Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9183B33/CD35DB1A912411EB9B72903AC4F9AE02/9F836D66912611EBA48C493FC4F9AE02.roa
File:                     9F836D66912611EBA48C493FC4F9AE02.roa (raw, json)
Hash identifier:          mL6d+LZsTyirf934ELaV8fI1v6azM72Ekj0F665eVy8=
Subject key identifier:   76:D8:21:E8:1D:B2:ED:82:75:4D:9B:4D:13:AE:91:61:ED:D1:12:76
Certificate issuer:       /CN=A9183B33/serialNumber=51AEBA23FB745A553A5E4996DF1C8173473F1798
Certificate serial:       02CF
Authority key identifier: 51:AE:BA:23:FB:74:5A:55:3A:5E:49:96:DF:1C:81:73:47:3F:17:98
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ua66I_t0WlU6XkmW3xyBc0c_F5g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9183B33/CD35DB1A912411EB9B72903AC4F9AE02/9F836D66912611EBA48C493FC4F9AE02.roa
Signing time:             Mon 21 Mar 2022 13:51:01 +0000
ROA not before:           Mon 21 Mar 2022 13:51:01 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     9723
IP address blocks:        203.0.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 719 (0x2cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9183B33/serialNumber=51AEBA23FB745A553A5E4996DF1C8173473F1798
        Validity
            Not Before: Mar 21 13:51:01 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=623882c5-6a47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:2b:96:7a:31:a3:7c:68:7d:0b:48:7f:d4:a1:
                    3f:39:7a:ea:36:53:c8:4f:79:ec:75:09:5a:b5:9e:
                    8a:76:ca:40:4d:db:76:5e:30:00:ab:3e:5e:80:39:
                    22:ef:5f:f2:7e:78:f8:d9:fa:55:d8:ca:75:20:1a:
                    26:3a:39:b1:6c:84:21:3a:0f:ee:bc:7f:bd:39:7b:
                    a9:97:fc:f8:d7:e1:43:8b:fd:d6:17:47:0f:5f:17:
                    75:b7:54:36:ba:cd:28:e5:9f:85:46:64:93:e3:ae:
                    c9:2e:a4:1f:ab:35:74:5e:57:74:96:bb:2b:bb:8e:
                    54:b9:db:e1:25:e2:33:bb:75:10:bc:83:44:5a:3d:
                    6e:78:04:e0:55:6c:b9:b3:9d:33:ea:fe:50:d0:ec:
                    e0:b2:ef:d5:87:c4:04:9f:8b:8a:89:8d:13:1c:3a:
                    90:57:49:8f:43:8b:3d:d8:d3:57:16:73:58:ad:ab:
                    3d:8a:6a:52:d0:87:0e:30:ef:6e:4b:96:f7:23:5c:
                    da:5e:80:f9:95:fc:d4:a9:d0:10:6e:09:43:08:4d:
                    35:a5:30:b7:a9:aa:12:59:83:18:af:0a:4e:94:56:
                    c8:d1:ef:5d:70:da:b6:cd:69:1a:dc:51:85:29:4f:
                    a5:75:38:1d:36:7f:e3:7c:73:c1:08:4f:7e:8c:b8:
                    1e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D8:21:E8:1D:B2:ED:82:75:4D:9B:4D:13:AE:91:61:ED:D1:12:76
            X509v3 Authority Key Identifier:
                keyid:51:AE:BA:23:FB:74:5A:55:3A:5E:49:96:DF:1C:81:73:47:3F:17:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9183B33/CD35DB1A912411EB9B72903AC4F9AE02/Ua66I_t0WlU6XkmW3xyBc0c_F5g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ua66I_t0WlU6XkmW3xyBc0c_F5g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183B33/CD35DB1A912411EB9B72903AC4F9AE02/9F836D66912611EBA48C493FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.0.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:fb:f4:87:dc:70:42:15:86:5f:8f:f4:15:4b:41:ed:c3:0a:
         10:46:f2:62:e4:a4:8f:15:b0:c7:1d:9d:6f:b6:74:db:59:6a:
         aa:46:24:f4:88:59:6c:6f:19:73:52:a0:f7:07:ec:6b:1b:fd:
         6f:ae:ab:99:0e:f1:2e:0b:11:ef:4c:5d:1a:12:da:65:e3:ea:
         33:7a:0c:fb:34:3c:40:d1:6f:17:ed:0c:e3:d5:24:67:28:e2:
         46:b6:25:d4:27:49:ff:e2:bd:5b:fb:ad:99:59:3f:2a:d5:64:
         fb:91:fc:89:50:75:97:04:7a:59:a2:67:54:8e:24:3c:17:cb:
         7f:25:a5:e2:f1:e6:d4:8f:c4:96:00:c6:6d:ef:15:fe:b9:f3:
         11:64:c9:ff:4c:76:0c:b2:67:d7:54:fd:cb:94:90:6d:6a:84:
         25:a3:d9:e5:51:32:4f:07:6c:2b:fe:f0:ca:8a:d5:5f:38:36:
         c9:aa:e9:74:b0:71:4f:5b:9c:98:e4:e9:ae:02:38:dd:5d:cd:
         aa:be:bb:c9:63:07:05:9d:17:56:a3:de:b0:96:a5:e0:c4:c3:
         eb:d8:15:cb:26:46:ac:03:8e:7f:4f:12:ad:2b:34:fa:db:8b:
         fa:c8:27:7d:d1:94:06:25:89:15:48:44:c4:84:de:25:e8:7a:
         f8:f6:2b:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODNCMzMxMTAvBgNVBAUTKDUxQUVCQTIzRkI3NDVBNTUzQTVFNDk5NkRGMUM4MTcz
NDczRjE3OTgwHhcNMjIwMzIxMTM1MTAxWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM4ODJjNS02YTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8CuWejGjfGh9C0h/1KE/OXrqNlPIT3nsdQlatZ6KdspATdt2XjAAqz5egDki
71/yfnj42fpV2Mp1IBomOjmxbIQhOg/uvH+9OXupl/z41+FDi/3WF0cPXxd1t1Q2
us0o5Z+FRmST467JLqQfqzV0Xld0lrsru45UudvhJeIzu3UQvINEWj1ueATgVWy5
s50z6v5Q0Ozgsu/Vh8QEn4uKiY0THDqQV0mPQ4s92NNXFnNYras9impS0IcOMO9u
S5b3I1zaXoD5lfzUqdAQbglDCE01pTC3qaoSWYMYrwpOlFbI0e9dcNq2zWka3FGF
KU+ldTgdNn/jfHPBCE9+jLgeyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHbYIegd
su2CdU2bTROukWHt0RJ2MB8GA1UdIwQYMBaAFFGuuiP7dFpVOl5Jlt8cgXNHPxeY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0IzMy9DRDM1REIxQTkx
MjQxMUVCOUI3MjkwM0FDNEY5QUUwMi9VYTY2SV90MFdsVTZYa21XM3h5QmMwY19G
NWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VhNjZJX3QwV2xVNlhrbVczeHlCYzBjX0Y1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODNCMzMvQ0QzNURCMUE5MTI0MTFFQjlCNzI5MDNBQzRGOUFFMDIvOUY4MzZENjY5
MTI2MTFFQkE0OEM0OTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLAJwwDQYJKoZIhvcNAQELBQADggEBAET79IfccEIVhl+P
9BVLQe3DChBG8mLkpI8VsMcdnW+2dNtZaqpGJPSIWWxvGXNSoPcH7Gsb/W+uq5kO
8S4LEe9MXRoS2mXj6jN6DPs0PEDRbxftDOPVJGco4ka2JdQnSf/ivVv7rZlZPyrV
ZPuR/IlQdZcEelmiZ1SOJDwXy38lpeLx5tSPxJYAxm3vFf658xFkyf9MdgyyZ9dU
/cuUkG1qhCWj2eVRMk8HbCv+8MqK1V84Nsmq6XSwcU9bnJjk6a4CON1dzaq+u8lj
BwWdF1aj3rCWpeDEw+vYFcsmRqwDjn9PEq0rNPrbi/rIJ33RlAYliRVIRMSE3iXo
evj2KxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org