Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
File:                     B1CD281CFED511EDB175A954C4F9AE02.roa (raw, json)
Hash identifier:          BIYWKCCQLkitajdTCaOIO7B0RWp01mNpsay6Gq1Cl4g=
Subject key identifier:   B1:E2:D2:73:D1:94:3E:88:71:56:CE:25:A0:A3:F0:BC:B9:E7:1F:39
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       03E3
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
Signing time:             Tue 30 May 2023 10:35:29 +0000
ROA not before:           Tue 30 May 2023 10:35:28 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        43.255.158.0/24 maxlen: 24
                          43.255.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 995 (0x3e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: May 30 10:35:28 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6475d170-823b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:01:f7:b3:7d:0e:da:2b:e5:79:15:7c:68:03:
                    05:90:4a:0f:11:ff:c5:c0:92:4a:71:40:01:3c:4d:
                    7b:24:2f:72:a7:01:94:f0:01:6b:ca:92:46:91:d7:
                    ac:65:c0:44:2e:27:7a:61:cb:77:37:f4:fd:fa:65:
                    78:ee:b9:ab:bf:5c:72:cd:cb:4a:0d:20:48:8a:58:
                    42:39:a3:0b:7c:5b:9a:5e:8c:69:77:ff:7e:60:db:
                    0a:66:70:82:cc:8e:3e:b6:77:cf:ac:12:e2:5d:98:
                    8c:5a:a9:53:37:7c:bb:46:20:d0:e4:3e:02:bb:30:
                    97:9f:ea:b9:4c:39:f1:05:70:a2:e1:60:ed:d2:e8:
                    61:fb:23:aa:79:0e:6b:b8:3b:cd:e0:a7:94:42:1c:
                    f3:a7:b8:0c:66:d4:a7:7d:32:ab:9d:6f:2e:76:f0:
                    d4:d1:f0:a8:94:9b:e9:80:cd:8e:25:42:57:df:7e:
                    f1:38:f1:27:09:05:34:2a:24:b3:f7:55:c7:01:29:
                    24:c1:52:02:39:9d:57:da:1c:ec:52:14:48:36:b6:
                    a1:6a:62:e0:fa:f9:70:4c:b0:a3:2d:19:03:99:29:
                    f5:e8:37:7c:41:5c:cd:d4:3c:5d:37:c1:02:b5:ca:
                    9d:16:9d:a4:a4:e5:4f:89:e4:d8:9f:51:45:f9:04:
                    ee:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:E2:D2:73:D1:94:3E:88:71:56:CE:25:A0:A3:F0:BC:B9:E7:1F:39
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:d8:29:12:f3:45:b8:0d:48:ab:5f:71:03:af:8a:ee:0f:d5:
         d2:bd:19:07:f5:2d:b6:3a:c1:40:bb:9f:d0:7a:ef:5a:51:4e:
         cb:5b:dc:fa:27:d9:5f:8d:4c:2a:4c:37:c8:18:9c:83:cb:76:
         f0:02:60:f7:2b:7d:af:6f:0d:72:69:ba:17:f2:8e:fc:e3:d3:
         1a:34:93:35:6d:09:a0:0b:a2:bd:90:35:97:dc:4f:d3:1d:00:
         dd:76:2f:f0:6a:74:3e:ee:58:2e:ba:4e:ef:69:af:92:76:6a:
         95:e8:83:2d:9e:19:06:5e:9b:09:e9:6c:60:ae:c6:a9:b6:3a:
         d7:fc:8b:6d:18:ab:d0:2d:0a:39:1a:d4:ac:bd:f1:64:9d:df:
         93:ca:91:1a:c8:43:20:93:ef:4b:1a:cf:1d:06:10:d2:ff:ea:
         a6:3e:b4:e4:34:fd:3b:10:c7:d3:33:52:b0:6a:15:a0:05:51:
         52:df:79:fe:6a:a0:6d:72:e8:03:f3:10:23:8e:95:d1:c6:19:
         b9:f3:e4:01:61:74:aa:9e:f1:0b:89:c5:82:31:f9:f1:b0:ed:
         19:e9:a7:77:52:54:0d:40:d6:ef:73:0d:8c:de:4a:d9:ea:49:
         6d:d1:bd:68:94:c7:94:4a:10:08:78:5f:e0:f8:ac:eb:e0:4c:
         df:27:4a:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNTMwMTAzNTI4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc1ZDE3MC04MjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2AH3s30O2ivleRV8aAMFkEoPEf/FwJJKcUABPE17JC9ypwGU8AFrypJGkdes
ZcBELid6Yct3N/T9+mV47rmrv1xyzctKDSBIilhCOaMLfFuaXoxpd/9+YNsKZnCC
zI4+tnfPrBLiXZiMWqlTN3y7RiDQ5D4CuzCXn+q5TDnxBXCi4WDt0uhh+yOqeQ5r
uDvN4KeUQhzzp7gMZtSnfTKrnW8udvDU0fColJvpgM2OJUJX337xOPEnCQU0KiSz
91XHASkkwVICOZ1X2hzsUhRINrahamLg+vlwTLCjLRkDmSn16Dd8QVzN1DxdN8EC
tcqdFp2kpOVPieTYn1FF+QTuBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLHi0nPR
lD6IcVbOJaCj8Ly55x85MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQjFDRDI4MUNG
RUQ1MTFFREIxNzVBOTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr/54wDQYJKoZIhvcNAQELBQADggEBAAHYKRLzRbgNSKtf
cQOviu4P1dK9GQf1LbY6wUC7n9B671pRTstb3Pon2V+NTCpMN8gYnIPLdvACYPcr
fa9vDXJpuhfyjvzj0xo0kzVtCaALor2QNZfcT9MdAN12L/BqdD7uWC66Tu9pr5J2
apXogy2eGQZemwnpbGCuxqm2Otf8i20Yq9AtCjka1Ky98WSd35PKkRrIQyCT70sa
zx0GENL/6qY+tOQ0/TsQx9MzUrBqFaAFUVLfef5qoG1y6APzECOOldHGGbnz5AFh
dKqe8QuJxYIx+fGw7Rnpp3dSVA1A1u9zDYzeStnqSW3RvWiUx5RKEAh4X+D4rOvg
TN8nSu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org