Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7934FC14972911ED8CBCA476C4F9AE02.roa
File:                     7934FC14972911ED8CBCA476C4F9AE02.roa (raw, json)
Hash identifier:          a48jEoE2rZhrEq1XL4DYInodQA+ufT9ojp5PR3c4ARM=
Subject key identifier:   CF:26:00:08:DC:F7:A2:7F:5F:5D:59:0F:EC:99:D5:25:26:38:0C:94
Certificate issuer:       /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial:       01FA
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7934FC14972911ED8CBCA476C4F9AE02.roa
Signing time:             Wed 18 Jan 2023 12:13:10 +0000
ROA not before:           Wed 18 Jan 2023 12:13:10 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        113.20.48.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 506 (0x1fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
        Validity
            Not Before: Jan 18 12:13:10 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=63c7e256-89fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:33:86:94:c4:1e:bd:bb:75:93:cd:8d:05:ff:
                    c3:8d:02:4d:3d:7c:38:cf:ac:4a:e1:d9:a1:b2:fc:
                    59:49:ed:36:1f:15:0e:9c:bf:94:ca:91:88:ae:ac:
                    d2:2c:29:a8:0c:f4:b4:09:be:23:2b:81:52:d8:1f:
                    57:7f:e0:a0:c5:cb:50:de:51:d3:46:26:4f:0a:24:
                    d7:93:7c:e6:22:97:fe:bf:ad:3c:2d:56:7a:a8:06:
                    b4:48:3c:2e:f6:78:70:76:42:dd:50:58:de:66:9a:
                    a7:3f:25:52:da:3a:c0:77:cb:cd:99:8c:86:35:aa:
                    fd:a7:67:12:9e:49:b7:b7:a9:b8:6b:65:67:0a:3e:
                    f9:b8:d0:4a:54:f9:2a:e6:75:3d:22:dc:b9:7c:8f:
                    34:2c:56:11:d0:5a:55:d7:7c:97:18:75:a8:38:cb:
                    12:b4:cd:39:4b:7a:e2:60:0d:13:58:3f:0f:63:71:
                    c0:92:57:71:8c:5b:3b:79:10:41:56:a2:19:bc:b2:
                    44:be:d5:0a:e2:2a:eb:2b:24:b6:7d:91:86:92:fc:
                    27:1a:cb:89:3e:0b:e4:d0:fa:55:52:0c:9a:39:50:
                    23:9c:ee:0a:47:99:2f:fb:25:f5:c5:69:6d:72:4e:
                    32:93:64:9c:f2:f0:e8:69:9c:97:f2:e8:49:29:8c:
                    0f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:26:00:08:DC:F7:A2:7F:5F:5D:59:0F:EC:99:D5:25:26:38:0C:94
            X509v3 Authority Key Identifier:
                keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7934FC14972911ED8CBCA476C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.20.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ae:3c:86:da:b8:39:f8:03:96:11:3e:28:77:05:45:bb:11:a7:
         3f:5c:34:57:5d:c2:96:ae:10:74:8a:83:e7:34:04:cb:81:bf:
         0a:6b:7b:28:be:87:0e:eb:50:1d:88:e1:61:fa:24:9f:1c:aa:
         a9:7a:66:fb:a8:0b:1c:28:30:41:c6:e8:0a:ad:90:fc:ee:c7:
         44:04:77:e6:0e:99:38:95:56:8f:44:69:78:30:ca:7d:87:96:
         ce:4f:23:52:9e:fd:6d:47:56:aa:e5:e9:b1:26:c0:93:24:07:
         82:29:3b:d0:dd:e8:0d:84:41:d5:d7:25:16:d8:a7:53:9a:8c:
         f1:ae:fe:7c:36:7f:6c:aa:89:f9:eb:b9:68:d6:dd:28:f5:8c:
         d1:21:5d:dc:3a:be:79:4a:04:f5:17:94:24:bd:7c:46:60:66:
         9c:12:6e:0e:d0:89:38:c5:14:37:79:5e:e0:12:f2:55:7f:a9:
         6d:46:77:e3:ea:dc:27:a4:e4:37:4b:6c:c7:c3:a9:c1:d9:1b:
         85:c8:c0:81:29:18:15:1f:6c:f8:58:37:5a:72:4e:08:79:6c:
         e3:9b:64:e5:ea:63:3c:e2:4b:3d:d0:cc:22:96:73:a5:4c:61:
         4f:c1:6c:d1:c5:c5:94:3e:19:96:83:55:e2:04:af:0b:80:77:
         f9:af:b4:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjMwMTE4MTIxMzEwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M3ZTI1Ni04OWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8TOGlMQevbt1k82NBf/DjQJNPXw4z6xK4dmhsvxZSe02HxUOnL+UypGIrqzS
LCmoDPS0Cb4jK4FS2B9Xf+CgxctQ3lHTRiZPCiTXk3zmIpf+v608LVZ6qAa0SDwu
9nhwdkLdUFjeZpqnPyVS2jrAd8vNmYyGNar9p2cSnkm3t6m4a2VnCj75uNBKVPkq
5nU9Ity5fI80LFYR0FpV13yXGHWoOMsStM05S3riYA0TWD8PY3HAkldxjFs7eRBB
VqIZvLJEvtUK4irrKyS2fZGGkvwnGsuJPgvk0PpVUgyaOVAjnO4KR5kv+yX1xWlt
ck4yk2Sc8vDoaZyX8uhJKYwPFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM8mAAjc
96J/X11ZD+yZ1SUmOAyUMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvNzkzNEZDMTQ5
NzI5MTFFRDhDQkNBNDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBARxFDAwDQYJKoZIhvcNAQELBQADggEBAK48htq4OfgDlhE+
KHcFRbsRpz9cNFddwpauEHSKg+c0BMuBvwpreyi+hw7rUB2I4WH6JJ8cqql6Zvuo
CxwoMEHG6AqtkPzux0QEd+YOmTiVVo9EaXgwyn2Hls5PI1Ke/W1HVqrl6bEmwJMk
B4IpO9Dd6A2EQdXXJRbYp1OajPGu/nw2f2yqifnruWjW3Sj1jNEhXdw6vnlKBPUX
lCS9fEZgZpwSbg7QiTjFFDd5XuAS8lV/qW1Gd+Pq3Cek5DdLbMfDqcHZG4XIwIEp
GBUfbPhYN1pyTgh5bOObZOXqYzziSz3QzCKWc6VMYU/BbNHFxZQ+GZaDVeIErwuA
d/mvtFE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org