Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
File:                     4A5937E03D8511EEBB14DB46C4F9AE02.roa (raw, json)
Hash identifier:          MDbc4eUAFDQPCQahWuUUxV8B2b67Ub16x+xxuMPUlO8=
Subject key identifier:   C7:FB:66:8E:DF:E3:D2:CC:60:9D:16:E2:EC:B7:C2:25:A9:F9:53:75
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0473
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
Signing time:             Fri 18 Aug 2023 05:08:38 +0000
ROA not before:           Fri 18 Aug 2023 05:08:38 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     55154
IP address blocks:        43.255.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1139 (0x473)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Aug 18 05:08:38 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64defcd6-d797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3d:8b:b2:d4:07:02:ed:4f:5e:9a:02:eb:14:
                    e9:5c:af:f6:e8:5a:d7:9a:ae:5c:63:95:af:cb:4f:
                    77:c3:9d:17:c3:e8:e3:44:11:09:c0:3f:10:92:c7:
                    1b:6a:0f:86:46:04:6f:9a:26:5a:65:4e:a5:1f:8f:
                    cf:4c:b2:59:20:92:86:87:99:26:57:f1:7a:71:0f:
                    7f:3e:6f:6c:32:5c:d3:51:27:0c:52:9c:a2:4c:5d:
                    45:66:b9:ac:b3:bc:1b:b4:0d:ac:cb:92:c6:a1:93:
                    8d:0d:89:c4:ca:62:37:1e:f5:a6:83:e9:74:50:bc:
                    de:9b:a3:10:ca:07:aa:91:e8:21:d5:06:cc:3c:35:
                    d9:ff:ff:80:e0:ab:e4:fa:df:53:20:c5:f0:8b:d0:
                    0d:cc:ac:c1:78:8a:d8:37:df:3d:78:e4:0e:1c:cd:
                    e7:78:6b:86:e7:9c:be:59:c4:2a:c4:62:c3:00:89:
                    70:77:13:c2:4e:25:cb:5d:07:20:e5:cd:55:cd:48:
                    0d:9c:94:a2:0f:ed:12:f6:b5:83:ee:ac:29:95:d9:
                    d0:ff:61:87:72:93:49:b3:5c:bd:5a:6b:d8:35:45:
                    8b:ba:ed:83:7d:a6:b0:45:9b:32:a6:4f:e6:2a:f3:
                    bb:8d:19:0b:93:21:fa:5e:39:63:db:5e:72:de:9f:
                    0d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:FB:66:8E:DF:E3:D2:CC:60:9D:16:E2:EC:B7:C2:25:A9:F9:53:75
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:01:61:f5:99:72:08:c0:5b:2d:71:68:ee:df:66:b9:e9:ae:
         d1:2a:f7:b7:fa:8d:0e:44:4e:ab:c9:45:c7:4b:d2:2f:e3:76:
         a7:a5:a9:2d:ac:8b:08:42:49:e2:c6:9c:1a:84:8d:5b:f5:ce:
         c3:59:a9:ab:f5:21:0c:e5:30:02:d6:e1:8a:4b:00:e8:c3:50:
         27:4f:8f:2f:de:9f:d8:09:d7:94:3e:70:45:a9:6c:ea:67:0b:
         46:a9:20:ed:7e:2b:f9:2a:3b:5f:33:85:14:17:9e:89:f4:3e:
         eb:42:a2:93:f5:f1:87:82:c6:68:fd:ec:a2:81:e1:1f:a5:8a:
         3c:19:13:15:37:ca:5b:21:92:71:05:61:3d:5d:62:24:f5:32:
         50:1f:7c:2f:63:1b:f0:6c:ff:92:5c:d7:6b:9b:6e:6a:c1:be:
         07:18:0c:45:db:4d:08:26:cb:3f:79:fe:7e:22:52:cd:c3:45:
         3b:76:a3:f5:ec:1a:e4:bf:87:98:ab:02:07:cc:9e:b7:42:5d:
         ed:a4:8a:3d:6b:67:1e:fd:85:50:12:74:4c:dc:b3:3b:e2:26:
         19:66:fb:7e:4a:e7:11:35:92:58:5e:b2:96:0d:82:4b:1d:f6:
         c5:7c:50:54:90:47:ef:e5:46:b4:fb:1f:c2:4d:75:8b:9f:73:
         72:86:c4:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODE4MDUwODM4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRlZmNkNi1kNzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0D2LstQHAu1PXpoC6xTpXK/26FrXmq5cY5Wvy093w50Xw+jjRBEJwD8Qkscb
ag+GRgRvmiZaZU6lH4/PTLJZIJKGh5kmV/F6cQ9/Pm9sMlzTUScMUpyiTF1FZrms
s7wbtA2sy5LGoZONDYnEymI3HvWmg+l0ULzem6MQygeqkegh1QbMPDXZ//+A4Kvk
+t9TIMXwi9ANzKzBeIrYN989eOQOHM3neGuG55y+WcQqxGLDAIlwdxPCTiXLXQcg
5c1VzUgNnJSiD+0S9rWD7qwpldnQ/2GHcpNJs1y9WmvYNUWLuu2DfaawRZsypk/m
KvO7jRkLkyH6Xjlj215y3p8NoQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMf7Zo7f
49LMYJ0W4uy3wiWp+VN1MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNEE1OTM3RTAz
RDg1MTFFRUJCMTREQjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3gwDQYJKoZIhvcNAQELBQADggEBAHoBYfWZcgjAWy1x
aO7fZrnprtEq97f6jQ5ETqvJRcdL0i/jdqelqS2siwhCSeLGnBqEjVv1zsNZqav1
IQzlMALW4YpLAOjDUCdPjy/en9gJ15Q+cEWpbOpnC0apIO1+K/kqO18zhRQXnon0
PutCopP18YeCxmj97KKB4R+lijwZExU3ylshknEFYT1dYiT1MlAffC9jG/Bs/5Jc
12ubbmrBvgcYDEXbTQgmyz95/n4iUs3DRTt2o/XsGuS/h5irAgfMnrdCXe2kij1r
Zx79hVASdEzcszviJhlm+35K5xE1klhespYNgksd9sV8UFSQR+/lRrT7H8JNdYuf
c3KGxPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org