Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B2106ADEA69A11ED83470E12C4F9AE02.roa
File:                     B2106ADEA69A11ED83470E12C4F9AE02.roa (raw, json)
Hash identifier:          4MmIIY5Bp/q7nwXMb+2FAtxUvdsCf/op2vFrQM+IQNY=
Subject key identifier:   C2:DF:3C:86:78:2D:32:1E:59:F7:C6:49:9C:25:1F:21:92:ED:27:13
Certificate issuer:       /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial:       04E0
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B2106ADEA69A11ED83470E12C4F9AE02.roa
Signing time:             Tue 07 Feb 2023 03:51:26 +0000
ROA not before:           Tue 07 Feb 2023 03:51:26 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     131174
IP address blocks:        110.44.16.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1248 (0x4e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
        Validity
            Not Before: Feb  7 03:51:26 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=63e1cabe-c1e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:18:52:e4:45:80:54:f6:b3:a2:f6:ce:f8:e7:
                    c2:b3:44:56:54:a7:cb:ed:2c:9a:ae:5c:86:87:a2:
                    f2:2f:7d:06:3a:d0:72:78:e4:ee:1c:a4:87:3b:eb:
                    ed:94:d4:0a:bf:ae:eb:f1:3c:4e:bf:ba:c5:b5:50:
                    14:aa:b2:e2:aa:6e:05:58:66:95:56:b8:4e:5c:0e:
                    60:09:a1:66:d0:28:1d:62:d8:f4:39:48:56:9b:54:
                    da:d1:4f:f9:fc:5f:28:e8:99:6f:75:6d:14:86:0c:
                    c7:0e:92:7f:8c:d2:30:2e:55:50:51:2b:dc:aa:06:
                    31:0d:20:0b:75:3a:d1:3c:63:66:74:66:c8:60:2f:
                    4d:3d:fb:dd:8c:39:50:a8:34:61:6d:2f:f6:f5:59:
                    cd:e6:a1:36:16:fb:21:94:eb:64:e9:2d:d6:02:5c:
                    06:ae:e7:19:4a:fc:28:55:dd:94:76:60:a2:a6:33:
                    39:5b:e5:b2:ca:44:52:65:4c:45:d4:5d:42:3a:72:
                    0a:43:a7:01:2d:a7:35:4a:93:5a:d8:05:b8:2b:51:
                    11:70:07:a2:a4:17:ff:24:c9:fd:c4:06:3e:42:04:
                    60:64:df:82:9e:81:67:19:b0:e2:aa:8f:8d:9e:6e:
                    3b:21:88:75:c6:f2:31:6b:ec:42:5e:99:dc:21:96:
                    b9:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:DF:3C:86:78:2D:32:1E:59:F7:C6:49:9C:25:1F:21:92:ED:27:13
            X509v3 Authority Key Identifier:
                keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B2106ADEA69A11ED83470E12C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.44.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:5f:43:2f:24:36:ef:bf:9d:63:2e:4a:d7:01:fb:a6:8b:9c:
         32:f5:16:77:b2:82:aa:68:ea:f8:d5:ca:9e:8f:d6:c4:2c:c1:
         96:38:97:79:cb:c3:63:7f:3b:f0:cb:f1:a1:55:21:f8:ff:74:
         e2:95:63:34:b7:df:aa:e5:46:31:30:72:62:91:00:a2:73:07:
         0e:20:e5:b2:5e:3a:72:bb:68:c3:1c:90:c9:48:9e:e8:71:82:
         0f:15:1e:92:73:1d:b1:e2:4e:01:a5:36:02:2f:16:0d:88:97:
         22:c5:03:ac:23:a5:2c:61:4a:6c:63:12:3b:fd:f0:ad:26:cd:
         bd:d5:c8:fe:81:f2:cb:9a:6f:70:4d:af:6c:d2:97:71:ed:92:
         f4:8d:72:10:ff:c8:cf:ea:bb:76:83:8a:da:9c:d9:26:a1:d1:
         7b:cf:02:b6:7a:a2:89:b6:fa:b7:c7:66:a4:06:e7:05:b9:04:
         ec:5e:8b:3b:b4:c2:46:02:05:e7:45:c2:3d:fb:d1:ce:45:43:
         32:55:8d:78:c8:0f:7d:56:9d:b1:7d:4f:d3:0a:9e:e3:64:f0:
         cf:b2:e7:43:e7:9c:35:8b:72:2a:c5:72:ff:d6:2e:5c:6f:5f:
         4d:33:46:c5:dc:d6:43:67:ca:2c:03:e6:04:5a:72:64:03:1f:
         d4:4b:df:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjMwMjA3MDM1MTI2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UxY2FiZS1jMWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqhhS5EWAVPazovbO+OfCs0RWVKfL7SyarlyGh6LyL30GOtByeOTuHKSHO+vt
lNQKv67r8TxOv7rFtVAUqrLiqm4FWGaVVrhOXA5gCaFm0CgdYtj0OUhWm1Ta0U/5
/F8o6JlvdW0UhgzHDpJ/jNIwLlVQUSvcqgYxDSALdTrRPGNmdGbIYC9NPfvdjDlQ
qDRhbS/29VnN5qE2FvshlOtk6S3WAlwGrucZSvwoVd2UdmCipjM5W+WyykRSZUxF
1F1COnIKQ6cBLac1SpNa2AW4K1ERcAeipBf/JMn9xAY+QgRgZN+CnoFnGbDiqo+N
nm47IYh1xvIxa+xCXpncIZa5ZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMLfPIZ4
LTIeWffGSZwlHyGS7ScTMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQjIxMDZBREVB
NjlBMTFFRDgzNDcwRTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABuLBAwDQYJKoZIhvcNAQELBQADggEBAFlfQy8kNu+/nWMu
StcB+6aLnDL1Fneygqpo6vjVyp6P1sQswZY4l3nLw2N/O/DL8aFVIfj/dOKVYzS3
36rlRjEwcmKRAKJzBw4g5bJeOnK7aMMckMlInuhxgg8VHpJzHbHiTgGlNgIvFg2I
lyLFA6wjpSxhSmxjEjv98K0mzb3VyP6B8suab3BNr2zSl3HtkvSNchD/yM/qu3aD
itqc2Sah0XvPArZ6oom2+rfHZqQG5wW5BOxeizu0wkYCBedFwj370c5FQzJVjXjI
D31WnbF9T9MKnuNk8M+y50PnnDWLcirFcv/WLlxvX00zRsXc1kNnyiwD5gRacmQD
H9RL3y4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org