Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
File:                     F51F7ECAE69E11ED841AC682C4F9AE02.roa (raw, json)
Hash identifier:          rRopJ0nlAoP7aoEDqi80KUmmXPvtYTlxsBGnXhDbpHM=
Subject key identifier:   DF:5B:19:B2:35:0C:6E:1C:68:82:E2:50:A4:37:9D:F7:21:86:73:6D
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       03C7
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
Signing time:             Sat 29 Apr 2023 15:03:11 +0000
ROA not before:           Sat 29 Apr 2023 15:03:11 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     149013
IP address blocks:        43.255.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 967 (0x3c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Apr 29 15:03:11 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=644d31af-3ab9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:46:12:7c:9d:9f:e3:2e:7f:61:87:13:d0:11:
                    ff:c2:31:33:63:31:31:30:f2:d0:f7:a7:a5:33:02:
                    50:30:4c:95:7c:05:92:ac:9a:dd:99:d2:77:91:4c:
                    23:39:bd:e0:35:b1:c9:b9:ef:88:e2:89:50:9c:13:
                    22:57:b4:d9:85:4f:46:15:f0:b5:db:fd:5f:e5:30:
                    2c:70:8e:42:20:b3:41:a9:1b:30:23:17:84:96:79:
                    4d:13:c1:9f:ea:d3:18:f0:1d:1f:23:7e:2d:0e:9a:
                    4a:39:96:9f:25:64:d4:4d:29:b1:f0:71:48:f3:93:
                    b6:99:02:2c:40:4d:2d:92:bf:b9:eb:40:e5:da:5e:
                    ab:10:79:16:bf:c4:44:01:11:8f:9a:fe:9b:40:74:
                    bf:c8:f6:d6:ea:e8:5e:a0:e3:15:ea:0f:93:93:55:
                    82:d6:b4:34:5f:3e:2c:42:2a:92:f7:fb:ae:ad:cf:
                    64:0b:d8:e2:db:74:3f:b6:53:59:bf:82:93:fd:10:
                    66:fe:f2:a0:1a:69:63:90:ca:27:4b:bf:27:71:3c:
                    6e:36:3d:5b:a3:fa:5f:1d:85:09:7a:0d:a8:9d:eb:
                    d5:16:79:c9:e1:cf:33:ca:38:07:28:31:53:55:76:
                    ec:f0:89:d1:db:fa:80:ea:68:b9:03:11:c5:e9:46:
                    01:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:5B:19:B2:35:0C:6E:1C:68:82:E2:50:A4:37:9D:F7:21:86:73:6D
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:a7:36:02:b2:ad:45:5a:84:b9:d7:57:8d:6f:15:17:0f:66:
         0a:d5:ba:fc:0a:ae:50:49:29:80:22:ea:83:2f:e0:40:91:08:
         90:11:58:8b:3c:15:ef:e7:d6:a6:d2:27:c6:18:73:4e:3e:1d:
         a3:d4:a8:fe:36:49:60:d8:e0:5c:18:dc:a5:1e:a5:37:c3:b1:
         f2:41:61:0f:07:fe:cc:25:3f:dc:0e:53:2f:b7:a5:10:99:18:
         24:8a:d4:45:4f:a4:3c:70:c4:ea:0a:64:35:b0:eb:64:60:28:
         11:95:fe:64:9e:d9:ad:0f:99:44:48:3d:44:19:3c:75:59:49:
         92:56:3e:9d:87:c6:4c:ef:dc:5c:4b:e4:b0:c8:83:95:a5:14:
         3f:8c:30:59:99:9e:d0:d2:63:65:d4:83:8b:a7:95:5a:6c:c4:
         03:a8:33:68:09:d1:1e:b3:1e:c3:55:e1:fe:bc:5a:b4:00:5f:
         ec:89:4e:28:a2:68:42:69:09:b1:48:1c:74:04:c7:04:7c:78:
         22:79:b6:3d:e9:5b:15:c3:c6:6e:93:c0:4d:e5:82:ab:1f:69:
         fc:85:63:9a:b8:e2:49:2b:16:51:f3:b9:0a:71:07:38:db:19:
         38:57:7e:27:e5:80:ad:01:74:f3:ae:c5:e5:82:d1:a2:40:ff:
         d1:b5:1c:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNDI5MTUwMzExWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDRkMzFhZi0zYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvEYSfJ2f4y5/YYcT0BH/wjEzYzExMPLQ96elMwJQMEyVfAWSrJrdmdJ3kUwj
Ob3gNbHJue+I4olQnBMiV7TZhU9GFfC12/1f5TAscI5CILNBqRswIxeElnlNE8Gf
6tMY8B0fI34tDppKOZafJWTUTSmx8HFI85O2mQIsQE0tkr+560Dl2l6rEHkWv8RE
ARGPmv6bQHS/yPbW6uheoOMV6g+Tk1WC1rQ0Xz4sQiqS9/uurc9kC9ji23Q/tlNZ
v4KT/RBm/vKgGmljkMonS78ncTxuNj1bo/pfHYUJeg2onevVFnnJ4c8zyjgHKDFT
VXbs8InR2/qA6mi5AxHF6UYBiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN9bGbI1
DG4caILiUKQ3nfchhnNtMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjUxRjdFQ0FF
NjlFMTFFRDg0MUFDNjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/50wDQYJKoZIhvcNAQELBQADggEBAKWnNgKyrUVahLnX
V41vFRcPZgrVuvwKrlBJKYAi6oMv4ECRCJARWIs8Fe/n1qbSJ8YYc04+HaPUqP42
SWDY4FwY3KUepTfDsfJBYQ8H/swlP9wOUy+3pRCZGCSK1EVPpDxwxOoKZDWw62Rg
KBGV/mSe2a0PmURIPUQZPHVZSZJWPp2Hxkzv3FxL5LDIg5WlFD+MMFmZntDSY2XU
g4unlVpsxAOoM2gJ0R6zHsNV4f68WrQAX+yJTiiiaEJpCbFIHHQExwR8eCJ5tj3p
WxXDxm6TwE3lgqsfafyFY5q44kkrFlHzuQpxBzjbGThXfiflgK0BdPOuxeWC0aJA
/9G1HLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org