Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/59BEE1D2DAF311EAB47C930DC4F9AE02.roa
File:                     59BEE1D2DAF311EAB47C930DC4F9AE02.roa (raw, json)
Hash identifier:          ijyUF+xgFbEyemlI93FqVs0DU3deMqmLJvKoqq07f9I=
Subject key identifier:   7A:63:7D:E5:67:85:B0:9F:53:A1:F7:0A:0F:81:15:78:EA:8B:AE:32
Certificate issuer:       /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Certificate serial:       1B76
Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/59BEE1D2DAF311EAB47C930DC4F9AE02.roa
Signing time:             Tue 28 Feb 2023 17:03:50 +0000
ROA not before:           Tue 28 Feb 2023 17:03:50 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        202.144.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7030 (0x1b76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
        Validity
            Not Before: Feb 28 17:03:50 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63fe33f6-793b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9b:e7:cf:3b:75:9b:cb:56:fb:d4:2a:82:29:
                    59:17:52:46:b0:fc:36:67:06:e7:d5:6c:cf:b8:a4:
                    46:7b:40:dc:68:de:c6:13:2a:1e:93:16:60:2b:37:
                    cb:05:a6:3b:3b:c4:f1:b4:cf:8f:04:d4:ea:84:5a:
                    3b:e6:ad:10:72:0f:62:02:58:bc:cb:48:00:90:10:
                    c2:c5:c7:68:af:87:7a:4f:62:59:5f:9e:d1:ea:aa:
                    4b:cc:d5:8f:67:50:42:06:ef:d6:39:81:33:ae:f5:
                    2c:49:48:98:87:35:e3:b0:02:49:9d:54:17:95:50:
                    b0:fc:38:72:08:eb:f2:8e:b0:68:52:be:34:bb:26:
                    79:1b:85:ff:85:33:8d:39:1d:26:2e:23:26:45:37:
                    19:a5:0e:68:03:fe:05:33:56:4c:dc:e8:f7:5d:f9:
                    76:b2:11:95:de:4c:2a:88:16:b6:80:dc:ec:ab:95:
                    22:c1:04:b7:d5:50:de:86:47:e0:fd:e6:fc:6b:65:
                    47:86:34:b4:48:54:3c:93:4a:15:8d:55:3b:93:85:
                    c7:27:69:00:f7:b7:ea:10:da:e8:99:b9:5b:16:c9:
                    d4:9b:e3:34:07:8f:01:a1:ca:42:b7:75:66:9a:de:
                    14:79:8d:9c:05:50:e8:2d:fd:a2:ce:41:ae:58:c7:
                    ef:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:63:7D:E5:67:85:B0:9F:53:A1:F7:0A:0F:81:15:78:EA:8B:AE:32
            X509v3 Authority Key Identifier:
                keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/59BEE1D2DAF311EAB47C930DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.144.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:8b:e4:e3:c4:0f:b8:e1:20:c0:08:92:10:2a:00:8a:82:b0:
         23:1f:c9:07:9f:5d:2a:da:4d:d9:ae:18:40:ad:3e:8b:1e:d5:
         50:d8:3b:6c:bf:82:5f:95:54:91:99:10:20:ba:10:66:54:82:
         e0:44:b4:be:2b:90:fd:25:12:9e:3d:36:d4:3b:d2:9f:c4:a6:
         bd:df:83:3a:21:80:ff:8c:5c:73:88:c1:ac:3e:bb:b9:bb:24:
         13:5e:fc:5f:43:b2:87:8e:1b:16:a0:30:3e:2f:75:b7:76:58:
         ba:85:09:9b:81:5b:fe:a4:47:98:51:6c:d7:61:90:8d:fa:f5:
         73:75:2f:d7:3d:fc:71:b8:20:10:b3:42:7a:5d:a3:ee:42:d1:
         32:d3:08:95:c4:2a:35:12:ac:7e:ef:00:5d:57:33:cf:0f:28:
         b3:ac:05:96:a5:7b:03:fd:a2:0a:b0:7f:5f:5a:97:89:73:5b:
         ed:50:13:38:34:43:56:90:df:08:78:80:50:ba:a0:d3:2f:60:
         70:dc:28:a2:75:4f:fe:d3:4f:4d:e8:fb:f7:c5:e8:3c:32:4a:
         d7:28:c3:b0:be:fe:07:42:8b:ec:5f:f0:aa:44:59:73:97:21:
         54:75:bc:91:76:fd:cc:54:a3:35:42:cd:5a:1f:7d:5c:46:c6:
         2f:b6:a0:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky
Q0Q4ODQ3NDgwHhcNMjMwMjI4MTcwMzUwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZlMzNmNi03OTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp5vnzzt1m8tW+9QqgilZF1JGsPw2Zwbn1WzPuKRGe0DcaN7GEyoekxZgKzfL
BaY7O8TxtM+PBNTqhFo75q0Qcg9iAli8y0gAkBDCxcdor4d6T2JZX57R6qpLzNWP
Z1BCBu/WOYEzrvUsSUiYhzXjsAJJnVQXlVCw/DhyCOvyjrBoUr40uyZ5G4X/hTON
OR0mLiMmRTcZpQ5oA/4FM1ZM3Oj3Xfl2shGV3kwqiBa2gNzsq5UiwQS31VDehkfg
/eb8a2VHhjS0SFQ8k0oVjVU7k4XHJ2kA97fqENromblbFsnUm+M0B48BocpCt3Vm
mt4UeY2cBVDoLf2izkGuWMfvcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHpjfeVn
hbCfU6H3Cg+BFXjqi64yMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy
RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RCRjIvRTM0NDUwMTZDMkY4MTFFNjk5N0FFQjZCQzRGOUFFMDIvNTlCRUUxRDJE
QUYzMTFFQUI0N0M5MzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKkMQwDQYJKoZIhvcNAQELBQADggEBAMeL5OPED7jhIMAI
khAqAIqCsCMfyQefXSraTdmuGECtPose1VDYO2y/gl+VVJGZECC6EGZUguBEtL4r
kP0lEp49NtQ70p/Epr3fgzohgP+MXHOIwaw+u7m7JBNe/F9DsoeOGxagMD4vdbd2
WLqFCZuBW/6kR5hRbNdhkI369XN1L9c9/HG4IBCzQnpdo+5C0TLTCJXEKjUSrH7v
AF1XM88PKLOsBZalewP9ogqwf19al4lzW+1QEzg0Q1aQ3wh4gFC6oNMvYHDcKKJ1
T/7TT03o+/fF6DwyStcow7C+/gdCi+xf8KpEWXOXIVR1vJF2/cxUozVCzVoffVxG
xi+2oPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org