Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/A37642EA7A4011EDB2649A3BC4F9AE02.roa
File:                     A37642EA7A4011EDB2649A3BC4F9AE02.roa (raw, json)
Hash identifier:          2Ph3mxy1BzGdDih6/ewWkUvstFOBLZxb1P6r+Vf1h4s=
Subject key identifier:   06:ED:FD:F5:FA:3D:72:4F:27:35:B8:88:CF:8B:90:E4:1D:0D:F5:CF
Certificate issuer:       /CN=A918D0AA/serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA
Certificate serial:       02
Authority key identifier: 0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/A37642EA7A4011EDB2649A3BC4F9AE02.roa
Signing time:             Mon 12 Dec 2022 17:15:56 +0000
ROA not before:           Mon 12 Dec 2022 17:15:56 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     703
IP address blocks:        202.125.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918D0AA/serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA
        Validity
            Not Before: Dec 12 17:15:56 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=639761cc-9a7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c3:17:bd:09:08:0c:df:5f:3c:d7:67:4c:51:
                    85:81:93:3b:3a:bb:c0:9f:ee:21:e4:77:d3:a6:e1:
                    af:cd:c7:be:dd:fe:08:64:a9:c1:84:8c:55:e0:1e:
                    f9:3b:90:4a:f2:c1:b2:10:92:f0:4e:d5:ba:a3:94:
                    17:a1:05:a4:37:ed:87:5a:80:da:fa:76:c8:c7:1b:
                    b4:67:14:78:9c:2d:a5:e4:f6:36:43:ef:e9:98:a0:
                    8e:33:e1:5f:79:27:6a:2d:19:8b:55:5f:07:70:e7:
                    8e:5b:9c:a8:95:89:f9:c7:52:e4:59:b0:c1:7d:58:
                    ce:59:4c:0f:3e:40:3f:81:58:d6:a0:98:70:c7:8b:
                    60:97:9a:c7:13:2f:e1:f6:cc:6e:64:a9:51:2a:c8:
                    f2:31:56:f6:4c:0f:e7:5d:9c:15:47:42:f7:2f:82:
                    80:3b:0d:2a:46:5d:52:36:55:e9:fb:31:cf:df:c2:
                    87:bf:7d:2a:76:5a:63:8d:31:14:6b:23:f2:14:5e:
                    48:11:d0:3a:f5:13:4d:ce:18:98:9a:9f:2b:a0:12:
                    57:1e:59:93:35:48:b6:a7:fe:97:0b:f6:3b:50:e2:
                    8c:7b:f1:8b:3e:78:3d:74:17:23:c8:87:a1:93:97:
                    ea:c6:f0:79:a9:d9:64:74:8f:f1:08:a7:a8:e9:66:
                    29:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:ED:FD:F5:FA:3D:72:4F:27:35:B8:88:CF:8B:90:E4:1D:0D:F5:CF
            X509v3 Authority Key Identifier:
                keyid:0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/A37642EA7A4011EDB2649A3BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.125.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:85:82:a4:51:a0:98:3d:bd:9f:3c:4b:6f:cc:5e:8d:f1:e9:
         33:74:4e:8c:80:43:31:9d:35:19:12:6f:af:24:e2:d9:01:97:
         df:a0:a1:84:66:f4:77:63:23:08:eb:7d:1f:f4:85:02:a2:d7:
         78:23:06:a0:c8:87:4c:9f:72:a9:33:96:4c:6e:6d:4b:03:37:
         54:8d:3a:9b:67:58:d4:52:7d:af:c3:2b:fa:22:ba:b3:e5:aa:
         13:7f:ae:df:ea:b0:e4:06:f6:1f:d4:69:a3:b2:b5:38:82:ee:
         95:ef:d6:9c:12:15:2e:f4:2c:f7:26:30:a9:a9:7a:b6:cc:45:
         39:a7:16:03:dc:68:6d:ed:0e:1c:68:4b:36:bc:ef:76:b1:cf:
         c2:75:11:d0:d0:b8:a8:0e:5a:84:24:0e:6a:0a:0c:02:7c:30:
         ad:ce:f8:d9:10:19:90:05:85:4f:d0:3b:08:96:81:3a:fe:22:
         84:f9:7d:f4:63:5c:ae:6b:4f:3f:92:64:14:e7:ae:05:56:e0:
         53:67:7e:e7:af:c7:37:a8:b8:78:7b:f3:49:04:94:d8:98:b6:
         f0:fe:13:ce:e9:02:70:21:d6:0b:0e:9e:a2:52:71:ce:05:88:
         7b:26:ba:6e:a6:bb:6f:52:18:2f:f7:a8:3e:95:e8:68:41:f5:
         d0:5f:e2:2d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RDBBQTExMC8GA1UEBRMoMEExNjFGMTc3QUYyQUM4QTc1RDQxQUZFNDdBRDQwRDJB
QjkxODdDQTAeFw0yMjEyMTIxNzE1NTZaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTc2MWNjLTlhN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEwxe9CQgM318812dMUYWBkzs6u8Cf7iHkd9Om4a/Nx77d/ghkqcGEjFXgHvk7
kErywbIQkvBO1bqjlBehBaQ37YdagNr6dsjHG7RnFHicLaXk9jZD7+mYoI4z4V95
J2otGYtVXwdw545bnKiVifnHUuRZsMF9WM5ZTA8+QD+BWNagmHDHi2CXmscTL+H2
zG5kqVEqyPIxVvZMD+ddnBVHQvcvgoA7DSpGXVI2Ven7Mc/fwoe/fSp2WmONMRRr
I/IUXkgR0Dr1E03OGJianyugElceWZM1SLan/pcL9jtQ4ox78Ys+eD10FyPIh6GT
l+rG8Hmp2WR0j/EIp6jpZikfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBu399fo9
ck8nNbiIz4uQ5B0N9c8wHwYDVR0jBBgwFoAUChYfF3ryrIp11Br+R61A0quRh8ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThEMEFBLzM2NUJDQ0VDN0Ez
QzExRUQ4NjFCMjkzM0M0RjlBRTAyL0NoWWZGM3J5cklwMTFCci1SNjFBMHF1Umg4
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ2hZZkYzcnlySXAxMUJyLVI2MUEwcXVSaDhvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RDBBQS8zNjVCQ0NFQzdBM0MxMUVEODYxQjI5MzNDNEY5QUUwMi9BMzc2NDJFQTdB
NDAxMUVEQjI2NDlBM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMp9CDANBgkqhkiG9w0BAQsFAAOCAQEAX4WCpFGgmD29nzxL
b8xejfHpM3ROjIBDMZ01GRJvryTi2QGX36ChhGb0d2MjCOt9H/SFAqLXeCMGoMiH
TJ9yqTOWTG5tSwM3VI06m2dY1FJ9r8Mr+iK6s+WqE3+u3+qw5Ab2H9Rpo7K1OILu
le/WnBIVLvQs9yYwqal6tsxFOacWA9xobe0OHGhLNrzvdrHPwnUR0NC4qA5ahCQO
agoMAnwwrc742RAZkAWFT9A7CJaBOv4ihPl99GNcrmtPP5JkFOeuBVbgU2d+56/H
N6i4eHvzSQSU2Ji28P4TzukCcCHWCw6eolJxzgWIeya6bqa7b1IYL/eoPpXoaEH1
0F/iLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org