Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/D5CDAE2295D911ED90E9F54CC4F9AE02.roa
File:                     D5CDAE2295D911ED90E9F54CC4F9AE02.roa (raw, json)
Hash identifier:          NL1ze97Oi90SdgUlDPaUh3AcKG+WrBK6RHFxwtKzKmE=
Subject key identifier:   DF:D7:7A:64:76:01:DF:19:2F:C4:FF:ED:E5:0E:79:35:A8:DD:03:51
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       05A8
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/D5CDAE2295D911ED90E9F54CC4F9AE02.roa
Signing time:             Mon 16 Jan 2023 20:10:35 +0000
ROA not before:           Mon 16 Jan 2023 20:10:35 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        45.114.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1448 (0x5a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: Jan 16 20:10:35 2023 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=63c5af3a-8695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:84:35:8b:78:aa:a5:f7:d9:e6:43:ab:49:97:
                    15:52:f4:05:81:80:dd:ed:f4:0e:a8:d5:75:a0:6f:
                    87:91:48:29:da:04:24:44:e5:6b:75:c4:a8:24:8c:
                    6f:ca:cf:7e:59:04:75:90:20:28:21:f1:e6:e2:c2:
                    12:bc:bc:5d:15:5f:69:40:19:43:04:29:50:08:46:
                    ca:48:cf:63:14:cb:12:6e:c8:a9:14:72:bd:9f:cc:
                    cb:10:06:98:1c:49:17:3a:ef:29:63:b3:b6:0d:f9:
                    10:79:fd:5d:4d:b4:11:17:7e:fb:43:69:b7:b8:8b:
                    04:da:8e:11:3c:e5:63:d3:72:9a:6c:fe:28:e1:5e:
                    14:9a:d3:3a:f8:0e:cf:33:4c:bc:6b:d6:46:80:65:
                    14:be:b4:c0:4a:e4:1c:bd:c1:8d:6c:2f:a9:23:4f:
                    5f:9c:f3:aa:b4:89:dc:fa:95:92:eb:f9:9a:19:4c:
                    eb:2f:47:82:a6:a4:0e:c6:1d:67:fb:cc:b6:d4:0b:
                    1b:64:0b:b9:93:d5:0a:92:4e:73:95:d4:6d:53:97:
                    44:de:32:12:0a:e3:80:de:a6:b3:c2:e7:4a:6e:f2:
                    fa:c3:0b:8a:b4:0b:73:8c:6e:e7:8f:a8:4c:45:0c:
                    5d:0f:22:50:1f:34:bb:c7:8b:3f:ff:e2:10:0d:a2:
                    40:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:D7:7A:64:76:01:DF:19:2F:C4:FF:ED:E5:0E:79:35:A8:DD:03:51
            X509v3 Authority Key Identifier:
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/D5CDAE2295D911ED90E9F54CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.114.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:b3:c7:8a:4d:11:05:1c:fd:b2:b8:8e:39:91:aa:af:72:9c:
         d4:f6:98:5c:57:e3:a8:cb:7a:2c:a1:ea:91:b0:2f:1c:16:05:
         c8:66:86:f9:cc:ec:c3:3c:b7:5f:eb:ec:b2:59:e2:80:1a:a6:
         a3:b8:74:17:b7:99:34:15:1f:cd:20:f5:cc:39:5f:84:41:61:
         f3:16:bf:55:42:f6:eb:49:d1:2c:1d:06:10:a1:4f:c6:e4:c3:
         27:35:f8:a1:12:b9:85:72:89:3b:34:12:74:0d:13:fc:31:00:
         d6:0c:fd:d7:dc:4c:0d:21:61:37:ef:a2:42:3a:cf:f4:51:6f:
         07:d0:b0:2a:c6:99:5a:6b:a5:63:a5:48:2f:ed:3f:a6:63:ff:
         97:1c:71:76:a2:19:df:36:b2:44:77:a4:d8:39:c6:a4:f0:b2:
         48:cb:4a:b3:66:8f:cf:90:31:fe:c6:c0:7f:7c:7a:64:be:13:
         98:ef:84:18:48:1f:e4:3d:0b:d5:dc:71:a0:42:d5:4f:53:ba:
         fc:e1:16:2c:16:64:4a:7e:ad:d1:06:14:3c:78:10:43:c3:67:
         fa:40:83:ec:73:55:06:28:be:19:c1:f6:5f:f3:58:3b:82:8c:
         42:65:f6:8e:63:3d:e2:ab:8e:4a:ae:38:79:01:3c:ad:8c:92:
         ad:7a:df:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwMTE2MjAxMDM1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M1YWYzYS04Njk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6oQ1i3iqpffZ5kOrSZcVUvQFgYDd7fQOqNV1oG+HkUgp2gQkROVrdcSoJIxv
ys9+WQR1kCAoIfHm4sISvLxdFV9pQBlDBClQCEbKSM9jFMsSbsipFHK9n8zLEAaY
HEkXOu8pY7O2DfkQef1dTbQRF377Q2m3uIsE2o4RPOVj03KabP4o4V4UmtM6+A7P
M0y8a9ZGgGUUvrTASuQcvcGNbC+pI09fnPOqtInc+pWS6/maGUzrL0eCpqQOxh1n
+8y21AsbZAu5k9UKkk5zldRtU5dE3jISCuOA3qazwudKbvL6wwuKtAtzjG7nj6hM
RQxdDyJQHzS7x4s//+IQDaJAUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN/XemR2
Ad8ZL8T/7eUOeTWo3QNRMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvRDVDREFFMjI5
NUQ5MTFFRDkwRTlGNTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAtcr8wDQYJKoZIhvcNAQELBQADggEBAFSzx4pNEQUc/bK4
jjmRqq9ynNT2mFxX46jLeiyh6pGwLxwWBchmhvnM7MM8t1/r7LJZ4oAapqO4dBe3
mTQVH80g9cw5X4RBYfMWv1VC9utJ0SwdBhChT8bkwyc1+KESuYVyiTs0EnQNE/wx
ANYM/dfcTA0hYTfvokI6z/RRbwfQsCrGmVprpWOlSC/tP6Zj/5cccXaiGd82skR3
pNg5xqTwskjLSrNmj8+QMf7GwH98emS+E5jvhBhIH+Q9C9XccaBC1U9TuvzhFiwW
ZEp+rdEGFDx4EEPDZ/pAg+xzVQYovhnB9l/zWDuCjEJl9o5jPeKrjkquOHkBPK2M
kq163wE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org