Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
File:                     A67C8F044C9611ECAEA16870C4F9AE02.roa (raw, json)
Hash identifier:          gkKiXfFDjeMjGMKxzmBtVm8RqCO58PTIlovfBAz32qk=
Subject key identifier:   CF:3C:A5:86:19:C1:34:D4:60:90:22:D2:D3:4F:D0:60:BD:9B:B0:21
Certificate issuer:       /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial:       B1
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
Signing time:             Wed 22 Dec 2021 03:42:10 +0000
ROA not before:           Wed 22 Dec 2021 03:42:10 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        202.43.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177 (0xb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
        Validity
            Not Before: Dec 22 03:42:10 2021 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=61c29e91-45fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:37:d9:2c:c7:b4:c0:28:16:77:a8:6d:25:af:
                    a3:20:f3:0a:53:b0:3b:fa:f4:02:b6:88:06:5f:ff:
                    68:8f:1c:d9:67:a3:bf:75:0b:0d:e0:03:2f:11:f1:
                    23:61:02:f4:5c:6d:8a:44:5f:a7:1f:cf:2b:a2:a6:
                    dd:98:41:d0:84:6d:12:f7:8e:b8:cf:e0:d0:57:0d:
                    44:e3:fa:91:a5:0e:d6:4c:59:04:c2:7c:e9:cf:12:
                    5a:07:6e:ad:61:a7:f4:64:65:4d:2b:c1:5a:2a:78:
                    a7:a4:38:ea:c7:eb:d7:37:33:c7:02:21:5e:d1:94:
                    8c:e1:90:f2:b5:20:0d:d5:8a:6f:22:c8:08:a5:94:
                    ba:e7:84:36:b0:3d:71:5d:af:00:77:ad:84:dc:5b:
                    21:47:2d:bb:79:e9:e0:dc:08:a8:2a:46:1c:29:1d:
                    63:a0:5b:18:b5:c5:49:b5:60:fd:b6:7b:19:aa:ef:
                    64:95:05:30:6c:63:fe:8e:8d:63:ee:86:76:08:ca:
                    c9:3f:40:fd:e7:a0:96:7d:1c:4c:1d:2d:1b:dc:d9:
                    b2:be:3c:ab:00:51:fc:57:92:a7:d3:cc:95:11:1f:
                    9f:34:62:80:dd:bb:54:17:e7:d8:34:0d:f0:e6:82:
                    1c:01:5f:5b:0c:b1:6f:09:46:1c:5e:c7:1c:a2:3e:
                    ab:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:3C:A5:86:19:C1:34:D4:60:90:22:D2:D3:4F:D0:60:BD:9B:B0:21
            X509v3 Authority Key Identifier:
                keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.43.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:e1:29:fd:61:57:56:cb:20:21:43:43:66:6a:8f:83:73:ed:
         63:bf:92:51:19:bf:f4:aa:ce:77:8b:e1:a2:73:f3:9e:00:fe:
         f1:fd:ca:c7:9c:fe:8d:8e:a0:48:5b:70:90:77:b4:8f:da:33:
         54:c4:96:92:d7:08:aa:0a:b6:b5:26:6b:b0:a1:39:1f:ae:2e:
         bd:bc:cb:bd:e6:43:16:d3:92:7c:b5:41:0c:5b:84:89:4e:00:
         9b:fd:94:74:26:50:94:a6:b4:e3:d6:22:36:28:20:dd:6f:f2:
         c8:17:34:b0:e9:45:ce:40:22:ce:0b:a1:81:8a:ee:91:c9:50:
         5c:c7:68:a9:45:52:87:9c:25:02:88:4c:35:1e:63:51:87:99:
         91:f5:cd:ce:36:bd:60:1e:63:b5:f9:59:c4:22:78:0b:9d:8b:
         db:21:dc:dd:1c:9a:69:c3:aa:d9:b0:e6:53:b3:7d:82:27:74:
         d9:27:46:83:3c:49:9e:88:74:69:b9:76:ca:31:6b:9f:bd:af:
         48:e2:fa:49:34:01:69:7e:5d:14:4b:1f:80:ef:e3:a0:9e:67:
         d6:87:c8:d4:fd:46:e8:9f:f4:b0:6b:48:0f:9b:6e:f6:fc:f3:
         f2:56:71:c0:14:66:75:9b:5d:ea:21:b5:0f:b1:3b:01:ba:b7:
         da:6c:bf:67
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjExMjIyMDM0MjEwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWMyOWU5MS00NWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6jfZLMe0wCgWd6htJa+jIPMKU7A7+vQCtogGX/9ojxzZZ6O/dQsN4AMvEfEj
YQL0XG2KRF+nH88roqbdmEHQhG0S9464z+DQVw1E4/qRpQ7WTFkEwnzpzxJaB26t
Yaf0ZGVNK8FaKninpDjqx+vXNzPHAiFe0ZSM4ZDytSAN1YpvIsgIpZS654Q2sD1x
Xa8Ad62E3FshRy27eeng3AioKkYcKR1joFsYtcVJtWD9tnsZqu9klQUwbGP+jo1j
7oZ2CMrJP0D956CWfRxMHS0b3NmyvjyrAFH8V5Kn08yVER+fNGKA3btUF+fYNA3w
5oIcAV9bDLFvCUYcXsccoj6rYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM88pYYZ
wTTUYJAi0tNP0GC9m7AhMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQTY3QzhGMDQ0
Qzk2MTFFQ0FFQTE2ODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwQwDQYJKoZIhvcNAQELBQADggEBACThKf1hV1bLICFD
Q2Zqj4Nz7WO/klEZv/SqzneL4aJz854A/vH9ysec/o2OoEhbcJB3tI/aM1TElpLX
CKoKtrUma7ChOR+uLr28y73mQxbTkny1QQxbhIlOAJv9lHQmUJSmtOPWIjYoIN1v
8sgXNLDpRc5AIs4LoYGK7pHJUFzHaKlFUoecJQKITDUeY1GHmZH1zc42vWAeY7X5
WcQieAudi9sh3N0cmmnDqtmw5lOzfYIndNknRoM8SZ6IdGm5dsoxa5+9r0ji+kk0
AWl+XRRLH4Dv46CeZ9aHyNT9Ruif9LBrSA+bbvb88/JWccAUZnWbXeohtQ+xOwG6
t9psv2c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org