Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/F67BAA9668B411ECB6CAB34FC4F9AE02.roa
File:                     F67BAA9668B411ECB6CAB34FC4F9AE02.roa (raw, json)
Hash identifier:          h/sMBjTAr4TSDR8YZJoJ/dTjWioKIe4RbBYGAtvAPEI=
Subject key identifier:   14:01:AF:AE:E2:0E:53:5F:C3:45:C4:E7:B1:85:CA:FE:6F:B7:C2:20
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       0823
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/F67BAA9668B411ECB6CAB34FC4F9AE02.roa
Signing time:             Wed 11 May 2022 10:11:39 +0000
ROA not before:           Wed 11 May 2022 10:11:39 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     210320
IP address blocks:        2406:840:9990::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2083 (0x823)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: May 11 10:11:39 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627b8bdb-e8e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:15:5b:09:a0:10:70:07:19:de:61:24:d0:40:
                    9f:16:e1:74:25:c7:c3:57:25:b0:90:cb:01:72:9c:
                    96:70:d5:eb:b8:52:ff:c1:36:4c:b3:7b:a9:c3:36:
                    1d:9d:06:48:d9:33:ee:83:84:c2:81:02:dd:f9:34:
                    48:59:81:b9:c8:d0:7f:7e:23:67:0f:d3:01:47:74:
                    21:83:9c:69:97:e9:df:30:05:5b:fe:5e:d6:e3:49:
                    a2:13:db:5a:3b:63:fc:54:d9:a3:46:d8:f7:c1:07:
                    c2:12:13:bc:aa:d3:27:d1:99:7d:42:a8:ad:ba:2c:
                    72:71:b7:c9:37:13:58:d7:7b:6d:17:c9:8f:25:7f:
                    52:b7:ae:7e:dd:c1:29:74:4b:c4:ce:fb:6f:b8:c1:
                    d9:0b:3f:6d:58:06:c3:24:00:df:eb:55:6b:cb:fb:
                    84:21:4b:61:5e:8d:3c:a6:90:aa:3a:19:7e:5b:b1:
                    ae:1a:dd:f9:ce:cc:20:21:e7:50:40:55:a4:5b:86:
                    87:e6:9b:ec:66:23:85:a1:29:fe:d9:d2:a0:6b:26:
                    7e:3c:7c:06:1c:35:a1:a0:f7:4b:3e:6f:f9:b1:24:
                    a9:79:09:ae:b7:bf:3f:2b:ea:8b:49:8b:b5:1f:fb:
                    6c:cb:8c:23:df:45:2c:05:f2:aa:a7:20:33:21:e2:
                    ce:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:01:AF:AE:E2:0E:53:5F:C3:45:C4:E7:B1:85:CA:FE:6F:B7:C2:20
            X509v3 Authority Key Identifier:
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/F67BAA9668B411ECB6CAB34FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:9990::/44

    Signature Algorithm: sha256WithRSAEncryption
         4e:1e:89:a5:2f:93:da:48:95:c7:a2:d5:2c:47:48:6d:b8:b3:
         5a:4a:55:c2:f0:1d:db:f3:66:60:b9:a2:96:55:b8:1f:56:06:
         20:14:d9:67:f7:b8:15:22:bc:cf:2b:91:dd:66:d8:8d:30:07:
         f4:ca:44:1d:bb:69:a1:71:48:8b:e8:c8:01:b8:cd:ce:73:47:
         98:29:9a:2c:26:9f:5b:7e:e2:d9:5d:14:b4:0d:04:fc:21:49:
         83:04:96:a5:4d:a3:6d:f0:97:f7:e5:cd:11:24:3b:2f:9a:ca:
         9e:02:37:c8:ff:58:47:08:41:0f:72:40:2c:15:62:f3:2c:21:
         2a:8c:fb:98:dc:03:35:e6:74:98:c7:1d:cc:eb:31:53:2c:44:
         fd:a6:c1:a9:c0:e8:52:ba:4d:8d:7a:5d:43:3e:65:51:93:6f:
         08:4a:c8:6f:d8:c7:c9:26:03:32:2d:19:3d:c7:cc:89:de:f0:
         1e:74:ec:a5:98:ce:df:35:29:69:26:26:dc:73:fc:c8:74:6b:
         17:a7:3e:9c:83:ca:e9:35:81:7a:9b:29:98:14:8a:f7:3f:3f:
         71:65:a4:5c:9a:82:0a:22:54:65:dd:6d:11:5e:8a:3c:d8:5c:
         bb:08:ab:89:81:b5:d0:e1:03:40:5e:99:a4:61:d8:d2:2c:e0:
         ec:42:00:14
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjIwNTExMTAxMTM5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiOGJkYi1lOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxVbCaAQcAcZ3mEk0ECfFuF0JcfDVyWwkMsBcpyWcNXruFL/wTZMs3upwzYd
nQZI2TPug4TCgQLd+TRIWYG5yNB/fiNnD9MBR3Qhg5xpl+nfMAVb/l7W40miE9ta
O2P8VNmjRtj3wQfCEhO8qtMn0Zl9QqituixycbfJNxNY13ttF8mPJX9St65+3cEp
dEvEzvtvuMHZCz9tWAbDJADf61Vry/uEIUthXo08ppCqOhl+W7GuGt35zswgIedQ
QFWkW4aH5pvsZiOFoSn+2dKgayZ+PHwGHDWhoPdLPm/5sSSpeQmut78/K+qLSYu1
H/tsy4wj30UsBfKqpyAzIeLO6wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBQBr67i
DlNfw0XE57GFyv5vt8IgMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvRjY3QkFBOTY2
OEI0MTFFQ0I2Q0FCMzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBghAmZAwDQYJKoZIhvcNAQELBQADggEBAE4eiaUvk9pI
lcei1SxHSG24s1pKVcLwHdvzZmC5opZVuB9WBiAU2Wf3uBUivM8rkd1m2I0wB/TK
RB27aaFxSIvoyAG4zc5zR5gpmiwmn1t+4tldFLQNBPwhSYMElqVNo23wl/flzREk
Oy+ayp4CN8j/WEcIQQ9yQCwVYvMsISqM+5jcAzXmdJjHHczrMVMsRP2mwanA6FK6
TY16XUM+ZVGTbwhKyG/Yx8kmAzItGT3HzIne8B507KWYzt81KWkmJtxz/Mh0axen
PpyDyuk1gXqbKZgUivc/P3FlpFyaggoiVGXdbRFeijzYXLsIq4mBtdDhA0BemaRh
2NIs4OxCABQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org