Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/4BE1E4A0283511EE8D79FC4FC4F9AE02.roa
File:                     4BE1E4A0283511EE8D79FC4FC4F9AE02.roa (raw, json)
Hash identifier:          nvAAH5N+xgSPkyIrSrLmyoZ23gAT/bOmQatdJO/w2oI=
Subject key identifier:   10:03:10:F3:EE:4B:BA:EB:B5:E1:BD:5A:80:C9:15:BD:DE:A3:E0:C3
Certificate issuer:       /CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
Certificate serial:       0337
Authority key identifier: F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/4BE1E4A0283511EE8D79FC4FC4F9AE02.roa
Signing time:             Sat 22 Jul 2023 02:20:46 +0000
ROA not before:           Sat 22 Jul 2023 02:20:46 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     17547
IP address blocks:        178.160.128.0/18 maxlen: 19
                          178.160.128.0/24 maxlen: 24
                          178.160.129.0/24 maxlen: 24
                          178.160.130.0/24 maxlen: 24
                          178.160.131.0/24 maxlen: 24
                          178.160.132.0/24 maxlen: 24
                          178.160.133.0/24 maxlen: 24
                          178.160.135.0/24 maxlen: 24
                          178.160.137.0/24 maxlen: 24
                          178.160.138.0/24 maxlen: 24
                          178.160.139.0/24 maxlen: 24
                          178.160.140.0/24 maxlen: 24
                          178.160.141.0/24 maxlen: 24
                          178.160.142.0/24 maxlen: 24
                          178.160.143.0/24 maxlen: 24
                          178.160.144.0/24 maxlen: 24
                          178.160.145.0/24 maxlen: 24
                          178.160.146.0/24 maxlen: 24
                          178.160.147.0/24 maxlen: 24
                          178.160.148.0/24 maxlen: 24
                          178.160.149.0/24 maxlen: 24
                          178.160.150.0/24 maxlen: 24
                          178.160.151.0/24 maxlen: 24
                          178.160.152.0/24 maxlen: 24
                          178.160.153.0/24 maxlen: 24
                          178.160.154.0/24 maxlen: 24
                          178.160.155.0/24 maxlen: 24
                          178.160.156.0/24 maxlen: 24
                          178.160.157.0/24 maxlen: 24
                          178.160.158.0/24 maxlen: 24
                          178.160.159.0/24 maxlen: 24
                          178.160.160.0/24 maxlen: 24
                          178.160.161.0/24 maxlen: 24
                          178.160.162.0/24 maxlen: 24
                          178.160.163.0/24 maxlen: 24
                          178.160.164.0/24 maxlen: 24
                          178.160.165.0/24 maxlen: 24
                          178.160.166.0/24 maxlen: 24
                          178.160.167.0/24 maxlen: 24
                          178.160.168.0/24 maxlen: 24
                          178.160.169.0/24 maxlen: 24
                          178.160.170.0/24 maxlen: 24
                          178.160.171.0/24 maxlen: 24
                          178.160.172.0/24 maxlen: 24
                          178.160.173.0/24 maxlen: 24
                          178.160.174.0/24 maxlen: 24
                          178.160.175.0/24 maxlen: 24
                          178.160.176.0/24 maxlen: 24
                          178.160.177.0/24 maxlen: 24
                          178.160.178.0/24 maxlen: 24
                          178.160.179.0/24 maxlen: 24
                          178.160.180.0/24 maxlen: 24
                          178.160.181.0/24 maxlen: 24
                          178.160.182.0/24 maxlen: 24
                          178.160.183.0/24 maxlen: 24
                          178.160.184.0/24 maxlen: 24
                          178.160.185.0/24 maxlen: 24
                          178.160.186.0/24 maxlen: 24
                          178.160.187.0/24 maxlen: 24
                          178.160.188.0/24 maxlen: 24
                          178.160.189.0/24 maxlen: 24
                          178.160.190.0/24 maxlen: 24
                          178.160.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 823 (0x337)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
        Validity
            Not Before: Jul 22 02:20:46 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=64bb3cfe-b3a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:7e:37:cb:3a:fa:77:30:56:30:f0:48:9d:0d:
                    05:50:06:52:5a:f3:5f:f8:af:d5:18:30:2b:a9:10:
                    c4:96:9f:45:62:ab:40:2d:74:f1:d1:1a:f3:3d:43:
                    3e:ea:c1:4d:1f:f5:22:0e:cb:4b:d5:c9:26:18:69:
                    57:ff:81:c8:4d:74:99:cb:3c:ef:74:4c:80:c9:18:
                    af:d0:5c:d1:e3:ff:8f:58:7c:03:a8:1f:42:56:d5:
                    52:8a:d0:62:bb:91:4f:49:52:e2:af:93:20:db:ab:
                    eb:27:eb:69:8c:6f:4e:18:39:f2:14:d4:0e:4d:1f:
                    b9:af:e0:23:82:eb:dc:d3:70:87:35:62:f5:ec:b4:
                    ff:4a:00:2d:2d:0f:c2:98:ca:d3:54:12:6c:af:d0:
                    e9:86:f0:90:93:55:bc:a5:bc:8f:d0:b4:79:69:49:
                    82:ae:28:ec:db:fc:40:da:16:80:73:53:ed:63:48:
                    47:c2:9c:4d:64:4d:4b:7f:10:5e:9f:bb:91:3d:50:
                    21:2f:4e:f5:42:73:a8:f3:ee:c8:3e:24:c3:8e:f8:
                    b9:f9:d6:e1:51:14:f0:9e:11:cb:39:61:d9:db:f7:
                    5d:b2:f5:e6:bd:81:96:2b:fb:81:ca:ef:a0:02:c0:
                    f0:e3:aa:8b:50:f1:f0:ce:04:41:e7:3d:5e:19:e9:
                    e9:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:03:10:F3:EE:4B:BA:EB:B5:E1:BD:5A:80:C9:15:BD:DE:A3:E0:C3
            X509v3 Authority Key Identifier:
                keyid:F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/4BE1E4A0283511EE8D79FC4FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.160.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2e:f6:0c:b3:57:56:2e:40:77:2c:a9:fa:e2:f9:70:94:52:67:
         76:9f:a1:78:ab:0c:6c:d6:bb:ac:77:bd:b6:d8:dc:fc:64:e1:
         b6:81:09:8a:67:fd:ca:3f:a3:83:5c:49:59:a8:b0:3b:e2:1c:
         a3:74:3f:32:67:e5:6f:c0:8a:2e:22:0b:ff:ec:40:1f:cc:fa:
         86:b2:00:e1:4f:94:a8:e3:69:de:cb:01:f2:bf:82:62:18:88:
         43:06:68:1e:f1:7b:73:1d:5c:89:94:04:24:25:04:22:a1:e2:
         8d:94:dd:95:7d:38:1c:34:13:1c:c8:b6:f0:24:d1:fb:8e:29:
         59:e2:ba:08:6a:5f:25:64:b0:80:45:6d:9d:86:3f:ed:2f:6f:
         fb:45:8a:f2:73:9b:4a:62:ae:d9:36:28:5d:ae:59:29:db:dd:
         87:a2:c9:31:62:82:40:2e:80:24:08:2e:42:40:e7:99:57:72:
         0e:d9:1e:e3:99:e6:df:34:b3:d6:32:3c:30:dc:40:0f:09:27:
         b0:d1:f4:05:33:92:73:ad:44:7c:0a:b2:eb:27:43:ad:42:db:
         67:2a:a4:40:df:fb:5e:2d:b5:6e:74:24:69:88:67:9a:80:15:
         c0:f4:b3:9f:8b:57:e0:df:e6:cb:39:3f:43:a1:d2:37:2d:31:
         b3:e8:14:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKEY3RjlEOEE0MzU1RDY3M0I5RDRFN0YxNTVEM0E3OEU1
RTY2MEZFQTUwHhcNMjMwNzIyMDIyMDQ2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJiM2NmZS1iM2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4H43yzr6dzBWMPBInQ0FUAZSWvNf+K/VGDArqRDElp9FYqtALXTx0RrzPUM+
6sFNH/UiDstL1ckmGGlX/4HITXSZyzzvdEyAyRiv0FzR4/+PWHwDqB9CVtVSitBi
u5FPSVLir5Mg26vrJ+tpjG9OGDnyFNQOTR+5r+Ajguvc03CHNWL17LT/SgAtLQ/C
mMrTVBJsr9DphvCQk1W8pbyP0LR5aUmCrijs2/xA2haAc1PtY0hHwpxNZE1LfxBe
n7uRPVAhL071QnOo8+7IPiTDjvi5+dbhURTwnhHLOWHZ2/ddsvXmvYGWK/uByu+g
AsDw46qLUPHwzgRB5z1eGenpCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBADEPPu
S7rrteG9WoDJFb3eo+DDMB8GA1UdIwQYMBaAFPf52KQ1XWc7nU5/FV06eOXmYP6l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9EMTYyRTAzQTNE
M0ExMUVDQkVGNzdDNzZDNEY5QUUwMi85X25ZcERWZFp6dWRUbjhWWFRwNDVlWmdf
cVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlfbllwRFZkWnp1ZFRuOFZYVHA0NWVaZ19xVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvRDE2MkUwM0EzRDNBMTFFQ0JFRjc3Qzc2QzRGOUFFMDIvNEJFMUU0QTAy
ODM1MTFFRThENzlGQzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAayoIAwDQYJKoZIhvcNAQELBQADggEBAC72DLNXVi5Adyyp
+uL5cJRSZ3afoXirDGzWu6x3vbbY3Pxk4baBCYpn/co/o4NcSVmosDviHKN0PzJn
5W/Aii4iC//sQB/M+oayAOFPlKjjad7LAfK/gmIYiEMGaB7xe3MdXImUBCQlBCKh
4o2U3ZV9OBw0ExzItvAk0fuOKVniughqXyVksIBFbZ2GP+0vb/tFivJzm0pirtk2
KF2uWSnb3YeiyTFigkAugCQILkJA55lXcg7ZHuOZ5t80s9YyPDDcQA8JJ7DR9AUz
knOtRHwKsusnQ61C22cqpEDf+14ttW50JGmIZ5qAFcD0s5+LV+Df5ss5P0Oh0jct
MbPoFK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org