Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/461566969E5011EEB0FF232AC4F9AE02.roa
File:                     461566969E5011EEB0FF232AC4F9AE02.roa (raw, json)
Hash identifier:          LFUGSqleHzDZcAKUSikdUVnluCmDpXaBLzfIv63/O6c=
Subject key identifier:   F4:92:61:B3:80:A8:0E:BE:E8:71:70:9D:14:6C:6D:73:20:4F:3F:7C
Certificate issuer:       /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial:       32D5
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/461566969E5011EEB0FF232AC4F9AE02.roa
Signing time:             Tue 19 Dec 2023 09:23:31 +0000
ROA not before:           Tue 19 Dec 2023 09:23:31 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     5650
IP address blocks:        122.8.16.0/22 maxlen: 22
                          122.8.20.0/22 maxlen: 22
                          122.8.32.0/22 maxlen: 22
                          122.8.112.0/22 maxlen: 22
                          122.8.116.0/22 maxlen: 22
                          122.8.121.0/24 maxlen: 24
                          122.8.123.0/24 maxlen: 24
                          122.8.124.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13013 (0x32d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
        Validity
            Not Before: Dec 19 09:23:31 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=65816112-fc8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:52:b8:2e:a4:fa:87:63:00:73:75:ed:48:50:
                    b0:fb:5f:20:27:b6:e6:f0:dc:80:f5:a9:18:99:1e:
                    d2:0e:0c:d6:13:20:d5:a0:a2:35:32:89:23:42:10:
                    43:2d:26:f5:b1:91:b7:9d:4e:4b:b9:51:48:13:45:
                    46:8b:79:ec:02:ba:db:fe:1c:96:20:04:0c:24:34:
                    c8:7c:14:74:6d:5d:7c:af:29:8e:fb:47:c3:b1:3f:
                    7e:c3:01:84:23:53:fb:41:03:34:b7:60:b9:82:4d:
                    a1:4a:9e:44:f0:ed:c9:c6:aa:03:b9:7a:70:e7:15:
                    66:cf:17:86:e9:5c:d7:81:00:25:82:1f:c6:80:8a:
                    91:18:82:2c:5d:2f:66:ec:8d:a4:e4:56:c1:80:8c:
                    b2:16:5a:f0:12:43:19:db:76:08:49:fe:9c:c6:54:
                    d3:06:6b:07:a9:29:35:8b:de:50:e3:3b:38:ba:a1:
                    86:19:36:66:ec:1c:07:e1:86:6e:29:bf:d2:37:2b:
                    1a:a3:10:82:05:ab:2e:f7:49:18:51:d8:b5:03:9c:
                    16:6b:db:d4:92:79:8c:cf:0e:14:d7:34:29:30:45:
                    9b:2e:40:b7:45:d2:8e:ed:f1:cd:9d:41:c1:da:e5:
                    29:47:d2:e9:c7:c8:98:82:6b:8b:7c:22:96:17:ab:
                    d4:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:92:61:B3:80:A8:0E:BE:E8:71:70:9D:14:6C:6D:73:20:4F:3F:7C
            X509v3 Authority Key Identifier:
                keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/461566969E5011EEB0FF232AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.8.16.0/21
                  122.8.32.0/22
                  122.8.112.0/21
                  122.8.121.0/24
                  122.8.123.0-122.8.127.255

    Signature Algorithm: sha256WithRSAEncryption
         10:f1:5b:45:50:7c:b5:1d:d0:65:e3:8b:94:b6:fe:5e:6d:c2:
         ed:70:03:b7:c8:83:b2:9c:75:5e:b2:7a:69:f7:cf:b0:d2:a6:
         61:58:06:33:4f:96:7f:3a:fe:c2:2f:3e:47:2c:1c:40:3d:00:
         e3:52:fe:f0:15:a3:12:11:50:1c:1d:2b:e0:ad:a8:52:56:36:
         ca:cd:71:ed:35:ea:24:9f:45:f4:ee:ee:07:1c:da:7e:6b:96:
         a8:1e:3e:be:7b:bb:db:26:64:31:26:bb:a1:f5:4a:f0:69:c0:
         0d:00:6a:c9:68:e8:1f:98:8d:bc:db:0a:f4:74:f5:9a:cf:41:
         87:0a:cb:c4:f6:00:2f:b6:5f:b7:49:43:2b:54:8c:9f:20:ab:
         a1:c2:27:44:0c:87:2e:93:f4:e2:16:1c:c8:4e:93:94:94:da:
         26:1e:e5:42:5d:88:2f:b7:a4:1e:7c:36:b1:b5:26:ae:79:1a:
         17:e2:2b:20:fa:68:f2:5a:4a:86:1c:82:8e:8f:f4:82:49:a4:
         b9:65:40:23:33:87:8f:6c:ae:8e:db:fe:47:64:fa:d3:15:24:
         fd:23:49:54:cb:ab:dd:9c:fd:5c:f8:4f:1f:cf:34:e8:fa:96:
         a1:f0:f0:29:b4:a9:1e:a9:55:51:98:7c:91:22:41:27:81:ce:
         c9:c5:13:a7
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICMtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMxMjE5MDkyMzMxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxNjExMi1mYzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt1K4LqT6h2MAc3XtSFCw+18gJ7bm8NyA9akYmR7SDgzWEyDVoKI1MokjQhBD
LSb1sZG3nU5LuVFIE0VGi3nsArrb/hyWIAQMJDTIfBR0bV18rymO+0fDsT9+wwGE
I1P7QQM0t2C5gk2hSp5E8O3JxqoDuXpw5xVmzxeG6VzXgQAlgh/GgIqRGIIsXS9m
7I2k5FbBgIyyFlrwEkMZ23YISf6cxlTTBmsHqSk1i95Q4zs4uqGGGTZm7BwH4YZu
Kb/SNysaoxCCBasu90kYUdi1A5wWa9vUknmMzw4U1zQpMEWbLkC3RdKO7fHNnUHB
2uUpR9Lpx8iYgmuLfCKWF6vUrwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFPSSYbOA
qA6+6HFwnRRsbXMgTz98MB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvNDYxNTY2OTY5
RTUwMTFFRUIwRkYyMzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAN6CBADBAJ6CCADBAN6CHADBAB6CHkwDAMEAHoIewMEB3oI
ADANBgkqhkiG9w0BAQsFAAOCAQEAEPFbRVB8tR3QZeOLlLb+Xm3C7XADt8iDspx1
XrJ6affPsNKmYVgGM0+Wfzr+wi8+RywcQD0A41L+8BWjEhFQHB0r4K2oUlY2ys1x
7TXqJJ9F9O7uBxzafmuWqB4+vnu72yZkMSa7ofVK8GnADQBqyWjoH5iNvNsK9HT1
ms9BhwrLxPYAL7Zft0lDK1SMnyCrocInRAyHLpP04hYcyE6TlJTaJh7lQl2IL7ek
Hnw2sbUmrnkaF+IrIPpo8lpKhhyCjo/0gkmkuWVAIzOHj2yujtv+R2T60xUk/SNJ
VMur3Zz9XPhPH8806PqWofDwKbSpHqlVUZh8kSJBJ4HOycUTpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org