Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/76948D2C2E4511EEA0830A7EC4F9AE02.roa
File:                     76948D2C2E4511EEA0830A7EC4F9AE02.roa (raw, json)
Hash identifier:          Oych7wwoSmE927ImXfS45lZTW1ZoR0qPuv6erT4cCmo=
Subject key identifier:   91:23:13:09:78:C0:5E:B1:0F:30:1C:2B:93:24:89:D4:A8:D6:4C:CF
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       042E
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/76948D2C2E4511EEA0830A7EC4F9AE02.roa
Signing time:             Sat 29 Jul 2023 19:23:57 +0000
ROA not before:           Sat 29 Jul 2023 19:23:57 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     200482
IP address blocks:        43.247.134.0/24 maxlen: 24
                          43.247.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1070 (0x42e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Jul 29 19:23:57 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64c5674d-e82f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a3:ab:09:65:fa:f9:88:cc:04:fd:32:75:e0:
                    99:30:ef:fe:db:44:ad:ce:e5:72:c9:34:38:d4:48:
                    b5:d8:aa:da:1f:eb:28:a0:4a:a4:70:bf:36:86:62:
                    a3:ef:0b:db:a6:cf:98:8f:58:7d:e3:f8:7c:9e:bd:
                    4a:5f:99:14:a3:81:ea:b5:fa:e9:d0:df:d8:04:de:
                    8f:df:3f:49:69:3e:72:ad:33:cf:52:ab:df:e1:af:
                    80:18:f2:1f:06:b0:36:0b:8b:d7:f3:e1:9c:7f:79:
                    ce:18:60:9a:d6:a0:87:7e:c0:43:87:49:1d:1f:cc:
                    5b:ad:f1:19:82:5b:a6:0e:cd:06:d4:3e:6b:bb:c8:
                    94:82:77:51:e5:34:a3:df:37:a8:8e:14:69:9a:59:
                    fb:29:14:86:00:36:6f:30:13:b4:12:81:ce:3e:86:
                    6d:4e:42:fc:05:9e:ec:41:cc:b9:3c:01:78:7e:c3:
                    5c:4a:96:12:84:1f:a6:72:fb:a0:37:51:59:3d:50:
                    52:b7:d4:6c:3d:8a:be:6b:45:a7:34:f2:6a:6c:06:
                    a6:ee:fb:66:96:79:50:32:78:ec:6e:35:ef:be:90:
                    65:2b:0a:56:9c:f8:83:3a:e7:2f:ee:90:71:09:7c:
                    5a:5e:7c:63:4e:a3:f4:4d:6a:50:81:56:3c:70:5b:
                    35:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:23:13:09:78:C0:5E:B1:0F:30:1C:2B:93:24:89:D4:A8:D6:4C:CF
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/76948D2C2E4511EEA0830A7EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:db:04:30:5b:92:44:a1:b7:79:a8:18:68:71:50:9b:5e:be:
         5c:7d:d7:c3:6c:9d:8d:24:cb:f4:8f:18:c0:e1:04:d0:b8:13:
         72:37:47:32:23:ee:ef:c3:ca:76:63:ad:7a:54:0d:f8:1c:c4:
         6a:e7:98:89:73:d5:dd:c6:8f:50:95:27:51:71:a5:18:1d:27:
         29:72:9e:2d:f9:0f:c1:69:8c:33:17:72:0f:69:d6:1c:2e:8e:
         b5:de:58:1b:3c:19:3d:41:de:af:00:64:57:74:9c:a6:92:c3:
         c8:40:dc:3b:1f:3a:be:fd:69:bd:71:e0:6a:f8:1d:3a:6f:89:
         ee:3b:0c:d3:a7:2d:6a:df:ba:42:2f:99:56:21:40:0f:b0:b6:
         e3:cb:bd:b1:2c:40:5b:41:db:3a:8c:da:2c:1c:8b:11:23:5e:
         3b:69:8f:a9:4d:a1:3c:27:17:11:63:eb:a1:ce:e1:bf:d8:3b:
         23:aa:6e:75:e2:f5:44:70:c4:13:9c:81:44:65:85:c5:09:a4:
         5f:19:d0:af:02:0b:1f:43:26:9d:b1:d1:bb:aa:7d:96:46:1a:
         64:c2:9c:2d:f2:b9:b9:89:09:d0:51:b7:65:db:af:9f:ba:4a:
         30:b3:39:e8:33:10:15:21:ab:26:0b:7c:69:e3:fb:e9:e9:81:
         a3:0f:07:9d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBC4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNzI5MTkyMzU3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM1Njc0ZC1lODJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo6OrCWX6+YjMBP0ydeCZMO/+20StzuVyyTQ41Ei12KraH+sooEqkcL82hmKj
7wvbps+Yj1h94/h8nr1KX5kUo4Hqtfrp0N/YBN6P3z9JaT5yrTPPUqvf4a+AGPIf
BrA2C4vX8+Gcf3nOGGCa1qCHfsBDh0kdH8xbrfEZglumDs0G1D5ru8iUgndR5TSj
3zeojhRpmln7KRSGADZvMBO0EoHOPoZtTkL8BZ7sQcy5PAF4fsNcSpYShB+mcvug
N1FZPVBSt9RsPYq+a0WnNPJqbAam7vtmlnlQMnjsbjXvvpBlKwpWnPiDOucv7pBx
CXxaXnxjTqP0TWpQgVY8cFs1fQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJEjEwl4
wF6xDzAcK5MkidSo1kzPMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNzY5NDhEMkMy
RTQ1MTFFRUEwODMwQTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr94YwDQYJKoZIhvcNAQELBQADggEBAAXbBDBbkkSht3mo
GGhxUJtevlx918NsnY0ky/SPGMDhBNC4E3I3RzIj7u/DynZjrXpUDfgcxGrnmIlz
1d3Gj1CVJ1FxpRgdJylyni35D8FpjDMXcg9p1hwujrXeWBs8GT1B3q8AZFd0nKaS
w8hA3DsfOr79ab1x4Gr4HTpvie47DNOnLWrfukIvmVYhQA+wtuPLvbEsQFtB2zqM
2iwcixEjXjtpj6lNoTwnFxFj66HO4b/YOyOqbnXi9URwxBOcgURlhcUJpF8Z0K8C
Cx9DJp2x0buqfZZGGmTCnC3yubmJCdBRt2Xbr5+6SjCzOegzEBUhqyYLfGnj++np
gaMPB50=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org