Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/5A589C5ABDFB11EBB32BCB16C4F9AE02.roa
File:                     5A589C5ABDFB11EBB32BCB16C4F9AE02.roa (raw, json)
Hash identifier:          exuPVkcP9IFl8GJmMwRj9y1mTLWHYl/ap5ewR/OiJ9k=
Subject key identifier:   89:40:41:C9:0A:1D:1D:A0:12:20:5E:D3:FD:25:89:50:04:47:77:12
Certificate issuer:       /CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA
Certificate serial:       087E
Authority key identifier: 38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/5A589C5ABDFB11EBB32BCB16C4F9AE02.roa
Signing time:             Thu 04 May 2023 22:18:54 +0000
ROA not before:           Thu 04 May 2023 22:18:54 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     136224
IP address blocks:        119.148.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2174 (0x87e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA
        Validity
            Not Before: May  4 22:18:54 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64542f4e-5c24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8a:8d:73:cd:3d:88:1b:84:02:88:bf:ce:73:
                    84:a2:30:5f:ab:04:78:2c:2e:a1:6e:3e:be:ce:2f:
                    fa:a7:cb:b9:cd:b5:5a:f9:8d:93:df:43:31:dd:60:
                    b2:ab:a6:2b:ec:96:52:1d:a7:fb:bb:b1:f1:b2:43:
                    50:ff:08:28:de:a0:71:0d:63:8c:b9:82:d3:8c:62:
                    2a:3f:95:14:35:09:70:5a:c3:e0:81:30:00:37:da:
                    c5:2c:84:a8:25:14:43:a5:04:fe:a5:85:ab:75:e7:
                    a5:32:17:02:73:d9:4d:e7:b5:13:26:ba:6a:00:c4:
                    ac:7e:2b:37:5d:97:b8:50:7c:a2:bf:a6:7e:63:a1:
                    5d:7e:0b:08:68:61:a2:60:a6:4f:63:e9:6c:59:bc:
                    4c:71:7d:0b:79:65:a7:d9:6b:5d:b9:31:b1:e6:91:
                    55:11:da:22:3d:e8:d1:f0:3e:49:0b:49:35:3a:c7:
                    30:8f:f9:00:1a:c6:12:37:08:fe:ca:46:4e:40:6e:
                    22:95:a4:ff:61:20:4e:99:90:e9:4f:2a:bc:69:43:
                    39:cb:01:d7:cb:98:07:c5:61:55:37:ce:24:83:e7:
                    bf:a6:2f:20:f7:18:cc:e9:ad:be:ba:8d:d7:7a:55:
                    3c:ee:6f:7e:09:08:38:7c:fa:2b:00:25:62:be:63:
                    f9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:40:41:C9:0A:1D:1D:A0:12:20:5E:D3:FD:25:89:50:04:47:77:12
            X509v3 Authority Key Identifier:
                keyid:38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/5A589C5ABDFB11EBB32BCB16C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.148.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:d6:e2:be:a1:61:7d:b0:ea:50:eb:9e:bb:51:1b:63:66:b1:
         9d:66:5d:fc:2b:63:c6:e9:86:ca:2b:62:4e:cc:d5:28:e7:4a:
         39:1f:42:c9:6d:2f:fb:b8:b9:fa:b8:a6:bd:45:4e:85:3f:1f:
         3a:6d:d0:97:ef:46:3c:34:e6:46:73:56:12:fc:e9:19:2b:62:
         54:53:ad:78:a0:9f:eb:96:2c:78:71:cb:58:ab:26:56:39:3d:
         bb:b7:27:5b:63:ad:ef:a5:75:21:9b:da:ae:43:19:8a:72:f3:
         d4:f7:50:35:1c:38:e9:57:0c:2d:d9:52:7d:b3:98:8f:c0:a2:
         05:60:ed:68:10:c6:4d:5e:f0:63:e5:ec:f5:2f:0e:5f:c8:9b:
         77:f8:92:02:b7:1e:2d:3d:f4:ef:a6:a0:cf:d7:48:32:b3:3e:
         11:41:eb:21:c2:86:a7:02:f0:a9:6b:c2:2d:58:62:84:d6:0f:
         4c:4d:7c:a4:b6:99:16:75:08:de:f5:68:60:ae:0e:64:cb:0c:
         05:a0:5d:59:b7:81:ff:17:6c:cf:fb:9a:5d:89:2a:a2:8b:aa:
         d2:7b:0c:23:06:da:ef:b2:d2:97:e7:15:d7:bc:9a:36:64:7d:
         5c:9c:42:b7:9a:73:48:a8:b4:ce:ca:78:44:49:b9:35:ce:f5:
         27:92:ee:3b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyNjcxMTAvBgNVBAUTKDM4RkIwNkFGNjQ5RjQwMEY1MTM5OTQ5MzVCRURGN0U0
OTI3MEM4QUEwHhcNMjMwNTA0MjIxODU0WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0MmY0ZS01YzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1YqNc809iBuEAoi/znOEojBfqwR4LC6hbj6+zi/6p8u5zbVa+Y2T30Mx3WCy
q6Yr7JZSHaf7u7HxskNQ/wgo3qBxDWOMuYLTjGIqP5UUNQlwWsPggTAAN9rFLISo
JRRDpQT+pYWrdeelMhcCc9lN57UTJrpqAMSsfis3XZe4UHyiv6Z+Y6FdfgsIaGGi
YKZPY+lsWbxMcX0LeWWn2WtduTGx5pFVEdoiPejR8D5JC0k1Oscwj/kAGsYSNwj+
ykZOQG4ilaT/YSBOmZDpTyq8aUM5ywHXy5gHxWFVN84kg+e/pi8g9xjM6a2+uo3X
elU87m9+CQg4fPorACVivmP5cwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIlAQckK
HR2gEiBe0/0liVAER3cSMB8GA1UdIwQYMBaAFDj7Bq9kn0APUTmUk1vt9+SScMiq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODI2Ny8wMkM4NkVBQTc4
Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFBOVJPWlNUVy0zMzVKSnd5
S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Qc0dyMlNmUUE5Uk9aU1RXLTMzNUpKd3lLby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTgyNjcvMDJDODZFQUE3OENCMTFFQTgyMEQ3Mjc0QzRGOUFFMDIvNUE1ODlDNUFC
REZCMTFFQkIzMkJDQjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB3lGYwDQYJKoZIhvcNAQELBQADggEBADfW4r6hYX2w6lDr
nrtRG2NmsZ1mXfwrY8bphsorYk7M1SjnSjkfQsltL/u4ufq4pr1FToU/Hzpt0Jfv
Rjw05kZzVhL86RkrYlRTrXign+uWLHhxy1irJlY5Pbu3J1tjre+ldSGb2q5DGYpy
89T3UDUcOOlXDC3ZUn2zmI/AogVg7WgQxk1e8GPl7PUvDl/Im3f4kgK3Hi099O+m
oM/XSDKzPhFB6yHChqcC8Klrwi1YYoTWD0xNfKS2mRZ1CN71aGCuDmTLDAWgXVm3
gf8XbM/7ml2JKqKLqtJ7DCMG2u+y0pfnFde8mjZkfVycQreac0iotM7KeERJuTXO
9SeS7js=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org