Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDCF/F4FDF5EE8D4111E981516A32C4F9AE02/B46094CE0ECD11EBA0F5FE38C4F9AE02.roa
File:                     B46094CE0ECD11EBA0F5FE38C4F9AE02.roa (raw, json)
Hash identifier:          YHAz18VjWEzk7w2GmD6HzBUkgx6RQDVmuAPk8FhO6sA=
Subject key identifier:   E7:B1:78:73:09:ED:35:F2:C8:C4:A7:13:A1:E1:94:2A:6F:2E:B3:7B
Certificate issuer:       /CN=A915FDCF/serialNumber=A78902F4F0D824B40F496D5DFC3E9F0633B71299
Certificate serial:       0572
Authority key identifier: A7:89:02:F4:F0:D8:24:B4:0F:49:6D:5D:FC:3E:9F:06:33:B7:12:99
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p4kC9PDYJLQPSW1d_D6fBjO3Epk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915FDCF/F4FDF5EE8D4111E981516A32C4F9AE02/B46094CE0ECD11EBA0F5FE38C4F9AE02.roa
Signing time:             Tue 30 Aug 2022 19:15:30 +0000
ROA not before:           Tue 30 Aug 2022 19:15:30 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     139215
IP address blocks:        2404:f140::/32 maxlen: 32
                          2404:f140::/48 maxlen: 48
                          2404:f140:1::/48 maxlen: 48
                          2404:f140:2::/48 maxlen: 48
                          2404:f140:3::/48 maxlen: 48
                          2404:f140:4::/48 maxlen: 48
                          2404:f140:5::/48 maxlen: 48
                          2404:f140:6::/48 maxlen: 48
                          2404:f140:7::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1394 (0x572)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915FDCF/serialNumber=A78902F4F0D824B40F496D5DFC3E9F0633B71299
        Validity
            Not Before: Aug 30 19:15:30 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=630e61d2-e345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a0:03:1f:4b:58:e7:28:8f:f4:9c:06:31:f9:
                    f2:2e:d7:e0:61:c1:50:84:a4:6f:c2:a5:e5:30:71:
                    ef:90:d9:95:80:51:67:4f:32:be:f6:36:95:16:f5:
                    3c:e6:8a:45:16:fa:26:be:7a:a7:6c:b0:88:f3:a0:
                    3b:d2:08:93:b9:33:d4:b7:58:8c:47:a1:59:ea:76:
                    1c:be:a5:79:20:e3:14:df:c0:d5:4e:e8:07:cc:f0:
                    e7:ad:c9:a8:93:b2:ae:d3:ec:b3:62:87:bd:d9:9c:
                    c1:88:83:d1:f8:42:d3:09:1a:ba:9d:b8:6a:d1:1b:
                    79:ec:18:03:aa:da:ce:ba:30:54:59:48:7f:8c:8f:
                    5c:58:9b:30:87:96:40:0e:87:4c:63:c1:31:88:ea:
                    d2:4f:ea:01:26:ee:26:31:bd:6a:c8:00:18:17:73:
                    be:94:32:5e:3a:e8:37:21:fe:f1:cd:32:fd:8d:bd:
                    98:7e:69:b3:d2:76:e0:94:02:e2:3c:89:71:02:b1:
                    24:f3:39:77:01:a6:7f:c0:03:83:88:e0:1f:93:75:
                    71:1d:e5:5f:09:6c:bd:17:ca:3e:82:65:e9:a1:be:
                    1f:50:d5:f8:88:5c:b0:2c:c4:8a:2a:13:86:e7:74:
                    40:98:95:8f:48:59:d6:46:ca:e6:2e:68:fe:68:9b:
                    25:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:B1:78:73:09:ED:35:F2:C8:C4:A7:13:A1:E1:94:2A:6F:2E:B3:7B
            X509v3 Authority Key Identifier:
                keyid:A7:89:02:F4:F0:D8:24:B4:0F:49:6D:5D:FC:3E:9F:06:33:B7:12:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915FDCF/F4FDF5EE8D4111E981516A32C4F9AE02/p4kC9PDYJLQPSW1d_D6fBjO3Epk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p4kC9PDYJLQPSW1d_D6fBjO3Epk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDCF/F4FDF5EE8D4111E981516A32C4F9AE02/B46094CE0ECD11EBA0F5FE38C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f140::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:11:62:6b:e2:db:81:40:21:7f:77:01:1a:be:96:18:c1:0d:
         cc:82:72:14:e7:32:08:0b:e9:fe:97:5b:a1:70:c2:f4:f6:15:
         6a:72:ed:de:d0:73:28:6b:ed:92:98:27:96:6d:e4:6a:13:a3:
         a5:b0:c6:b9:e1:13:48:2a:06:cf:df:4b:9c:dc:e4:93:93:06:
         d9:4c:34:7f:c0:e1:7b:e9:42:b3:d0:6b:38:7a:1b:6f:a8:d0:
         73:04:92:87:83:f0:b1:fc:03:f2:01:cf:42:dc:f0:a0:09:ee:
         b8:45:66:4c:6c:de:70:6a:b3:8b:2b:a6:d7:21:c4:54:93:db:
         2f:d5:53:a8:33:e8:32:6d:c7:8b:3d:45:ad:9f:8a:b9:de:47:
         41:13:f3:7b:a9:be:4b:ae:69:9f:83:b1:44:bb:83:1e:c6:ea:
         7a:39:5c:85:36:4f:21:5b:99:ab:36:65:ad:15:3d:2c:1b:c9:
         8a:0c:5b:39:c4:58:32:01:db:32:d2:65:16:20:47:47:d0:42:
         77:24:e7:0e:0d:98:e9:4a:c7:4c:53:8a:d0:83:4c:e8:e0:21:
         ed:89:11:8b:58:79:58:02:93:55:ba:65:dc:6c:69:55:e1:9f:
         57:37:a3:a6:99:93:3d:ed:d4:2c:87:cd:cd:35:51:07:16:19:
         fc:0b:97:4e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUZEQ0YxMTAvBgNVBAUTKEE3ODkwMkY0RjBEODI0QjQwRjQ5NkQ1REZDM0U5RjA2
MzNCNzEyOTkwHhcNMjIwODMwMTkxNTMwWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBlNjFkMi1lMzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuqADH0tY5yiP9JwGMfnyLtfgYcFQhKRvwqXlMHHvkNmVgFFnTzK+9jaVFvU8
5opFFvomvnqnbLCI86A70giTuTPUt1iMR6FZ6nYcvqV5IOMU38DVTugHzPDnrcmo
k7Ku0+yzYoe92ZzBiIPR+ELTCRq6nbhq0Rt57BgDqtrOujBUWUh/jI9cWJswh5ZA
DodMY8ExiOrST+oBJu4mMb1qyAAYF3O+lDJeOug3If7xzTL9jb2Yfmmz0nbglALi
PIlxArEk8zl3AaZ/wAODiOAfk3VxHeVfCWy9F8o+gmXpob4fUNX4iFywLMSKKhOG
53RAmJWPSFnWRsrmLmj+aJslRQIDAQABo4ICljCCApIwHQYDVR0OBBYEFOexeHMJ
7TXyyMSnE6HhlCpvLrN7MB8GA1UdIwQYMBaAFKeJAvTw2CS0D0ltXfw+nwYztxKZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RkRDRi9GNEZERjVFRThE
NDExMUU5ODE1MTZBMzJDNEY5QUUwMi9wNGtDOVBEWUpMUVBTVzFkX0Q2ZkJqTzNF
cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3A0a0M5UERZSkxRUFNXMWRfRDZmQmpPM0Vway5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUZEQ0YvRjRGREY1RUU4RDQxMTFFOTgxNTE2QTMyQzRGOUFFMDIvQjQ2MDk0Q0Uw
RUNEMTFFQkEwRjVGRTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBPFAMA0GCSqGSIb3DQEBCwUAA4IBAQAMEWJr4tuBQCF/
dwEavpYYwQ3MgnIU5zIIC+n+l1uhcML09hVqcu3e0HMoa+2SmCeWbeRqE6OlsMa5
4RNIKgbP30uc3OSTkwbZTDR/wOF76UKz0Gs4ehtvqNBzBJKHg/Cx/APyAc9C3PCg
Ce64RWZMbN5warOLK6bXIcRUk9sv1VOoM+gybceLPUWtn4q53kdBE/N7qb5Lrmmf
g7FEu4Mexup6OVyFNk8hW5mrNmWtFT0sG8mKDFs5xFgyAdsy0mUWIEdH0EJ3JOcO
DZjpSsdMU4rQg0zo4CHtiRGLWHlYApNVumXcbGlV4Z9XN6OmmZM97dQsh83NNVEH
Fhn8C5dO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org