Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CCEB4082ED4411ECA329BA62C4F9AE02.roa
File:                     CCEB4082ED4411ECA329BA62C4F9AE02.roa (raw, json)
Hash identifier:          OEHHJ8sNV0AQjiRcpA4ILZ8yuw/HypzxVD09/9LyI5s=
Subject key identifier:   57:34:B7:AB:EE:7A:5D:3B:33:A4:2E:B8:58:2B:30:71:8F:59:17:F8
Certificate issuer:       /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial:       3262
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CCEB4082ED4411ECA329BA62C4F9AE02.roa
Signing time:             Thu 16 Jun 2022 07:20:29 +0000
ROA not before:           Thu 16 Jun 2022 07:20:29 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     7029
IP address blocks:        175.29.112.0/21 maxlen: 24
                          175.29.128.0/21 maxlen: 24
                          175.29.200.0/21 maxlen: 24
                          203.76.152.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12898 (0x3262)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Validity
            Not Before: Jun 16 07:20:29 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=62aad9bd-a9ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:47:b9:79:e7:1a:de:39:eb:3f:64:5b:3b:90:
                    95:82:58:ba:4c:2a:4f:04:27:a7:84:66:21:db:eb:
                    f3:a3:c6:40:0f:cb:6c:59:72:26:02:13:c9:66:c2:
                    cc:c0:be:14:95:31:01:ec:39:31:3a:90:ca:9c:63:
                    c4:80:ee:e4:e7:7a:44:94:02:a3:ba:f6:99:d5:e4:
                    90:60:02:77:6c:8d:e6:b8:2a:eb:28:63:d3:6e:23:
                    cf:23:3e:88:72:bd:b2:f5:e4:0e:ef:e0:30:e3:2a:
                    75:ed:0b:ce:6c:ab:01:47:d2:94:68:bf:16:d6:00:
                    22:34:1a:40:13:71:b5:e2:0a:86:69:a2:21:ae:17:
                    ba:2a:98:7b:32:3c:f4:1b:f5:6f:12:9d:db:50:7a:
                    55:e1:a8:d3:03:2f:06:91:ec:76:a3:5c:ca:b6:92:
                    34:2d:8b:74:15:72:13:64:ee:f0:70:9d:76:37:48:
                    5c:bb:b0:5c:f4:f4:fd:03:c1:ce:83:5c:6c:04:44:
                    77:32:69:cb:f2:e1:c3:29:01:36:e7:b2:5c:49:c7:
                    99:e5:ef:1b:93:67:47:92:67:7c:4b:21:7a:e1:80:
                    21:3f:52:31:6d:6e:30:26:36:be:28:db:6b:f2:18:
                    4f:6a:a6:34:e3:c8:63:18:3f:bb:ed:60:e4:d9:c3:
                    42:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:34:B7:AB:EE:7A:5D:3B:33:A4:2E:B8:58:2B:30:71:8F:59:17:F8
            X509v3 Authority Key Identifier:
                keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CCEB4082ED4411ECA329BA62C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.112.0/21
                  175.29.128.0/21
                  175.29.200.0/21
                  203.76.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1e:55:bf:59:7d:65:03:f3:8d:09:1c:8d:75:8e:a8:9f:28:bb:
         0f:40:c9:5f:79:90:82:3e:71:e6:45:83:5f:0d:02:40:75:da:
         2c:ab:a4:7a:dc:39:42:63:db:42:04:3a:36:e7:03:fb:71:67:
         67:e1:d2:99:ac:37:0e:04:89:4a:b5:1c:9e:34:7a:68:ed:0a:
         b6:a1:c1:6e:61:dd:33:3e:ad:89:e4:93:c2:16:66:8f:61:a7:
         0a:49:65:43:56:0a:b2:0a:80:b6:3a:d3:05:f8:04:0d:1a:3c:
         dc:d7:19:50:a0:70:6c:74:24:c1:48:5f:5a:d1:76:02:9d:31:
         9b:b5:3f:9d:42:7a:23:62:16:7b:6f:41:5e:91:fb:89:98:9e:
         d3:7c:66:21:ac:29:fc:88:e1:7c:30:db:96:23:f7:ba:f9:3a:
         7b:6c:4f:e7:2f:e7:af:7a:23:e8:f8:86:7e:5c:05:46:33:06:
         05:87:f6:50:8b:e3:26:9c:ef:fb:d0:6f:14:8d:99:aa:dc:61:
         8a:5c:a7:33:ad:80:d3:00:02:66:98:cc:e8:08:a1:20:1a:b3:
         a8:2c:ec:a5:81:ee:35:49:28:0f:9b:e8:5a:94:4e:22:1e:4f:
         39:df:64:f4:99:29:85:44:16:73:86:d4:1f:82:fd:b7:7a:3d:
         19:25:f6:46
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNjE2MDcyMDI5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmFhZDliZC1hOWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzke5eeca3jnrP2RbO5CVgli6TCpPBCenhGYh2+vzo8ZAD8tsWXImAhPJZsLM
wL4UlTEB7DkxOpDKnGPEgO7k53pElAKjuvaZ1eSQYAJ3bI3muCrrKGPTbiPPIz6I
cr2y9eQO7+Aw4yp17QvObKsBR9KUaL8W1gAiNBpAE3G14gqGaaIhrhe6Kph7Mjz0
G/VvEp3bUHpV4ajTAy8Gkex2o1zKtpI0LYt0FXITZO7wcJ12N0hcu7Bc9PT9A8HO
g1xsBER3MmnL8uHDKQE257JcSceZ5e8bk2dHkmd8SyF64YAhP1IxbW4wJja+KNtr
8hhPaqY048hjGD+77WDk2cNCpQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFc0t6vu
el07M6QuuFgrMHGPWRf4MB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQ0NFQjQwODJF
RDQ0MTFFQ0EzMjlCQTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAOvHXADBAOvHYADBAOvHcgDBAPLTJgwDQYJKoZIhvcNAQEL
BQADggEBAB5Vv1l9ZQPzjQkcjXWOqJ8ouw9AyV95kII+ceZFg18NAkB12iyrpHrc
OUJj20IEOjbnA/txZ2fh0pmsNw4EiUq1HJ40emjtCrahwW5h3TM+rYnkk8IWZo9h
pwpJZUNWCrIKgLY60wX4BA0aPNzXGVCgcGx0JMFIX1rRdgKdMZu1P51CeiNiFntv
QV6R+4mYntN8ZiGsKfyI4Xww25Yj97r5OntsT+cv5696I+j4hn5cBUYzBgWH9lCL
4yac7/vQbxSNmarcYYpcpzOtgNMAAmaYzOgIoSAas6gs7KWB7jVJKA+b6FqUTiIe
TznfZPSZKYVEFnOG1B+C/bd6PRkl9kY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org