Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
File:                     58A54E04351C11EEA6C9E532C4F9AE02.roa (raw, json)
Hash identifier:          pPAwJUlPTxngTjYo7h0FpZC3ZEyubQFKIIGrexc0gr4=
Subject key identifier:   5D:6B:F3:84:6D:1A:9A:7B:6D:0E:D3:A5:CD:91:A4:DC:68:66:C7:41
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0456
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
Signing time:             Mon 07 Aug 2023 12:17:16 +0000
ROA not before:           Mon 07 Aug 2023 12:17:16 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        43.247.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1110 (0x456)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Aug  7 12:17:16 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64d0e0cc-987b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:5c:6f:83:27:b3:c1:c4:9e:2f:3d:fd:2d:e5:
                    78:4b:bf:f9:3a:7a:ba:b3:7f:46:38:48:5d:70:89:
                    1a:10:7e:d2:2f:e9:c9:f4:4e:d1:c8:93:f9:f0:1e:
                    fa:f0:fd:dc:e8:ce:fd:dc:8b:76:3c:9a:dd:07:49:
                    8d:8c:27:5f:34:a7:8f:ad:3b:0e:34:75:32:c0:58:
                    0e:ed:af:c8:86:31:2f:51:3f:6a:20:83:14:62:81:
                    64:00:38:e2:54:54:7f:d6:9c:56:9e:86:4c:86:74:
                    ce:2d:c5:99:b7:94:5d:1e:02:4c:a5:5d:a5:08:d6:
                    b4:69:d5:03:1d:f4:86:d3:b1:31:db:41:e4:f8:77:
                    1e:b9:64:ce:e6:45:08:02:f3:0d:63:ff:59:23:25:
                    47:1f:c6:3d:62:69:02:3a:6d:c6:bd:7e:bc:d5:63:
                    5c:00:e6:d3:d8:a6:c6:b0:37:57:7e:27:c0:ce:fa:
                    b7:2e:03:19:0d:06:e3:bd:a2:5d:ca:d5:e4:fe:24:
                    fa:88:a1:7b:19:63:cd:a4:ad:b9:10:0f:57:9d:7f:
                    b7:41:31:e0:79:c5:f1:1d:05:6c:64:3d:38:65:44:
                    ca:d0:fa:70:1f:94:d8:cb:1b:c2:78:63:7f:48:03:
                    7d:23:d3:6a:90:74:8e:ff:ae:4f:cc:56:ec:95:b5:
                    5e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6B:F3:84:6D:1A:9A:7B:6D:0E:D3:A5:CD:91:A4:DC:68:66:C7:41
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:7f:6b:58:52:6d:5d:f0:a5:75:5f:de:aa:cf:86:2d:ed:50:
         43:0b:2f:e2:44:ed:dc:ec:00:45:09:2d:53:bc:2b:29:c8:43:
         dd:50:c0:f0:ac:74:50:d5:6d:e1:3c:4b:13:e3:2b:39:97:e0:
         64:d3:50:53:31:84:1e:08:bc:17:b0:f5:1e:3b:4b:2d:89:ba:
         71:5f:9e:f0:90:6b:6d:66:9f:24:aa:4c:04:04:22:58:84:8b:
         99:2c:22:98:06:81:23:e3:db:8d:95:45:9e:66:c3:5d:1e:ee:
         97:3c:2e:93:b1:32:90:4d:33:d3:05:51:71:47:58:b9:ec:50:
         de:ca:c4:eb:6a:0b:28:c6:8a:93:8c:4b:4d:46:f0:01:55:a6:
         f0:16:85:45:8b:6b:ec:24:7f:e1:9d:1d:21:d9:3e:69:b5:6e:
         e5:3b:b5:11:9c:e0:aa:01:1c:cf:98:5b:7f:0b:a8:e6:20:65:
         66:75:d8:60:41:b9:14:49:3d:ae:f3:be:8f:7c:dd:ce:3d:30:
         32:71:af:1c:2b:66:10:f4:10:d2:26:f9:33:b9:b9:fe:60:58:
         30:1e:4e:36:09:d7:f8:5f:d9:33:84:58:ef:a3:94:e4:91:d8:
         d1:ee:c9:70:c5:9c:c0:43:55:d6:4f:80:65:43:39:e6:48:93:
         90:27:c6:73
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA3MTIxNzE2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQwZTBjYy05ODdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9VxvgyezwcSeLz39LeV4S7/5Onq6s39GOEhdcIkaEH7SL+nJ9E7RyJP58B76
8P3c6M793It2PJrdB0mNjCdfNKePrTsONHUywFgO7a/IhjEvUT9qIIMUYoFkADji
VFR/1pxWnoZMhnTOLcWZt5RdHgJMpV2lCNa0adUDHfSG07Ex20Hk+HceuWTO5kUI
AvMNY/9ZIyVHH8Y9YmkCOm3GvX681WNcAObT2KbGsDdXfifAzvq3LgMZDQbjvaJd
ytXk/iT6iKF7GWPNpK25EA9XnX+3QTHgecXxHQVsZD04ZUTK0PpwH5TYyxvCeGN/
SAN9I9NqkHSO/65PzFbslbVegwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF1r84Rt
Gpp7bQ7Tpc2RpNxoZsdBMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNThBNTRFMDQz
NTFDMTFFRUE2QzlFNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94cwDQYJKoZIhvcNAQELBQADggEBAFR/a1hSbV3wpXVf
3qrPhi3tUEMLL+JE7dzsAEUJLVO8KynIQ91QwPCsdFDVbeE8SxPjKzmX4GTTUFMx
hB4IvBew9R47Sy2JunFfnvCQa21mnySqTAQEIliEi5ksIpgGgSPj242VRZ5mw10e
7pc8LpOxMpBNM9MFUXFHWLnsUN7KxOtqCyjGipOMS01G8AFVpvAWhUWLa+wkf+Gd
HSHZPmm1buU7tRGc4KoBHM+YW38LqOYgZWZ12GBBuRRJPa7zvo983c49MDJxrxwr
ZhD0ENIm+TO5uf5gWDAeTjYJ1/hf2TOEWO+jlOSR2NHuyXDFnMBDVdZPgGVDOeZI
k5AnxnM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org