Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9D59F294337211EEB777C10DC4F9AE02.roa
File:                     9D59F294337211EEB777C10DC4F9AE02.roa (raw, json)
Hash identifier:          hTak2tBn6ajjgXh81UpaOJMoi5pYfBfcc1+sSqNQJt8=
Subject key identifier:   07:66:3A:95:9F:FB:06:09:C1:5F:65:8F:33:37:3D:D2:1F:10:FC:1B
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       044D
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9D59F294337211EEB777C10DC4F9AE02.roa
Signing time:             Sat 05 Aug 2023 09:29:46 +0000
ROA not before:           Sat 05 Aug 2023 09:29:46 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     200482
IP address blocks:        43.247.134.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1101 (0x44d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Aug  5 09:29:46 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64ce1689-8f2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:dc:f5:fd:8c:c1:75:4e:3c:17:0b:af:49:75:
                    f8:4b:05:f8:a4:cd:2c:97:67:7a:35:7f:76:5f:f5:
                    0d:4a:e4:5d:0c:5b:a2:12:93:43:03:44:b1:23:29:
                    43:f9:db:f7:d3:0c:e9:1a:73:61:3d:73:f0:eb:b3:
                    74:e4:0c:ad:cf:8d:99:ee:8b:2b:91:bb:78:d0:a3:
                    d4:60:af:86:f7:bb:ce:0a:3d:d9:c8:5f:8f:de:dd:
                    ce:08:b2:43:b2:ad:33:13:7a:df:0b:a7:e1:6a:61:
                    ad:4b:7a:87:ab:39:c1:e7:36:79:ce:0a:c9:48:54:
                    ed:ab:80:39:69:0c:ed:e2:0d:cf:eb:79:d6:71:5d:
                    89:17:ad:39:90:48:52:62:d6:3c:58:a3:e7:44:a2:
                    85:3e:80:d8:60:d6:9a:72:68:a9:fd:68:cf:7f:44:
                    ec:43:0d:33:2f:fc:71:69:74:31:f2:72:5c:9c:80:
                    63:b8:1f:ac:1f:af:9a:46:0c:fb:32:45:d3:55:4c:
                    04:75:2c:2d:bc:ee:08:98:9c:8f:7c:d2:bd:c0:02:
                    ab:ed:40:3d:5d:81:48:69:cf:96:61:83:d0:a1:7d:
                    29:81:4f:75:1a:0d:51:c2:18:7d:fc:a6:46:23:1b:
                    68:40:b7:55:04:0b:b4:47:1f:a3:ab:03:7a:f1:06:
                    4a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:66:3A:95:9F:FB:06:09:C1:5F:65:8F:33:37:3D:D2:1F:10:FC:1B
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9D59F294337211EEB777C10DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:b2:cb:86:82:4c:04:5c:b9:ff:e2:76:67:fe:df:6c:3d:f4:
         2c:60:e6:82:e3:a4:14:1d:9c:24:f5:2a:9e:d3:5a:16:7d:6c:
         a6:d0:91:01:e8:1a:c7:e4:6e:97:a7:cb:01:1f:81:90:e2:c2:
         2a:8a:e4:13:45:c7:c6:19:49:38:f1:ba:d5:31:2c:71:9e:4a:
         5d:b4:61:a7:77:f4:77:2a:40:72:f9:9c:b8:88:fe:26:2c:82:
         96:64:c4:09:7e:b3:24:54:cc:6c:21:05:34:10:31:92:01:de:
         b7:f5:c1:19:49:c8:56:fd:4c:dd:6a:bf:9b:b0:36:da:b8:14:
         20:e1:20:6b:a6:f2:6f:72:20:73:4b:61:38:e9:08:ac:c0:f9:
         86:65:d1:4d:87:b9:29:44:f3:39:ca:83:4c:41:d9:fd:cd:33:
         0a:5e:4f:61:14:60:5e:92:10:5a:ab:3a:7f:b5:f1:2b:8e:f4:
         2b:74:35:de:67:99:61:d7:bb:55:8d:e0:05:67:0b:3b:34:fc:
         67:5e:04:97:c2:b4:88:ed:79:e3:2b:1e:cb:81:51:cf:b0:ca:
         66:61:0b:e6:e3:42:4b:f1:f7:89:2e:c7:0f:35:59:73:3f:29:
         2b:81:6a:0a:60:0b:4b:ba:c8:e8:99:9e:7f:9b:fb:ec:cf:3a:
         21:31:33:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA1MDkyOTQ2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNlMTY4OS04ZjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqdz1/YzBdU48FwuvSXX4SwX4pM0sl2d6NX92X/UNSuRdDFuiEpNDA0SxIylD
+dv30wzpGnNhPXPw67N05Aytz42Z7osrkbt40KPUYK+G97vOCj3ZyF+P3t3OCLJD
sq0zE3rfC6fhamGtS3qHqznB5zZ5zgrJSFTtq4A5aQzt4g3P63nWcV2JF605kEhS
YtY8WKPnRKKFPoDYYNaacmip/WjPf0TsQw0zL/xxaXQx8nJcnIBjuB+sH6+aRgz7
MkXTVUwEdSwtvO4ImJyPfNK9wAKr7UA9XYFIac+WYYPQoX0pgU91Gg1Rwhh9/KZG
IxtoQLdVBAu0Rx+jqwN68QZKGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAdmOpWf
+wYJwV9ljzM3PdIfEPwbMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvOUQ1OUYyOTQz
MzcyMTFFRUI3NzdDMTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94YwDQYJKoZIhvcNAQELBQADggEBAGeyy4aCTARcuf/i
dmf+32w99Cxg5oLjpBQdnCT1Kp7TWhZ9bKbQkQHoGsfkbpenywEfgZDiwiqK5BNF
x8YZSTjxutUxLHGeSl20Yad39HcqQHL5nLiI/iYsgpZkxAl+syRUzGwhBTQQMZIB
3rf1wRlJyFb9TN1qv5uwNtq4FCDhIGum8m9yIHNLYTjpCKzA+YZl0U2HuSlE8znK
g0xB2f3NMwpeT2EUYF6SEFqrOn+18SuO9Ct0Nd5nmWHXu1WN4AVnCzs0/GdeBJfC
tIjteeMrHsuBUc+wymZhC+bjQkvx94kuxw81WXM/KSuBagpgC0u6yOiZnn+b++zP
OiExM4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org