Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1818/68EA73EC069C11EE8C667812C4F9AE02/16B03E6406E111EE8AEB1D74C4F9AE02.roa
File:                     16B03E6406E111EE8AEB1D74C4F9AE02.roa (raw, json)
Hash identifier:          kLFsb554sOnbbczMPfdhbfBxV5k4Z0XwnmVRxnGTouw=
Subject key identifier:   29:9C:D3:F0:94:4D:39:13:E6:75:DD:B5:85:DB:6C:D7:5B:3C:82:81
Certificate issuer:       /CN=A91A1818/serialNumber=92D456E99B60DCED148C93D594B6F431270A24C4
Certificate serial:       0E
Authority key identifier: 92:D4:56:E9:9B:60:DC:ED:14:8C:93:D5:94:B6:F4:31:27:0A:24:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ktRW6Ztg3O0UjJPVlLb0MScKJMQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A1818/68EA73EC069C11EE8C667812C4F9AE02/16B03E6406E111EE8AEB1D74C4F9AE02.roa
Signing time:             Mon 12 Jun 2023 09:27:38 +0000
ROA not before:           Mon 12 Jun 2023 09:27:37 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     132388
IP address blocks:        139.180.8.0/21 maxlen: 21
                          139.180.9.0/24 maxlen: 24
                          139.180.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A1818/serialNumber=92D456E99B60DCED148C93D594B6F431270A24C4
        Validity
            Not Before: Jun 12 09:27:37 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=6486e509-042e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:9c:84:91:ae:b2:91:3d:5c:66:90:10:14:
                    21:cf:b4:4f:41:4d:df:f7:40:8f:27:28:87:cb:76:
                    f6:e7:a9:ce:a3:4c:30:d7:9d:78:2d:f7:16:22:6e:
                    57:2e:57:c1:ac:e2:98:e0:ef:7e:bf:22:e9:84:a4:
                    3b:c6:1c:7a:94:a1:91:28:56:cf:9b:16:21:10:d5:
                    c3:36:41:f0:18:e8:c2:b6:28:fc:bc:ef:f6:97:a8:
                    49:4b:d6:77:be:e3:e5:56:cc:29:44:ce:42:de:26:
                    9f:28:33:ea:a6:96:41:08:d1:66:60:17:d9:24:99:
                    31:95:55:9f:9f:16:6e:f9:bf:e3:6b:41:3f:9a:96:
                    53:d2:52:1b:d0:f9:80:52:2d:10:63:17:70:72:d7:
                    9e:4f:22:80:ac:00:7a:98:98:98:17:b5:f6:5d:7c:
                    3b:05:7c:e9:17:a1:89:e6:19:1c:9f:66:5b:aa:8e:
                    e0:f3:30:f1:f9:5e:95:41:3a:de:94:0a:3a:b4:53:
                    12:00:0b:3d:f9:d6:fc:03:55:25:31:da:a5:27:3f:
                    9c:c9:17:d6:7f:50:71:27:19:c7:19:d9:14:4b:0c:
                    6c:f7:24:68:0f:c6:c6:b2:50:5f:7d:f7:12:c1:dc:
                    82:d5:c0:9f:95:c6:c6:17:c0:c1:bc:7c:78:49:9c:
                    ef:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9C:D3:F0:94:4D:39:13:E6:75:DD:B5:85:DB:6C:D7:5B:3C:82:81
            X509v3 Authority Key Identifier:
                keyid:92:D4:56:E9:9B:60:DC:ED:14:8C:93:D5:94:B6:F4:31:27:0A:24:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A1818/68EA73EC069C11EE8C667812C4F9AE02/ktRW6Ztg3O0UjJPVlLb0MScKJMQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ktRW6Ztg3O0UjJPVlLb0MScKJMQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1818/68EA73EC069C11EE8C667812C4F9AE02/16B03E6406E111EE8AEB1D74C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.180.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         40:0c:b9:17:bf:12:2d:ea:da:46:e7:c4:88:f9:03:f6:50:d8:
         2d:50:66:71:08:37:50:15:5e:3a:33:fd:a3:68:dc:c1:bb:cd:
         f0:00:da:fc:70:73:9d:c6:e7:ac:f5:99:c9:d8:32:21:5a:90:
         5e:5f:3a:cb:67:3c:7d:44:91:e9:32:41:29:31:73:e9:26:8d:
         39:8c:3b:4a:4e:2d:c7:bb:a4:33:b9:a3:ab:a8:ce:d4:d4:5d:
         5c:d7:58:f8:0c:cc:a9:95:42:e7:72:58:23:34:01:ca:d5:2f:
         38:e4:96:3c:6f:72:18:1e:0c:70:b1:e7:fb:c0:ee:40:da:d0:
         54:d4:f6:f8:fa:f3:a6:b1:ed:97:ac:66:e0:80:c3:2e:30:24:
         06:ae:54:61:ab:0f:8e:02:e2:f1:b5:f9:8e:f5:78:92:45:7f:
         98:b7:0e:bb:de:e8:32:18:c1:17:be:00:03:61:35:df:ea:8f:
         c1:e4:61:76:a8:75:16:72:26:5c:e3:ba:66:0f:66:8f:7f:c6:
         a7:ed:9a:6e:c2:7d:db:14:25:d0:fd:11:01:00:15:75:1d:31:
         90:10:46:46:03:4d:9a:fc:f8:16:1c:d8:22:6a:03:5c:e5:47:
         0c:a1:0c:56:99:c8:46:40:ed:7d:c1:4b:8c:b4:c5:c3:a5:c1:
         5b:5a:5e:67
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MTgxODExMC8GA1UEBRMoOTJENDU2RTk5QjYwRENFRDE0OEM5M0Q1OTRCNkY0MzEy
NzBBMjRDNDAeFw0yMzA2MTIwOTI3MzdaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODZlNTA5LTA0MmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/65yEka6ykT1cZpAQFCHPtE9BTd/3QI8nKIfLdvbnqc6jTDDXnXgt9xYiblcu
V8Gs4pjg736/IumEpDvGHHqUoZEoVs+bFiEQ1cM2QfAY6MK2KPy87/aXqElL1ne+
4+VWzClEzkLeJp8oM+qmlkEI0WZgF9kkmTGVVZ+fFm75v+NrQT+allPSUhvQ+YBS
LRBjF3By155PIoCsAHqYmJgXtfZdfDsFfOkXoYnmGRyfZluqjuDzMPH5XpVBOt6U
Cjq0UxIACz351vwDVSUx2qUnP5zJF9Z/UHEnGccZ2RRLDGz3JGgPxsayUF999xLB
3ILVwJ+VxsYXwMG8fHhJnO/vAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKZzT8JRN
ORPmdd21hdts11s8goEwHwYDVR0jBBgwFoAUktRW6Ztg3O0UjJPVlLb0MScKJMQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExODE4LzY4RUE3M0VDMDY5
QzExRUU4QzY2NzgxMkM0RjlBRTAyL2t0Ulc2WnRnM08wVWpKUFZsTGIwTVNjS0pN
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva3RSVzZadGczTzBVakpQVmxMYjBNU2NLSk1RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTgxOC82OEVBNzNFQzA2OUMxMUVFOEM2Njc4MTJDNEY5QUUwMi8xNkIwM0U2NDA2
RTExMUVFOEFFQjFENzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA4u0CDANBgkqhkiG9w0BAQsFAAOCAQEAQAy5F78SLeraRufE
iPkD9lDYLVBmcQg3UBVeOjP9o2jcwbvN8ADa/HBzncbnrPWZydgyIVqQXl86y2c8
fUSR6TJBKTFz6SaNOYw7Sk4tx7ukM7mjq6jO1NRdXNdY+AzMqZVC53JYIzQBytUv
OOSWPG9yGB4McLHn+8DuQNrQVNT2+PrzprHtl6xm4IDDLjAkBq5UYasPjgLi8bX5
jvV4kkV/mLcOu97oMhjBF74AA2E13+qPweRhdqh1FnImXOO6Zg9mj3/Gp+2absJ9
2xQl0P0RAQAVdR0xkBBGRgNNmvz4FhzYImoDXOVHDKEMVpnIRkDtfcFLjLTFw6XB
W1peZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org