Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D1C0D7EA7DDE11E8BF51D27DC4F9AE02.roa
File:                     D1C0D7EA7DDE11E8BF51D27DC4F9AE02.roa (raw, json)
Hash identifier:          +jmKnmCdaKyRotuVsBvTlGp9ngM9DuHAnDm7bfdzc84=
Subject key identifier:   06:61:44:14:68:48:78:31:E7:2F:A4:13:98:0C:D1:A4:FE:E1:FE:2D
Certificate issuer:       /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial:       2413
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D1C0D7EA7DDE11E8BF51D27DC4F9AE02.roa
Signing time:             Fri 31 Dec 2021 04:32:57 +0000
ROA not before:           Fri 31 Dec 2021 04:32:57 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     7630
IP address blocks:        49.229.54.0/24 maxlen: 24
                          49.231.212.0/24 maxlen: 24
                          49.231.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9235 (0x2413)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
        Validity
            Not Before: Dec 31 04:32:57 2021 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=61ce87f8-59ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4f:bb:96:27:5c:c5:8c:b2:13:1b:52:1c:27:
                    d0:b3:f7:2e:35:f5:88:7e:fd:17:a5:e7:76:d9:d3:
                    f5:8c:cc:5b:7a:62:55:43:d6:15:d0:f5:58:18:ca:
                    96:8a:94:3f:07:ce:54:f1:06:7b:c3:bf:b8:f3:f5:
                    a6:ca:ca:fb:99:3c:5b:95:d5:09:d6:20:b3:37:e9:
                    4c:c1:d8:ba:6f:0d:40:33:75:c9:81:1a:c9:d5:eb:
                    a8:a4:cf:d0:31:78:97:84:05:20:fe:37:5f:b5:8a:
                    57:18:57:75:cf:d3:2b:dd:79:ee:d7:10:38:b3:e8:
                    40:b8:13:78:f1:8c:19:53:e5:c7:ff:b3:0b:f1:5c:
                    12:48:f9:6d:45:ad:62:96:c5:97:4a:a0:f5:f9:fc:
                    32:8a:88:7a:95:85:72:09:4c:e3:9f:d8:74:c3:99:
                    db:8c:e3:cb:34:d9:a1:98:e3:86:44:e9:4e:82:b0:
                    4c:6c:57:be:27:e1:df:e8:ef:0d:37:ab:bc:a4:59:
                    80:ce:f1:ef:62:f7:f2:30:1c:e5:6b:6e:d7:dc:32:
                    0c:0b:db:f7:18:be:02:47:c3:da:51:da:3a:bb:ad:
                    fe:7f:3d:fe:b7:74:7f:c6:25:ad:97:ef:d9:79:fe:
                    57:58:91:28:7a:19:e3:7a:f3:2a:a8:d4:9d:8a:19:
                    40:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:61:44:14:68:48:78:31:E7:2F:A4:13:98:0C:D1:A4:FE:E1:FE:2D
            X509v3 Authority Key Identifier:
                keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D1C0D7EA7DDE11E8BF51D27DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.229.54.0/24
                  49.231.212.0/24
                  49.231.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:6f:99:aa:5f:26:36:fe:0b:a7:d6:3e:b5:b1:9f:37:9f:16:
         0e:87:2d:03:6a:bd:c1:7b:80:53:0b:74:b4:ec:d1:6d:5b:1b:
         08:a0:de:f3:bb:5f:a3:c1:c9:ed:9f:ba:21:1c:d5:4e:a3:df:
         3c:56:35:32:45:37:ff:03:01:3a:b7:ae:c9:ce:66:79:32:dd:
         63:3a:64:c6:f5:12:06:da:f1:fe:2f:90:60:aa:bb:7a:e0:a3:
         74:7b:85:cb:04:b6:10:69:68:91:03:0b:41:f0:45:25:00:5e:
         13:e2:c9:16:04:ff:33:4f:6d:7b:24:49:96:6b:5a:86:6a:84:
         8c:c4:ef:19:34:2f:f7:ad:da:36:0d:1e:8c:a2:50:e1:e1:c0:
         10:5f:35:d9:3e:46:c5:c6:ea:45:4c:49:89:2c:cd:c1:b9:a2:
         3f:3d:50:2b:02:6b:7b:be:dd:3f:65:2b:30:dc:2f:a4:7b:44:
         35:50:6f:72:31:9e:cb:78:92:1f:24:97:ac:c2:b1:fc:6f:f1:
         55:87:46:47:cc:3e:ae:99:29:7b:c7:59:20:7c:18:37:1e:4a:
         61:5f:b7:7b:b4:43:ac:d3:42:76:b6:92:16:bf:96:39:6d:41:
         13:eb:a3:92:cd:87:dc:fa:05:b6:30:97:96:a8:bc:95:e0:77:
         08:c3:a3:ed
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjExMjMxMDQzMjU3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNlODdmOC01OWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApk+7lidcxYyyExtSHCfQs/cuNfWIfv0Xped22dP1jMxbemJVQ9YV0PVYGMqW
ipQ/B85U8QZ7w7+48/Wmysr7mTxbldUJ1iCzN+lMwdi6bw1AM3XJgRrJ1euopM/Q
MXiXhAUg/jdftYpXGFd1z9Mr3Xnu1xA4s+hAuBN48YwZU+XH/7ML8VwSSPltRa1i
lsWXSqD1+fwyioh6lYVyCUzjn9h0w5nbjOPLNNmhmOOGROlOgrBMbFe+J+Hf6O8N
N6u8pFmAzvHvYvfyMBzla27X3DIMC9v3GL4CR8PaUdo6u63+fz3+t3R/xiWtl+/Z
ef5XWJEoehnjevMqqNSdihlA/wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAZhRBRo
SHgx5y+kE5gM0aT+4f4tMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvRDFDMEQ3RUE3
RERFMTFFOEJGNTFEMjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAx5TYDBAAx59QDBAAx5/AwDQYJKoZIhvcNAQELBQADggEB
ALRvmapfJjb+C6fWPrWxnzefFg6HLQNqvcF7gFMLdLTs0W1bGwig3vO7X6PBye2f
uiEc1U6j3zxWNTJFN/8DATq3rsnOZnky3WM6ZMb1Egba8f4vkGCqu3rgo3R7hcsE
thBpaJEDC0HwRSUAXhPiyRYE/zNPbXskSZZrWoZqhIzE7xk0L/et2jYNHoyiUOHh
wBBfNdk+RsXG6kVMSYkszcG5oj89UCsCa3u+3T9lKzDcL6R7RDVQb3Ixnst4kh8k
l6zCsfxv8VWHRkfMPq6ZKXvHWSB8GDceSmFft3u0Q6zTQna2kha/ljltQRPro5LN
h9z6BbYwl5aovJXgdwjDo+0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org