Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5F5CD268181B11EDB485D027C4F9AE02.roa
File:                     5F5CD268181B11EDB485D027C4F9AE02.roa (raw, json)
Hash identifier:          VtYn/i+pDslA8/9NyEBXncAiLUzPqq6rPvoHG+8QwTQ=
Subject key identifier:   47:A1:F3:AB:08:8C:54:87:AB:73:09:65:60:D9:07:2E:2B:50:DC:CB
Certificate issuer:       /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial:       24B2
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5F5CD268181B11EDB485D027C4F9AE02.roa
Signing time:             Thu 04 May 2023 16:32:54 +0000
ROA not before:           Thu 04 May 2023 16:32:54 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     63944
IP address blocks:        150.107.48.0/24 maxlen: 24
                          150.107.49.0/24 maxlen: 24
                          150.107.50.0/24 maxlen: 24
                          150.107.51.0/24 maxlen: 24
                          2400:eb80::/33 maxlen: 33
                          2400:eb80:8000::/33 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9394 (0x24b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
        Validity
            Not Before: May  4 16:32:54 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=6453de35-d0ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9d:db:de:f9:0d:b9:8c:54:9b:52:11:5f:c2:
                    ba:33:56:64:7d:23:39:8a:e5:2e:1c:08:95:5b:24:
                    88:d6:46:e1:31:a6:87:ec:84:02:42:d5:d4:26:2b:
                    e4:5b:11:d4:1f:77:6c:83:85:9d:29:66:3e:02:a7:
                    55:b0:da:0f:79:be:15:9e:4b:8b:01:52:4a:04:71:
                    29:a7:63:3d:cb:bb:66:b1:29:76:76:54:60:c3:bc:
                    fa:99:40:6e:37:f2:f0:16:8a:ad:8b:ee:86:fb:38:
                    9e:e0:27:53:4b:d2:0b:eb:da:28:20:ad:1b:22:cc:
                    ef:97:22:af:ef:4f:2e:20:8a:d5:1c:fc:5e:56:54:
                    e2:65:7f:f6:29:9e:da:30:69:1e:f2:32:99:26:39:
                    9d:94:dc:5d:f6:dd:a7:eb:ad:cd:b5:2d:5f:98:b3:
                    a9:51:0c:c0:6f:c1:8f:1a:b8:82:1e:ce:66:7b:99:
                    33:dc:09:28:9d:be:58:33:66:a7:25:0b:2b:6e:9a:
                    01:94:d3:a6:99:58:f3:89:52:20:7a:2a:2f:16:21:
                    4b:cb:b2:7d:1c:21:7f:be:06:ac:85:76:8f:c2:15:
                    5f:ab:3f:ab:6f:91:81:29:25:b0:1a:e3:16:78:7f:
                    11:d5:3a:99:bd:66:1d:7c:9d:f2:35:b7:10:05:27:
                    98:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A1:F3:AB:08:8C:54:87:AB:73:09:65:60:D9:07:2E:2B:50:DC:CB
            X509v3 Authority Key Identifier:
                keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/5F5CD268181B11EDB485D027C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.107.48.0/22
                IPv6:
                  2400:eb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         9a:d2:bd:9a:bb:a8:e7:df:ad:2d:c9:25:2a:03:c5:f1:9f:84:
         fe:ec:c4:85:9a:b4:8d:43:f9:57:cc:de:29:94:19:b7:ab:70:
         e2:99:fc:9d:f3:f7:c2:7e:ce:4a:60:24:38:de:22:e1:96:6b:
         1e:6f:bb:c3:aa:17:df:96:d5:f9:f1:74:92:39:e1:71:06:01:
         3e:99:37:e5:18:32:07:50:6c:d2:a5:eb:2c:e9:3c:94:13:67:
         26:f4:78:4a:2a:27:82:4a:76:55:d5:89:f2:6e:4f:33:2f:37:
         4b:55:9c:56:4f:b5:82:7e:13:2a:33:57:da:24:e1:18:48:91:
         02:9a:6f:6f:85:af:5b:6b:cf:a1:18:5f:d8:b5:8e:ad:99:8e:
         eb:99:92:82:de:d7:b6:f4:a7:50:35:16:58:37:a6:49:8c:c9:
         df:ee:36:e9:79:f4:c6:67:0b:fc:c2:b8:9a:79:d6:de:5e:ed:
         72:d2:a6:b4:f2:01:78:b3:e8:77:99:e7:70:81:29:17:d4:dc:
         cc:22:75:42:4e:97:82:50:cb:f0:b2:9d:37:34:dd:8b:cb:3a:
         6c:8c:80:bf:00:41:38:90:84:2e:6e:15:6f:9a:1e:1e:64:37:
         6f:12:26:33:71:33:6b:32:3c:ea:12:57:90:85:c4:8b:1b:81:
         cb:0a:bd:bd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjMwNTA0MTYzMjU0WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUzZGUzNS1kMGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJ3b3vkNuYxUm1IRX8K6M1ZkfSM5iuUuHAiVWySI1kbhMaaH7IQCQtXUJivk
WxHUH3dsg4WdKWY+AqdVsNoPeb4VnkuLAVJKBHEpp2M9y7tmsSl2dlRgw7z6mUBu
N/LwFoqti+6G+zie4CdTS9IL69ooIK0bIszvlyKv708uIIrVHPxeVlTiZX/2KZ7a
MGke8jKZJjmdlNxd9t2n663NtS1fmLOpUQzAb8GPGriCHs5me5kz3Akonb5YM2an
JQsrbpoBlNOmmVjziVIgeiovFiFLy7J9HCF/vgashXaPwhVfqz+rb5GBKSWwGuMW
eH8R1TqZvWYdfJ3yNbcQBSeYKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEeh86sI
jFSHq3MJZWDZBy4rUNzLMB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvNUY1Q0QyNjgx
ODFCMTFFREI0ODVEMDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAKWazAwDQQCAAIwBwMFACQA64AwDQYJKoZIhvcNAQELBQAD
ggEBAJrSvZq7qOffrS3JJSoDxfGfhP7sxIWatI1D+VfM3imUGbercOKZ/J3z98J+
zkpgJDjeIuGWax5vu8OqF9+W1fnxdJI54XEGAT6ZN+UYMgdQbNKl6yzpPJQTZyb0
eEoqJ4JKdlXVifJuTzMvN0tVnFZPtYJ+EyozV9ok4RhIkQKab2+Fr1trz6EYX9i1
jq2ZjuuZkoLe17b0p1A1Flg3pkmMyd/uNul59MZnC/zCuJp51t5e7XLSprTyAXiz
6HeZ53CBKRfU3MwidUJOl4JQy/CynTc03YvLOmyMgL8AQTiQhC5uFW+aHh5kN28S
JjNxM2syPOoSV5CFxIsbgcsKvb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org