Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/3075D1DCD34911EC8796812AC4F9AE02.roa
File:                     3075D1DCD34911EC8796812AC4F9AE02.roa (raw, json)
Hash identifier:          +G+vNAwX6UNU/h9qHI5//bp1aGT89+OH7eCzTMP3/Lc=
Subject key identifier:   6A:49:B1:B9:6A:0E:C5:7C:6D:6A:A1:A7:1C:EE:A2:F3:B0:2D:C5:CF
Certificate issuer:       /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial:       0500
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/3075D1DCD34911EC8796812AC4F9AE02.roa
Signing time:             Tue 10 Jan 2023 19:56:17 +0000
ROA not before:           Tue 10 Jan 2023 19:56:17 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     149772
IP address blocks:        223.29.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1280 (0x500)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
        Validity
            Not Before: Jan 10 19:56:17 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=63bdc2e1-2099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:75:d6:52:09:a6:90:cb:6c:c7:4c:c3:46:3f:
                    f6:e6:5c:c0:7e:f4:27:1e:d7:06:1b:6d:b7:04:a9:
                    1f:4f:f8:46:41:c1:46:2f:0b:4f:6e:e2:bc:a0:6e:
                    a7:3d:36:7d:10:81:1e:d4:d1:f0:7b:e3:3b:89:45:
                    7f:51:30:82:e7:2f:51:4d:ac:0b:c1:70:bd:13:87:
                    03:2a:26:67:a0:4b:d8:a4:47:b5:b0:bd:f4:2c:2c:
                    45:87:85:ea:d7:85:dd:29:79:9a:1a:a2:e3:27:01:
                    80:60:cb:4e:53:12:21:06:70:95:48:a6:15:06:d3:
                    f8:40:92:b6:f8:5b:9e:f9:8c:b7:4e:43:71:96:ae:
                    6f:ef:66:13:54:c4:df:9b:87:87:6e:78:6b:6f:a2:
                    0e:b6:dc:d6:70:30:a1:37:32:eb:c2:d9:c3:97:e3:
                    3d:a9:b6:1e:26:08:36:a0:c7:e0:7d:b2:46:68:ae:
                    b1:ba:25:d2:30:94:58:83:f9:f8:ce:1b:29:fd:5b:
                    d1:4c:69:5d:a0:b9:51:b8:68:12:d0:c5:3f:1e:63:
                    29:76:af:c6:8f:fb:f9:10:df:9c:7f:24:4f:6e:77:
                    f2:59:25:6c:ca:88:ec:e5:39:e7:ca:33:cb:74:94:
                    91:5d:74:0b:22:35:49:02:5a:f7:ff:59:99:05:5f:
                    6e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:49:B1:B9:6A:0E:C5:7C:6D:6A:A1:A7:1C:EE:A2:F3:B0:2D:C5:CF
            X509v3 Authority Key Identifier:
                keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/3075D1DCD34911EC8796812AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.29.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:ee:fb:3a:60:46:6f:22:d4:87:70:36:93:10:45:1a:a6:f4:
         02:da:01:70:ef:a1:de:4d:55:09:4d:5c:4a:16:d5:63:7c:4e:
         40:da:c9:e5:2d:93:4d:6d:bc:52:e0:f2:12:54:73:1e:97:97:
         6e:d7:75:ef:4a:5d:af:ec:19:49:61:7d:80:6d:ce:68:fd:be:
         10:ab:37:23:dd:c3:75:6b:e2:39:3b:60:3a:d3:02:00:89:25:
         73:3c:0a:4d:ff:9d:7c:9f:55:b3:90:4f:9e:ae:5b:af:42:15:
         36:d1:6e:30:86:27:88:1c:af:4f:2a:62:a2:85:1f:f3:9a:e5:
         fe:ab:71:c2:9d:20:f4:10:b5:7f:bb:19:33:89:08:da:eb:03:
         5d:66:d6:22:78:9c:8b:3c:3c:72:65:fc:4f:68:77:88:f2:b9:
         cc:d8:c4:72:a0:f9:e2:ee:72:47:3a:d6:2b:54:74:41:29:dd:
         87:d7:3d:55:47:13:7c:ed:9f:9a:bd:f3:b3:c5:6e:ad:46:ab:
         f1:da:d7:a5:b2:95:a1:3e:0b:90:02:b8:f3:f3:9a:57:2b:99:
         6c:98:81:ca:2b:b1:dd:b2:4f:f7:df:88:7d:2c:6d:24:b3:c7:
         df:9c:ed:fc:35:f0:ed:49:bb:9a:66:f3:92:78:54:b0:22:74:
         fd:8e:04:6e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjMwMTEwMTk1NjE3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JkYzJlMS0yMDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwXXWUgmmkMtsx0zDRj/25lzAfvQnHtcGG223BKkfT/hGQcFGLwtPbuK8oG6n
PTZ9EIEe1NHwe+M7iUV/UTCC5y9RTawLwXC9E4cDKiZnoEvYpEe1sL30LCxFh4Xq
14XdKXmaGqLjJwGAYMtOUxIhBnCVSKYVBtP4QJK2+Fue+Yy3TkNxlq5v72YTVMTf
m4eHbnhrb6IOttzWcDChNzLrwtnDl+M9qbYeJgg2oMfgfbJGaK6xuiXSMJRYg/n4
zhsp/VvRTGldoLlRuGgS0MU/HmMpdq/Gj/v5EN+cfyRPbnfyWSVsyojs5TnnyjPL
dJSRXXQLIjVJAlr3/1mZBV9utwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGpJsblq
DsV8bWqhpxzuovOwLcXPMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvMzA3NUQxRENE
MzQ5MTFFQzg3OTY4MTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADfHdUwDQYJKoZIhvcNAQELBQADggEBAK7u+zpgRm8i1Idw
NpMQRRqm9ALaAXDvod5NVQlNXEoW1WN8TkDayeUtk01tvFLg8hJUcx6Xl27Xde9K
Xa/sGUlhfYBtzmj9vhCrNyPdw3Vr4jk7YDrTAgCJJXM8Ck3/nXyfVbOQT56uW69C
FTbRbjCGJ4gcr08qYqKFH/Oa5f6rccKdIPQQtX+7GTOJCNrrA11m1iJ4nIs8PHJl
/E9od4jyuczYxHKg+eLuckc61itUdEEp3YfXPVVHE3ztn5q987PFbq1Gq/Ha16Wy
laE+C5ACuPPzmlcrmWyYgcorsd2yT/ffiH0sbSSzx9+c7fw18O1Ju5pm85J4VLAi
dP2OBG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org