Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/0CEE926E337211EEA86AC90CC4F9AE02.roa
File:                     0CEE926E337211EEA86AC90CC4F9AE02.roa (raw, json)
Hash identifier:          35xkshr28tvT2aj0wyNdEByAmjC1Dz56rM59Je566/M=
Subject key identifier:   89:EE:A2:DB:CE:6F:31:59:5B:AC:8F:10:7F:55:0A:AD:91:71:7C:52
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0442
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/0CEE926E337211EEA86AC90CC4F9AE02.roa
Signing time:             Sat 05 Aug 2023 09:25:43 +0000
ROA not before:           Sat 05 Aug 2023 09:25:43 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     197644
IP address blocks:        43.254.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1090 (0x442)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Aug  5 09:25:43 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64ce1597-e8b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fa:91:ee:20:dd:af:73:19:b1:08:72:e9:00:
                    a2:df:69:42:94:a1:88:4f:7e:75:6a:7b:a2:25:73:
                    cf:d3:f3:d2:f4:3e:5b:c1:e1:aa:1d:45:05:6e:7c:
                    0a:af:68:f3:74:32:92:6a:ae:86:10:ab:8f:3a:19:
                    e7:cc:a2:2e:d9:24:77:1f:7c:b7:1f:ca:94:5f:f4:
                    7f:9c:a2:16:5c:fe:9e:fe:27:fc:25:02:55:90:1e:
                    db:b6:6d:15:35:44:c0:38:09:b1:63:27:9a:87:ce:
                    12:25:13:e3:21:bf:61:00:84:33:b8:3a:16:a0:76:
                    5a:c3:73:9a:2e:8a:db:4a:5c:b0:0c:8e:15:bb:24:
                    86:bc:75:40:cd:07:f2:ce:ec:7e:b5:d0:50:e4:e6:
                    26:f5:1b:ae:c7:0c:32:03:e8:84:c9:de:0a:20:56:
                    e5:1f:19:18:f0:0b:95:9f:06:e5:de:42:62:d1:26:
                    95:02:25:01:e0:da:66:aa:dc:8a:69:70:01:94:cc:
                    ee:f4:48:90:f1:b8:94:d3:65:c6:cd:bd:df:c1:f7:
                    81:43:30:4a:52:b4:3d:f9:c3:09:b5:3a:82:03:fc:
                    e7:41:d7:d8:58:cb:78:b2:aa:d1:d6:04:89:47:b7:
                    5d:71:c4:47:b4:a0:53:ff:ae:0e:11:69:cc:12:82:
                    1a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:EE:A2:DB:CE:6F:31:59:5B:AC:8F:10:7F:55:0A:AD:91:71:7C:52
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/0CEE926E337211EEA86AC90CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.254.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:97:0d:05:7b:41:67:7c:74:71:9d:09:61:be:2c:b6:8f:20:
         29:32:70:d2:d2:51:6c:53:70:c4:c1:25:7c:0e:f1:0e:a0:b4:
         64:df:96:48:f1:06:3a:44:c9:06:30:e7:70:07:2b:25:bd:e0:
         e9:ba:69:b7:38:35:7b:e5:90:75:d8:b9:64:b4:e5:12:74:9a:
         bc:63:66:8a:8d:03:e1:ca:c2:3a:bf:e4:b0:93:0c:d6:05:95:
         b2:40:46:b8:af:44:25:49:5b:c8:8b:bb:ed:51:d3:0d:fa:1e:
         b7:31:cd:81:b5:b6:f5:c7:25:37:cc:09:02:8f:61:9c:6b:5c:
         18:e5:1e:fa:53:41:72:7d:0e:0d:2f:9f:0b:bd:44:bd:fb:f8:
         80:24:b9:2f:19:d3:4c:3f:09:40:fa:1b:e3:0d:b9:24:1a:6e:
         82:d0:db:7b:73:f7:68:de:0c:9e:8e:d6:d9:f3:f4:9d:40:9c:
         6e:96:62:9d:9d:0e:c9:59:a8:16:b9:60:f1:7a:d3:90:99:18:
         81:48:57:27:93:67:2f:44:b7:ee:a9:04:e7:36:e6:99:61:51:
         7f:09:83:8b:11:ce:76:6f:7a:20:13:1e:55:7c:e2:97:54:78:
         a7:36:2f:77:af:00:1e:d7:2c:15:52:00:04:79:db:72:91:a7:
         92:83:43:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA1MDkyNTQzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNlMTU5Ny1lOGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAufqR7iDdr3MZsQhy6QCi32lClKGIT351anuiJXPP0/PS9D5bweGqHUUFbnwK
r2jzdDKSaq6GEKuPOhnnzKIu2SR3H3y3H8qUX/R/nKIWXP6e/if8JQJVkB7btm0V
NUTAOAmxYyeah84SJRPjIb9hAIQzuDoWoHZaw3OaLorbSlywDI4VuySGvHVAzQfy
zux+tdBQ5OYm9RuuxwwyA+iEyd4KIFblHxkY8AuVnwbl3kJi0SaVAiUB4NpmqtyK
aXABlMzu9EiQ8biU02XGzb3fwfeBQzBKUrQ9+cMJtTqCA/znQdfYWMt4sqrR1gSJ
R7ddccRHtKBT/64OEWnMEoIaiwIDAQABo4IClTCCApEwHQYDVR0OBBYEFInuotvO
bzFZW6yPEH9VCq2RcXxSMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMENFRTkyNkUz
MzcyMTFFRUE4NkFDOTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/qUwDQYJKoZIhvcNAQELBQADggEBAK+XDQV7QWd8dHGd
CWG+LLaPICkycNLSUWxTcMTBJXwO8Q6gtGTflkjxBjpEyQYw53AHKyW94Om6abc4
NXvlkHXYuWS05RJ0mrxjZoqNA+HKwjq/5LCTDNYFlbJARrivRCVJW8iLu+1R0w36
HrcxzYG1tvXHJTfMCQKPYZxrXBjlHvpTQXJ9Dg0vnwu9RL37+IAkuS8Z00w/CUD6
G+MNuSQaboLQ23tz92jeDJ6O1tnz9J1AnG6WYp2dDslZqBa5YPF605CZGIFIVyeT
Zy9Et+6pBOc25plhUX8Jg4sRznZveiATHlV84pdUeKc2L3evAB7XLBVSAAR523KR
p5KDQ/s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org