Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/95E56A160F8211EE9C28226AC4F9AE02.roa
File:                     95E56A160F8211EE9C28226AC4F9AE02.roa (raw, json)
Hash identifier:          WTyihnqe9TdQnhkP8aDc7Z6gs+JaDTj7fUVLrgYG3FI=
Subject key identifier:   12:DF:97:55:C6:CD:CF:A3:8E:2C:BE:63:3C:96:E1:BF:E0:58:B1:31
Certificate issuer:       /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial:       24CF
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/95E56A160F8211EE9C28226AC4F9AE02.roa
Signing time:             Tue 20 Jun 2023 15:53:23 +0000
ROA not before:           Tue 20 Jun 2023 15:53:23 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     133439
IP address blocks:        150.107.50.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9423 (0x24cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
        Validity
            Not Before: Jun 20 15:53:23 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=6491cb73-9be0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:9b:4a:df:c2:18:44:d9:58:5c:74:66:d4:a0:
                    f8:3d:20:63:9d:f9:70:a7:5e:e7:35:a5:14:01:24:
                    63:a8:c0:d2:9c:c3:50:9d:7a:63:6f:d9:bc:5b:ec:
                    eb:f4:fc:5f:46:bc:b6:39:85:cd:1a:03:73:4f:2e:
                    c5:ad:ed:61:94:bb:f8:14:e5:21:28:bf:ae:7a:e2:
                    c1:25:ea:ac:43:dd:1d:3e:19:2e:61:40:f4:a7:07:
                    8b:21:1f:3c:8e:4f:0a:22:ac:5b:31:e4:d9:c0:3c:
                    88:3b:c2:93:4f:3a:a9:7e:24:e3:50:0e:2d:bc:85:
                    43:22:4f:87:77:4c:25:20:c6:6a:35:cc:a9:1b:de:
                    49:49:a5:fc:d7:12:83:1e:74:fb:f4:87:c3:22:45:
                    b0:29:02:09:c0:29:39:38:22:90:2b:b9:7d:57:cd:
                    59:fc:5d:22:50:2d:65:71:46:af:6a:51:6a:3d:de:
                    96:62:ee:57:e5:04:57:92:96:30:de:bf:a5:77:f5:
                    5c:5f:72:0c:d5:4f:c4:4c:26:2b:91:8f:19:32:83:
                    f9:5b:ac:12:c6:97:01:03:de:28:46:54:06:bc:11:
                    70:8f:9f:84:3e:04:ae:6f:5e:37:d2:52:9a:9a:b1:
                    87:e2:f5:31:1b:b1:31:5c:29:00:f6:dc:a2:db:01:
                    25:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:DF:97:55:C6:CD:CF:A3:8E:2C:BE:63:3C:96:E1:BF:E0:58:B1:31
            X509v3 Authority Key Identifier:
                keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/95E56A160F8211EE9C28226AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.107.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:b1:24:bf:a5:79:d1:bb:84:ca:24:bd:4b:20:03:3e:7b:80:
         ee:37:49:0d:e8:ef:8e:71:35:c5:64:73:c9:35:63:71:cd:8d:
         96:15:94:34:5e:a5:a5:22:10:c9:b8:a1:ba:43:96:6c:37:e7:
         28:70:32:01:ec:c5:d7:7b:e7:b3:31:f6:1d:93:54:0f:e0:c0:
         58:ce:94:da:dd:3c:53:ab:36:5e:6f:fc:21:7a:9c:d4:cc:46:
         f1:f8:0d:40:ca:cb:54:d2:1a:42:3b:9e:30:b4:4f:3b:a8:7c:
         fa:df:24:76:50:03:4c:2d:b0:14:6c:e8:39:aa:08:5a:2f:83:
         df:cd:87:ab:cf:e9:41:d7:15:9e:d6:c3:18:be:b1:84:6a:1a:
         1c:6c:08:53:ae:b9:c9:fc:2d:c7:27:df:72:61:8a:f9:c4:59:
         44:a5:3d:71:2c:51:5f:0e:a5:61:a9:f2:2e:23:ca:0a:ce:36:
         9f:fb:6d:d8:e1:53:b3:0b:78:23:ea:98:75:3f:d6:bc:6e:24:
         84:b8:f1:24:37:2a:a7:ea:6c:a1:00:66:bd:de:4d:12:e6:59:
         de:a8:8d:30:bf:ff:d3:15:fd:8d:b0:57:ab:a6:29:80:eb:7e:
         cf:1e:95:ef:ee:be:e0:0f:5a:17:20:03:b2:86:15:cc:5e:79:
         f5:49:8e:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjMwNjIwMTU1MzIzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDkxY2I3My05YmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA65tK38IYRNlYXHRm1KD4PSBjnflwp17nNaUUASRjqMDSnMNQnXpjb9m8W+zr
9PxfRry2OYXNGgNzTy7Fre1hlLv4FOUhKL+ueuLBJeqsQ90dPhkuYUD0pweLIR88
jk8KIqxbMeTZwDyIO8KTTzqpfiTjUA4tvIVDIk+Hd0wlIMZqNcypG95JSaX81xKD
HnT79IfDIkWwKQIJwCk5OCKQK7l9V81Z/F0iUC1lcUavalFqPd6WYu5X5QRXkpYw
3r+ld/VcX3IM1U/ETCYrkY8ZMoP5W6wSxpcBA94oRlQGvBFwj5+EPgSub1430lKa
mrGH4vUxG7ExXCkA9tyi2wEl+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBLfl1XG
zc+jjiy+YzyW4b/gWLExMB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvOTVFNTZBMTYw
RjgyMTFFRTlDMjgyMjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACWazIwDQYJKoZIhvcNAQELBQADggEBAGKxJL+ledG7hMok
vUsgAz57gO43SQ3o745xNcVkc8k1Y3HNjZYVlDRepaUiEMm4obpDlmw35yhwMgHs
xdd757Mx9h2TVA/gwFjOlNrdPFOrNl5v/CF6nNTMRvH4DUDKy1TSGkI7njC0Tzuo
fPrfJHZQA0wtsBRs6DmqCFovg9/Nh6vP6UHXFZ7Wwxi+sYRqGhxsCFOuucn8Lccn
33JhivnEWUSlPXEsUV8OpWGp8i4jygrONp/7bdjhU7MLeCPqmHU/1rxuJIS48SQ3
KqfqbKEAZr3eTRLmWd6ojTC//9MV/Y2wV6umKYDrfs8ele/uvuAPWhcgA7KGFcxe
efVJjio=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org