Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/A30B5A4AC78C11E8A76CD914C4F9AE02/1F0F4ED07B9811ED9113D638C4F9AE02.roa
File:                     1F0F4ED07B9811ED9113D638C4F9AE02.roa (raw, json)
Hash identifier:          vAiQn10Axels67XpPn/c7lClzzq8YKZ9p6ZFzT+rkpY=
Subject key identifier:   B0:30:45:29:38:0D:CF:A0:FB:12:0C:74:04:10:DA:60:66:35:05:A9
Certificate issuer:       /CN=A9191436/serialNumber=AD3BB603B14EFB26D715682FB041351EC8F9D367
Certificate serial:       110A
Authority key identifier: AD:3B:B6:03:B1:4E:FB:26:D7:15:68:2F:B0:41:35:1E:C8:F9:D3:67
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rTu2A7FO-ybXFWgvsEE1Hsj502c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191436/A30B5A4AC78C11E8A76CD914C4F9AE02/1F0F4ED07B9811ED9113D638C4F9AE02.roa
Signing time:             Fri 31 Mar 2023 18:25:06 +0000
ROA not before:           Fri 31 Mar 2023 18:25:06 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     133200
IP address blocks:        167.179.18.0/24 maxlen: 24
                          167.179.19.0/24 maxlen: 24
                          167.179.38.0/24 maxlen: 24
                          167.179.40.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4362 (0x110a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191436/serialNumber=AD3BB603B14EFB26D715682FB041351EC8F9D367
        Validity
            Not Before: Mar 31 18:25:06 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64272581-adec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:0f:ee:d7:34:e8:1c:96:12:60:9f:4a:78:fb:
                    f8:42:2c:7c:cc:7f:45:7a:0b:b6:12:b9:98:74:7f:
                    89:71:b9:3a:82:3e:db:84:1c:21:24:f1:75:fe:a7:
                    6a:a8:0a:04:c6:ee:dc:67:0f:af:17:fc:f4:fd:80:
                    5c:b5:0d:c3:83:c3:2f:ba:ac:54:5c:90:13:90:f0:
                    ba:0b:3b:17:67:09:7e:54:e4:8a:e7:e0:4f:4f:63:
                    78:4d:6b:20:3f:95:43:3e:c4:7a:13:4e:64:0b:9f:
                    32:d4:0d:89:21:5b:a0:88:17:0d:c3:2a:98:9e:8b:
                    9c:18:f9:c9:82:21:34:5e:8d:34:6e:54:0d:8d:92:
                    1b:48:f2:59:77:87:a7:5a:aa:4c:99:df:53:80:bf:
                    57:09:d7:8f:ad:3d:67:c6:b5:42:c5:57:d9:b9:61:
                    32:88:c7:b3:ba:0e:70:c9:10:ef:02:f3:bd:65:ea:
                    a0:6e:88:dc:6e:92:b4:42:58:41:e4:f3:c1:c5:a2:
                    d5:c6:26:20:11:c4:e0:08:35:8b:f5:82:c3:3c:60:
                    48:e1:4f:23:b1:c1:fd:06:4f:81:0d:a5:7c:be:e1:
                    f7:b2:91:49:7b:0a:86:df:1d:94:82:8f:84:5e:c4:
                    79:9b:87:2e:52:29:4b:1c:75:3a:b7:d1:73:38:4e:
                    97:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:30:45:29:38:0D:CF:A0:FB:12:0C:74:04:10:DA:60:66:35:05:A9
            X509v3 Authority Key Identifier:
                keyid:AD:3B:B6:03:B1:4E:FB:26:D7:15:68:2F:B0:41:35:1E:C8:F9:D3:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191436/A30B5A4AC78C11E8A76CD914C4F9AE02/rTu2A7FO-ybXFWgvsEE1Hsj502c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rTu2A7FO-ybXFWgvsEE1Hsj502c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/A30B5A4AC78C11E8A76CD914C4F9AE02/1F0F4ED07B9811ED9113D638C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.179.18.0/23
                  167.179.38.0/24
                  167.179.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1d:19:45:3e:b0:6f:64:27:bf:4f:1b:01:37:db:e9:b4:54:8f:
         78:1b:3b:b9:39:2f:2f:06:d9:11:bd:d7:c3:08:55:64:0a:8b:
         44:e2:f8:99:59:78:4b:7c:98:2a:fd:f7:ac:7a:6b:f7:08:f8:
         85:83:c3:74:69:fb:a5:d3:33:04:03:69:3b:42:8c:c0:82:30:
         c7:a4:9a:d1:78:f8:8f:0b:5b:06:66:d7:17:48:c2:a1:42:2c:
         5b:66:98:4e:05:ae:51:51:5d:fb:25:5b:47:a6:12:f2:fa:e3:
         ec:67:1a:39:8d:1e:a6:d8:97:9c:b4:3f:1e:65:5c:a6:b4:b6:
         f8:b6:c2:aa:cc:f4:c5:8d:f4:4b:ba:79:97:69:36:de:5d:5e:
         d8:29:ff:6b:57:06:8f:d9:7c:eb:83:26:aa:fc:4c:4d:2b:23:
         30:0b:e0:51:77:42:4c:ef:85:20:c9:1e:83:4f:d6:d4:b3:96:
         bc:fd:91:32:d2:56:d8:69:c0:da:49:84:7e:88:ea:ab:a6:cd:
         1c:4d:42:3d:9c:b1:23:0d:51:10:19:a4:d1:08:98:02:4e:1e:
         1a:ab:12:5f:7e:cf:d3:35:00:93:74:8f:1c:7a:0a:2b:a9:8c:
         3a:2e:49:90:c7:03:84:b4:fe:b3:e5:67:cd:a6:16:89:c2:27:
         58:27:ff:2a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKEFEM0JCNjAzQjE0RUZCMjZENzE1NjgyRkIwNDEzNTFF
QzhGOUQzNjcwHhcNMjMwMzMxMTgyNTA2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3MjU4MS1hZGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQ/u1zToHJYSYJ9KePv4Qix8zH9Fegu2ErmYdH+Jcbk6gj7bhBwhJPF1/qdq
qAoExu7cZw+vF/z0/YBctQ3Dg8MvuqxUXJATkPC6CzsXZwl+VOSK5+BPT2N4TWsg
P5VDPsR6E05kC58y1A2JIVugiBcNwyqYnoucGPnJgiE0Xo00blQNjZIbSPJZd4en
WqpMmd9TgL9XCdePrT1nxrVCxVfZuWEyiMezug5wyRDvAvO9ZeqgbojcbpK0QlhB
5PPBxaLVxiYgEcTgCDWL9YLDPGBI4U8jscH9Bk+BDaV8vuH3spFJewqG3x2Ugo+E
XsR5m4cuUilLHHU6t9FzOE6XgwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLAwRSk4
Dc+g+xIMdAQQ2mBmNQWpMB8GA1UdIwQYMBaAFK07tgOxTvsm1xVoL7BBNR7I+dNn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BMzBCNUE0QUM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9yVHUyQTdGTy15YlhGV2d2c0VFMUhzajUw
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JUdTJBN0ZPLXliWEZXZ3ZzRUUxSHNqNTAyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQTMwQjVBNEFDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvMUYwRjRFRDA3
Qjk4MTFFRDkxMTNENjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAGnsxIDBACnsyYDBAOnsygwDQYJKoZIhvcNAQELBQADggEB
AB0ZRT6wb2Qnv08bATfb6bRUj3gbO7k5Ly8G2RG918MIVWQKi0Ti+JlZeEt8mCr9
96x6a/cI+IWDw3Rp+6XTMwQDaTtCjMCCMMekmtF4+I8LWwZm1xdIwqFCLFtmmE4F
rlFRXfslW0emEvL64+xnGjmNHqbYl5y0Px5lXKa0tvi2wqrM9MWN9Eu6eZdpNt5d
Xtgp/2tXBo/ZfOuDJqr8TE0rIzAL4FF3QkzvhSDJHoNP1tSzlrz9kTLSVthpwNpJ
hH6I6qumzRxNQj2csSMNURAZpNEImAJOHhqrEl9+z9M1AJN0jxx6CiupjDouSZDH
A4S0/rPlZ82mFonCJ1gn/yo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org