Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/30B7B90AB45011EEA20D071CC4F9AE02.roa
File:                     30B7B90AB45011EEA20D071CC4F9AE02.roa (raw, json)
Hash identifier:          7v27xyJoz73PSQSO7Bin8dk8f0SByCkPCxverO01ax8=
Subject key identifier:   BA:38:CE:18:D9:66:C0:F4:AB:1B:0F:66:74:76:1F:C4:E8:56:E8:E0
Certificate issuer:       /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial:       32ED
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/30B7B90AB45011EEA20D071CC4F9AE02.roa
Signing time:             Tue 16 Jan 2024 09:18:20 +0000
ROA not before:           Tue 16 Jan 2024 09:18:20 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     21700
IP address blocks:        122.8.16.0/22 maxlen: 22
                          122.8.28.0/22 maxlen: 22
                          122.8.40.0/22 maxlen: 22
                          122.8.92.0/22 maxlen: 22
                          122.8.96.0/22 maxlen: 22
                          122.8.108.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13037 (0x32ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
        Validity
            Not Before: Jan 16 09:18:20 2024 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=65a649dc-914c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:54:ce:db:43:0e:06:1c:38:27:b6:ef:2c:3e:
                    95:3d:69:0e:db:cf:8d:28:58:e1:c6:c2:72:b5:b8:
                    fd:0a:94:4b:71:0e:a8:84:02:6e:91:78:62:72:e2:
                    9d:fb:8f:20:e8:cd:81:71:91:20:de:7f:26:a8:ed:
                    cb:59:d8:44:d4:dd:58:b2:1e:b7:3a:96:1f:3e:61:
                    80:73:c1:1d:c8:99:88:28:eb:5b:be:be:c9:4f:36:
                    aa:dc:ee:4e:a6:1b:3d:a3:00:95:a9:46:19:b3:d0:
                    cb:d9:fc:14:c1:25:49:dc:d1:fb:b6:14:c8:75:79:
                    2a:4b:9a:97:aa:59:f9:a4:a8:06:12:6b:40:07:e8:
                    af:ba:21:97:fc:21:85:ff:ef:7a:9d:76:6a:31:52:
                    8b:85:d1:18:b7:14:54:63:dc:92:8b:3f:6a:c7:e0:
                    3e:df:9d:1c:d6:26:37:6a:98:ba:56:45:2a:b9:00:
                    14:63:ce:d1:98:b9:44:d3:c7:e5:ec:56:da:2e:1b:
                    9d:36:b8:3a:38:44:b9:0f:bc:6f:43:8e:4d:cb:d0:
                    1b:1a:a5:1e:27:39:1f:11:82:14:ac:49:cf:74:e2:
                    04:c3:fb:d2:dc:52:37:0d:ee:a1:81:e6:2c:02:52:
                    fb:a1:c9:ed:53:99:34:fd:03:40:01:40:a3:4e:38:
                    53:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:38:CE:18:D9:66:C0:F4:AB:1B:0F:66:74:76:1F:C4:E8:56:E8:E0
            X509v3 Authority Key Identifier:
                keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/30B7B90AB45011EEA20D071CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.8.16.0/22
                  122.8.28.0/22
                  122.8.40.0/22
                  122.8.92.0-122.8.99.255
                  122.8.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         af:a0:78:c4:d8:40:91:95:83:03:ad:30:0c:a0:65:99:0c:4f:
         c5:1d:6d:43:22:ba:c1:0c:87:f6:58:d3:5b:e2:67:07:f9:ce:
         31:ab:8c:62:37:2f:2c:94:12:14:52:cd:50:b5:4a:b2:b3:ea:
         09:84:51:6d:36:d1:76:1d:9a:c2:4d:f1:37:59:42:f5:a2:ce:
         fe:83:26:bf:2e:09:16:9f:f9:05:25:fc:bc:6f:fc:e7:67:46:
         2e:cd:c0:fa:af:09:1e:84:f1:78:2d:06:c8:49:4b:7a:a0:38:
         72:b0:30:e0:b7:f5:e7:bf:67:87:97:08:c7:31:28:f7:83:17:
         bc:d0:ad:88:1e:15:7d:c3:89:73:c7:25:9d:2e:25:22:64:3b:
         16:df:9a:27:03:52:3d:09:27:0f:8a:e9:c1:fc:19:b8:38:9e:
         f7:6a:2e:b2:47:fd:90:f5:c0:2d:bb:09:16:4a:f8:7d:24:7a:
         9e:3f:e6:1f:d6:c0:f8:14:11:17:f1:8f:5c:d3:80:43:db:d9:
         fe:c8:a2:09:95:f1:39:49:07:44:58:88:45:58:d4:59:7a:8c:
         2d:b0:d5:35:a2:bf:32:3d:0d:f0:c9:93:f6:7f:db:0b:ae:33:
         a8:03:f4:3c:28:94:9e:40:f6:68:ed:a7:e1:b7:91:f6:26:27:
         c5:4d:5d:c2
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICMu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjQwMTE2MDkxODIwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE2NDlkYy05MTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAulTO20MOBhw4J7bvLD6VPWkO28+NKFjhxsJytbj9CpRLcQ6ohAJukXhicuKd
+48g6M2BcZEg3n8mqO3LWdhE1N1Ysh63OpYfPmGAc8EdyJmIKOtbvr7JTzaq3O5O
phs9owCVqUYZs9DL2fwUwSVJ3NH7thTIdXkqS5qXqln5pKgGEmtAB+ivuiGX/CGF
/+96nXZqMVKLhdEYtxRUY9ySiz9qx+A+350c1iY3api6VkUquQAUY87RmLlE08fl
7FbaLhudNrg6OES5D7xvQ45Ny9AbGqUeJzkfEYIUrEnPdOIEw/vS3FI3De6hgeYs
AlL7ocntU5k0/QNAAUCjTjhTKwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLo4zhjZ
ZsD0qxsPZnR2H8ToVujgMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvMzBCN0I5MEFC
NDUwMTFFRUEyMEQwNzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAJ6CBADBAJ6CBwDBAJ6CCgwDAMEAnoIXAMEAnoIYAMEAnoI
bDANBgkqhkiG9w0BAQsFAAOCAQEAr6B4xNhAkZWDA60wDKBlmQxPxR1tQyK6wQyH
9ljTW+JnB/nOMauMYjcvLJQSFFLNULVKsrPqCYRRbTbRdh2awk3xN1lC9aLO/oMm
vy4JFp/5BSX8vG/852dGLs3A+q8JHoTxeC0GyElLeqA4crAw4Lf1579nh5cIxzEo
94MXvNCtiB4VfcOJc8clnS4lImQ7Ft+aJwNSPQknD4rpwfwZuDie92ouskf9kPXA
LbsJFkr4fSR6nj/mH9bA+BQRF/GPXNOAQ9vZ/siiCZXxOUkHRFiIRVjUWXqMLbDV
NaK/Mj0N8MmT9n/bC64zqAP0PCiUnkD2aO2n4beR9iYnxU1dwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org