f:
                    5b:06:7c:b7:dc:f1:93:ab:7f:a2:09:ec:60:71:e1:
                    0a:54:85:b1:a6:c1:f9:c7:6c:a1:c4:d2:f5:51:c9:
                    22:a3:df:bc:a4:51:70:e9:22:d2:f8:22:48:8c:31:
                    ef:9b:e8:23:5e:cd:6c:e8:5c:d4:2d:4e:6c:df:95:
                    78:60:59:36:75:27:d3:7b:c6:5c:2c:1d:0b:a8:fd:
                    0a:71:83:f7:69:79:67:7b:e5:51:f5:45:22:0f:bb:
                    b8:cb:25:ed:1a:50:56:54:e9:c6:9f:bc:ac:d4:e6:
                    49:27:a5:75:f1:df:35:2d:71:e4:09:9f:16:3f:b8:
                    07:14:12:b4:47:c5:cd:63:61:0a:d0:ec:5d:64:42:
                    dd:36:cf:2a:5d:23:50:0c:c1:59:77:86:da:cf:3e:
                    36:9f:50:ac:b3:10:1d:f2:ed:77:dc:cb:7d:2a:3f:
                    cf:8d:a2:06:6d:a2:1b:2f:2d:7c:a5:9f:0d:70:b4:
                    4e:27:b7:35:31:91:cb:7e:32:36:64:a4:2c:14:bb:
                    7c:bb:85:8e:69:e8:ac:16:24:7b:b9:4d:ef:4a:10:
                    1c:f4:dd:68:94:02:b9:f1:68:18:43:99:56:75:fc:
                    42:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:83:C1:8D:B2:3B:39:F7:F4:F1:94:A6:70:E6:D5:B8:2C:43:35:4E
            X509v3 Authority Key Identifier:
                keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AEF665408C5011EAAF149513C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.229.95.0/24
                IPv6:
                  2405:9800:c92d::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:e2:8f:ec:79:46:e9:08:09:23:bc:3a:4d:bd:a6:59:7f:76:
         6b:60:5a:d0:40:36:f9:15:97:7c:c6:f8:42:b9:05:23:56:39:
         62:4b:0d:76:58:a2:49:0b:a0:eb:c7:ef:46:46:93:67:51:a3:
         44:11:ec:48:05:c7:47:92:70:cb:f1:6c:11:80:7d:1a:07:73:
         76:59:6b:2d:1c:64:a4:c9:c8:2f:21:38:20:79:e8:1f:b9:8b:
         1f:84:e2:41:3c:49:db:76:04:61:6c:04:4f:04:11:8e:28:d1:
         21:8f:2f:99:b9:28:7b:b3:6a:4f:c6:06:8a:bb:5e:73:82:00:
         47:5e:88:ee:52:04:6d:c4:86:d2:78:8a:8f:fe:93:44:4b:11:
         74:41:58:0f:1b:ae:f1:47:8c:9f:76:59:fd:cf:7e:3e:6a:fc:
         3e:73:15:11:d6:6f:0f:2b:e7:3e:a2:6f:20:71:9e:ac:49:0f:
         3c:24:e2:13:98:9d:04:6a:ae:34:2b:e8:e8:42:b1:8f:d3:dd:
         99:41:f3:d1:2a:7d:50:3a:86:be:e4:42:a9:fe:e0:42:da:05:
         f8:f6:98:03:16:3f:f6:33:c0:9d:f4:fd:58:54:02:4c:fa:d1:
         8f:33:b6:76:f4:ec:aa:18:b2:ac:e4:e6:89:9b:8f:36:fa:e1:
         b4:a1:6b:56
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICJvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjMwMTEwMTYzMjQ4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JkOTMzMC04MDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt3U7G9WPfesjavorWCvRyBkuQJ10DkLhyWqzuA9bBny33PGTq3+iCexgceEK
VIWxpsH5x2yhxNL1Uckio9+8pFFw6SLS+CJIjDHvm+gjXs1s6FzULU5s35V4YFk2
dSfTe8ZcLB0LqP0KcYP3aXlne+VR9UUiD7u4yyXtGlBWVOnGn7ys1OZJJ6V18d81
LXHkCZ8WP7gHFBK0R8XNY2EK0OxdZELdNs8qXSNQDMFZd4bazz42n1CssxAd8u13
3Mt9Kj/PjaIGbaIbLy18pZ8NcLROJ7c1MZHLfjI2ZKQsFLt8u4WOaeisFiR7uU3v
ShAc9N1olAK58WgYQ5lWdfxCXwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNiDwY2y
Ozn39PGUpnDm1bgsQzVOMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQUVGNjY1NDA4
QzUwMTFFQUFGMTQ5NTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAAx5V8wDwQCAAIwCQMHACQFmADJLTANBgkqhkiG9w0BAQsF
AAOCAQEAB+KP7HlG6QgJI7w6Tb2mWX92a2Ba0EA2+RWXfMb4QrkFI1Y5YksNdlii
SQug68fvRkaTZ1GjRBHsSAXHR5Jwy/FsEYB9GgdzdllrLRxkpMnILyE4IHnoH7mL
H4TiQTxJ23YEYWwETwQRjijRIY8vmbkoe7NqT8YGirtec4IAR16I7lIEbcSG0niK
j/6TREsRdEFYDxuu8UeMn3ZZ/c9+Pmr8PnMVEdZvDyvnPqJvIHGerEkPPCTiE5id
BGquNCvo6EKxj9PdmUHz0Sp9UDqGvuRCqf7gQtoF+PaYAxY/9jPAnfT9WFQCTPrR
jzO2dvTsqhiyrOTmiZuPNvrhtKFrVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org