Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/3BEFD14C49DA11EB8F994A64C4F9AE02.roa
File:                     3BEFD14C49DA11EB8F994A64C4F9AE02.roa (raw, json)
Hash identifier:          ihNo7mhEUNqFAikWT0kM3qr/jg0zMJC+/WZ4maELBgc=
Subject key identifier:   FA:82:F0:B9:A1:ED:15:8C:D7:E4:8C:EC:F1:5D:6B:50:CE:8D:72:B8
Certificate issuer:       /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Certificate serial:       1B75
Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/3BEFD14C49DA11EB8F994A64C4F9AE02.roa
Signing time:             Tue 28 Feb 2023 17:03:49 +0000
ROA not before:           Tue 28 Feb 2023 17:03:49 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     138405
IP address blocks:        202.144.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7029 (0x1b75)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
        Validity
            Not Before: Feb 28 17:03:49 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63fe33f4-a69a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7e:07:e5:86:2b:6c:c1:fc:26:b4:b5:65:2f:
                    9b:9d:7b:81:03:25:11:ba:1b:c1:10:aa:86:dd:05:
                    92:d4:68:26:d6:87:08:7a:9b:fb:5a:25:c5:55:9d:
                    b4:32:76:d2:2b:7e:ca:8f:f7:69:e5:59:be:79:8c:
                    c4:3a:8c:bf:e6:59:81:fd:c8:bc:14:ae:02:69:28:
                    9a:4f:30:ed:2c:32:54:78:78:03:db:62:33:97:f8:
                    d0:c2:f2:ea:2c:b8:ee:a8:c3:4c:f5:5a:25:8f:4b:
                    48:d0:2c:3e:1b:ad:3a:2a:f9:50:1d:29:1e:c3:e1:
                    76:99:74:11:75:50:ad:21:aa:87:8d:d5:fb:d1:e6:
                    f1:86:97:f7:ea:0a:eb:c3:42:3a:f4:16:9c:e9:e6:
                    3d:79:74:d3:8f:7b:1f:4f:29:f4:f7:66:dd:7c:aa:
                    11:ea:c8:26:6f:3c:d0:0f:1d:49:60:89:ea:aa:f6:
                    77:6e:ef:27:81:34:96:a2:ae:47:cd:8f:9e:0d:bc:
                    12:0f:b5:7b:26:b0:8b:5b:ad:4f:2e:0b:fb:0e:8a:
                    a8:c7:d3:f5:ff:85:25:f9:da:65:ea:0f:af:77:9b:
                    fe:a1:eb:ea:01:6a:04:97:e3:ba:0c:31:f0:af:d5:
                    91:87:1c:da:d0:02:e2:bc:67:f0:28:21:20:6d:89:
                    53:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:82:F0:B9:A1:ED:15:8C:D7:E4:8C:EC:F1:5D:6B:50:CE:8D:72:B8
            X509v3 Authority Key Identifier:
                keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/3BEFD14C49DA11EB8F994A64C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.144.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:57:cb:97:98:6f:c6:8f:bd:79:c8:7f:b3:3a:f9:17:e3:7c:
         aa:d5:57:43:a3:1d:4f:36:cd:4e:40:a8:34:c9:0b:a5:4b:e1:
         de:cc:c1:89:a2:44:0d:75:59:8d:51:07:c7:98:fd:15:d9:b8:
         8d:d2:94:a1:8b:06:5f:6e:17:64:fd:8a:df:28:3a:18:11:6b:
         75:0f:2d:99:c1:80:5e:76:d4:86:f5:1c:e5:76:0c:5f:54:b0:
         a2:fc:32:4c:f8:3a:56:a5:7d:94:02:f7:7e:2b:3e:f2:ac:62:
         fd:72:db:79:91:e1:db:35:e3:c8:bb:1d:3b:f9:c2:8d:04:83:
         40:9d:c4:c7:4f:10:e9:28:3b:99:de:fa:2e:b4:1f:74:74:4f:
         b3:fe:10:ba:df:92:c7:de:c1:fd:50:db:de:5f:7f:02:5d:90:
         62:26:cb:5a:7c:b1:c6:95:47:12:e8:69:ee:6d:13:ff:b5:bb:
         32:9b:b5:07:65:e2:93:f2:24:df:e2:8b:bd:ad:42:75:17:ca:
         38:f6:6a:07:76:e4:13:b6:c0:90:47:21:4e:90:6a:65:0f:f4:
         7f:8d:02:28:c0:95:a5:cf:38:d0:dc:7a:b3:70:24:10:7f:1a:
         e5:87:11:19:1a:ae:1f:51:fa:12:d1:3f:c4:9e:5b:53:44:fc:
         ed:0a:f4:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky
Q0Q4ODQ3NDgwHhcNMjMwMjI4MTcwMzQ5WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZlMzNmNC1hNjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx34H5YYrbMH8JrS1ZS+bnXuBAyURuhvBEKqG3QWS1Ggm1ocIepv7WiXFVZ20
MnbSK37Kj/dp5Vm+eYzEOoy/5lmB/ci8FK4CaSiaTzDtLDJUeHgD22Izl/jQwvLq
LLjuqMNM9Volj0tI0Cw+G606KvlQHSkew+F2mXQRdVCtIaqHjdX70ebxhpf36grr
w0I69Bac6eY9eXTTj3sfTyn092bdfKoR6sgmbzzQDx1JYInqqvZ3bu8ngTSWoq5H
zY+eDbwSD7V7JrCLW61PLgv7Doqox9P1/4Ul+dpl6g+vd5v+oevqAWoEl+O6DDHw
r9WRhxza0ALivGfwKCEgbYlTkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPqC8Lmh
7RWM1+SM7PFda1DOjXK4MB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy
RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RCRjIvRTM0NDUwMTZDMkY4MTFFNjk5N0FFQjZCQzRGOUFFMDIvM0JFRkQxNEM0
OURBMTFFQjhGOTk0QTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKkMQwDQYJKoZIhvcNAQELBQADggEBAG9Xy5eYb8aPvXnI
f7M6+RfjfKrVV0OjHU82zU5AqDTJC6VL4d7MwYmiRA11WY1RB8eY/RXZuI3SlKGL
Bl9uF2T9it8oOhgRa3UPLZnBgF521Ib1HOV2DF9UsKL8Mkz4OlalfZQC934rPvKs
Yv1y23mR4ds148i7HTv5wo0Eg0CdxMdPEOkoO5ne+i60H3R0T7P+ELrfksfewf1Q
295ffwJdkGImy1p8scaVRxLoae5tE/+1uzKbtQdl4pPyJN/ii72tQnUXyjj2agd2
5BO2wJBHIU6QamUP9H+NAijAlaXPONDcerNwJBB/GuWHERkarh9R+hLRP8SeW1NE
/O0K9Ek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org