Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/BF200690254C11EEBE5B5115C4F9AE02.roa
File:                     BF200690254C11EEBE5B5115C4F9AE02.roa (raw, json)
Hash identifier:          amBhW+MvGD4A0oDLjpysb9l6jZncrSSQ/jEMyKDh8dE=
Subject key identifier:   77:48:46:62:E4:C7:EA:4C:0D:81:F1:AC:EF:EA:1C:11:6C:EB:AC:08
Certificate issuer:       /CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
Certificate serial:       3299
Authority key identifier: BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/BF200690254C11EEBE5B5115C4F9AE02.roa
Signing time:             Thu 28 Sep 2023 15:57:57 +0000
ROA not before:           Thu 28 Sep 2023 15:57:57 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        122.8.24.0/22 maxlen: 22
                          122.8.56.0/22 maxlen: 22
                          122.8.72.0/22 maxlen: 22
                          122.8.92.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12953 (0x3299)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915370F/serialNumber=BB5B8156B037E5D22263EAC7F6A11C052FDF633F
        Validity
            Not Before: Sep 28 15:57:57 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=6515a285-56a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a5:9d:d3:76:0f:ae:15:a8:eb:1c:c0:9b:b7:
                    3e:cd:ce:d8:ac:36:87:14:82:9c:e4:24:1e:ca:46:
                    e2:85:d6:1b:bd:fe:49:89:b5:2c:f9:2f:52:83:8a:
                    b4:dc:ec:a9:9d:25:72:4a:de:1c:c7:aa:7f:57:f1:
                    13:d6:1b:e6:aa:72:6d:b6:d2:2f:ad:62:6f:8d:b9:
                    46:72:db:4e:fe:40:f4:6e:c4:9a:e3:cd:33:9e:28:
                    b6:40:dc:2d:6b:a8:69:e2:42:3d:9a:08:9c:31:3e:
                    c9:fe:2c:f6:a1:80:bf:41:c0:78:27:89:28:ba:63:
                    53:5c:52:ec:66:16:49:64:a2:45:de:40:f1:19:69:
                    ca:91:a0:95:44:07:ac:26:c4:b6:e2:8b:80:b9:68:
                    fe:7b:ef:9c:00:b6:a3:6d:6d:3d:11:6f:0c:a8:b4:
                    b9:49:d6:db:24:cd:53:e2:54:9e:29:cf:b0:61:da:
                    c8:58:8e:42:0f:cd:2b:f3:71:71:39:ac:25:2b:93:
                    e5:dd:81:9d:75:17:5b:92:d8:55:80:c2:29:c8:64:
                    b1:e7:bd:90:80:44:5d:b7:61:b9:ad:cc:52:77:45:
                    62:f1:db:00:f5:b9:48:33:2f:1d:b3:61:96:e4:05:
                    f7:85:a0:2d:9a:58:5c:10:51:f6:f2:b7:f5:14:57:
                    d7:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:48:46:62:E4:C7:EA:4C:0D:81:F1:AC:EF:EA:1C:11:6C:EB:AC:08
            X509v3 Authority Key Identifier:
                keyid:BB:5B:81:56:B0:37:E5:D2:22:63:EA:C7:F6:A1:1C:05:2F:DF:63:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/u1uBVrA35dIiY-rH9qEcBS_fYz8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1uBVrA35dIiY-rH9qEcBS_fYz8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915370F/7346E8A2604911E2A307578D2979BB20/BF200690254C11EEBE5B5115C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.8.24.0/22
                  122.8.56.0/22
                  122.8.72.0/22
                  122.8.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c9:e6:c5:2f:11:cc:3d:ce:d8:47:d6:30:02:7a:98:a2:11:66:
         1b:b1:5a:49:a2:58:20:33:33:c3:89:9b:99:c2:91:8c:1c:8d:
         ff:6f:72:35:aa:30:c6:fd:34:a6:b1:a9:ab:f6:24:51:ac:d0:
         f9:c7:aa:e3:34:6f:e8:7b:c2:64:5f:6e:af:a6:fb:84:c0:02:
         51:36:76:36:52:29:9d:39:fc:4e:9e:44:03:96:34:20:d7:c3:
         9f:17:80:ad:8a:04:cd:15:fe:01:cf:d7:ed:d0:84:f9:e5:bb:
         4d:84:e3:55:67:1e:7e:d0:22:da:fc:06:dd:0d:ef:c3:ab:38:
         25:e2:0d:67:4c:b9:7a:7d:21:f2:4d:74:c5:82:0d:b8:67:b5:
         2a:73:89:eb:ec:7e:09:45:40:d9:e3:81:3a:cd:0a:ae:f3:d3:
         20:4b:78:a3:0e:64:30:16:d0:67:53:d7:f3:1c:ec:95:6e:0c:
         e9:e9:7e:a9:3c:73:8f:c2:79:04:5c:e1:f8:b8:e0:e8:de:b1:
         00:38:bc:b3:27:48:9c:2c:23:6f:0a:1a:62:5f:91:75:83:95:
         c0:91:c2:7a:4c:d2:14:50:19:7d:a7:19:47:80:ea:f4:e9:04:
         4d:03:56:88:69:55:94:dd:cf:b8:5c:19:5b:4b:aa:36:c5:5f:
         e9:ce:a7:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM3MEYxMTAvBgNVBAUTKEJCNUI4MTU2QjAzN0U1RDIyMjYzRUFDN0Y2QTExQzA1
MkZERjYzM0YwHhcNMjMwOTI4MTU1NzU3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YTI4NS01NmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4aWd03YPrhWo6xzAm7c+zc7YrDaHFIKc5CQeykbihdYbvf5JibUs+S9Sg4q0
3OypnSVySt4cx6p/V/ET1hvmqnJtttIvrWJvjblGcttO/kD0bsSa480znii2QNwt
a6hp4kI9mgicMT7J/iz2oYC/QcB4J4koumNTXFLsZhZJZKJF3kDxGWnKkaCVRAes
JsS24ouAuWj+e++cALajbW09EW8MqLS5SdbbJM1T4lSeKc+wYdrIWI5CD80r83Fx
OawlK5Pl3YGddRdbkthVgMIpyGSx572QgERdt2G5rcxSd0Vi8dsA9blIMy8ds2GW
5AX3haAtmlhcEFH28rf1FFfXZwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHdIRmLk
x+pMDYHxrO/qHBFs66wIMB8GA1UdIwQYMBaAFLtbgVawN+XSImPqx/ahHAUv32M/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzcwRi83MzQ2RThBMjYw
NDkxMUUyQTMwNzU3OEQyOTc5QkIyMC91MXVCVnJBMzVkSWlZLXJIOXFFY0JTX2ZZ
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UxdUJWckEzNWRJaVktckg5cUVjQlNfZll6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM3MEYvNzM0NkU4QTI2MDQ5MTFFMkEzMDc1NzhEMjk3OUJCMjAvQkYyMDA2OTAy
NTRDMTFFRUJFNUI1MTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJ6CBgDBAJ6CDgDBAJ6CEgDBAJ6CFwwDQYJKoZIhvcNAQEL
BQADggEBAMnmxS8RzD3O2EfWMAJ6mKIRZhuxWkmiWCAzM8OJm5nCkYwcjf9vcjWq
MMb9NKaxqav2JFGs0PnHquM0b+h7wmRfbq+m+4TAAlE2djZSKZ05/E6eRAOWNCDX
w58XgK2KBM0V/gHP1+3QhPnlu02E41VnHn7QItr8Bt0N78OrOCXiDWdMuXp9IfJN
dMWCDbhntSpzievsfglFQNnjgTrNCq7z0yBLeKMOZDAW0GdT1/Mc7JVuDOnpfqk8
c4/CeQRc4fi44OjesQA4vLMnSJwsI28KGmJfkXWDlcCRwnpM0hRQGX2nGUeA6vTp
BE0DVohpVZTdz7hcGVtLqjbFX+nOp2A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org