Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/8FEC7388626911ECA33B5E60C4F9AE02.roa
File:                     8FEC7388626911ECA33B5E60C4F9AE02.roa (raw, json)
Hash identifier:          FeMcoQ9MtipkybUR8K3l9DbQjA6peYxFnL2PpaGjDkY=
Subject key identifier:   A9:C7:0A:3A:72:AA:BB:AF:C7:6A:CA:60:6E:F1:D6:5E:60:DD:12:F2
Certificate issuer:       /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Certificate serial:       26
Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/8FEC7388626911ECA33B5E60C4F9AE02.roa
Signing time:             Tue 21 Dec 2021 14:23:27 +0000
ROA not before:           Tue 21 Dec 2021 14:23:27 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     209557
IP address blocks:        2407:9240:2200::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
        Validity
            Not Before: Dec 21 14:23:27 2021 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=61c1e35f-5ad0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fb:53:27:b3:9b:fe:ad:df:19:45:7b:7b:9b:
                    39:f1:ef:40:a3:de:30:0f:78:20:53:7e:b3:2c:68:
                    5b:7c:7c:3c:40:25:ed:d7:89:9a:1e:df:9c:86:eb:
                    13:7d:ca:09:9a:6d:21:45:63:80:fc:2b:38:91:2c:
                    0f:e9:86:9f:d7:15:6e:2e:ef:1f:06:aa:5d:00:72:
                    31:27:5c:81:33:4a:35:91:a1:2d:79:74:81:50:d1:
                    75:40:62:f2:ef:7e:07:6a:a2:13:b3:a2:9b:f9:47:
                    a1:ff:1c:fe:47:02:29:f8:d3:58:2c:81:c3:6b:65:
                    81:49:76:c4:30:9f:fc:e1:13:24:79:cf:ce:c1:1c:
                    3d:ba:c6:55:c3:e1:0b:01:db:45:0c:06:cb:6c:89:
                    61:20:81:74:46:65:25:43:b8:66:1d:e3:cd:d3:1c:
                    22:ad:cc:ea:9f:0a:8c:70:7c:fa:c3:01:fa:99:fa:
                    9d:ce:f0:63:d6:d0:b2:f5:6b:36:23:09:b0:bc:91:
                    57:b9:d7:c3:b4:d8:c7:3e:ab:e6:97:bd:10:cc:4c:
                    68:01:03:dc:13:3f:c7:c0:42:98:55:2b:24:40:1d:
                    91:0d:19:b7:ca:c9:ab:f9:71:3b:d6:44:e4:76:28:
                    34:19:17:b4:58:9f:f8:0b:92:60:06:d0:76:22:d5:
                    b7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:C7:0A:3A:72:AA:BB:AF:C7:6A:CA:60:6E:F1:D6:5E:60:DD:12:F2
            X509v3 Authority Key Identifier:
                keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/8FEC7388626911ECA33B5E60C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:9240:2200::/40

    Signature Algorithm: sha256WithRSAEncryption
         5a:52:43:81:d6:19:58:c3:02:4e:a9:28:28:2f:34:a6:ca:7b:
         57:e1:c8:2d:33:9c:e4:00:aa:20:38:f6:0c:ec:f4:68:94:4c:
         55:5e:12:fb:9b:35:83:04:fd:35:77:7e:50:e1:bc:56:aa:ad:
         43:82:3d:49:54:85:9e:e9:6f:28:b4:71:37:a9:3d:fc:38:7f:
         05:11:01:b0:f3:f3:ab:f5:dd:0d:a8:4b:9e:ae:66:a5:3c:af:
         0d:67:03:6d:aa:e0:68:c1:b1:b2:4c:c3:06:74:64:3c:6e:aa:
         a1:ac:2c:5a:f6:b4:38:93:82:78:e7:ba:e5:91:80:86:8f:aa:
         b7:0e:b9:53:5c:f5:dc:4b:bc:6e:da:ba:3c:34:56:5f:10:e1:
         bf:59:17:e6:5b:2c:dd:23:f6:e2:b9:c8:94:6d:f7:b8:21:c1:
         02:86:d0:85:56:59:b8:4a:fc:a2:ff:7c:44:82:0e:ba:69:ad:
         37:ea:f3:ff:b2:5e:57:39:46:41:69:de:fe:c9:22:a4:37:fe:
         5b:e9:bf:a4:ed:a1:e3:8a:b1:43:13:73:15:c0:13:50:c7:3f:
         ab:bf:ee:90:b5:a7:8b:f9:ee:48:cf:23:54:5b:ea:f5:b5:68:
         bf:f7:b3:ef:9d:89:57:d2:9d:e2:97:96:c3:b0:c0:06:58:50:
         80:2f:de:57
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MThCQzExMC8GA1UEBRMoMUFFQkNEODJENzAyODM0M0I3NDVBRDQwNjczOUNEQjky
RDRERkI3NzAeFw0yMTEyMjExNDIzMjdaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYzFlMzVmLTVhZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCz+1Mns5v+rd8ZRXt7mznx70Cj3jAPeCBTfrMsaFt8fDxAJe3XiZoe35yG6xN9
ygmabSFFY4D8KziRLA/php/XFW4u7x8Gql0AcjEnXIEzSjWRoS15dIFQ0XVAYvLv
fgdqohOzopv5R6H/HP5HAin401gsgcNrZYFJdsQwn/zhEyR5z87BHD26xlXD4QsB
20UMBstsiWEggXRGZSVDuGYd483THCKtzOqfCoxwfPrDAfqZ+p3O8GPW0LL1azYj
CbC8kVe518O02Mc+q+aXvRDMTGgBA9wTP8fAQphVKyRAHZENGbfKyav5cTvWROR2
KDQZF7RYn/gLkmAG0HYi1bfBAgMBAAGjggKXMIICkzAdBgNVHQ4EFgQUqccKOnKq
u6/HaspgbvHWXmDdEvIwHwYDVR0jBBgwFoAUGuvNgtcCg0O3Ra1AZznNuS1N+3cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxOEJDL0VEN0I2MkFDNUQ4
NzExRUM5QzFENzAyQ0M0RjlBRTAyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0z
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3V2Tmd0Y0NnME8zUmExQVp6bk51UzFOLTNjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MThCQy9FRDdCNjJBQzVEODcxMUVDOUMxRDcwMkNDNEY5QUUwMi84RkVDNzM4ODYy
NjkxMUVDQTMzQjVFNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACQHkkAiMA0GCSqGSIb3DQEBCwUAA4IBAQBaUkOB1hlYwwJO
qSgoLzSmyntX4cgtM5zkAKogOPYM7PRolExVXhL7mzWDBP01d35Q4bxWqq1Dgj1J
VIWe6W8otHE3qT38OH8FEQGw8/Or9d0NqEuermalPK8NZwNtquBowbGyTMMGdGQ8
bqqhrCxa9rQ4k4J457rlkYCGj6q3DrlTXPXcS7xu2ro8NFZfEOG/WRfmWyzdI/bi
uciUbfe4IcEChtCFVlm4Svyi/3xEgg66aa036vP/sl5XOUZBad7+ySKkN/5b6b+k
7aHjirFDE3MVwBNQxz+rv+6QtaeL+e5IzyNUW+r1tWi/97PvnYlX0p3il5bDsMAG
WFCAL95X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org