Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4A6CEA56E4E311ED90315A7AC4F9AE02.roa
File:                     4A6CEA56E4E311ED90315A7AC4F9AE02.roa (raw, json)
Hash identifier:          ef9y/IKqFFLura0yPKK7l/6t8avpxe5DrrdWQsuab/c=
Subject key identifier:   7E:63:BF:75:22:72:0D:DD:43:84:67:91:B1:EF:64:45:E9:04:CB:9D
Certificate issuer:       /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial:       5C
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4A6CEA56E4E311ED90315A7AC4F9AE02.roa
Signing time:             Thu 27 Apr 2023 10:07:18 +0000
ROA not before:           Thu 27 Apr 2023 10:07:18 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     136557
IP address blocks:        43.225.80.0/22 maxlen: 22
                          150.107.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92 (0x5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
        Validity
            Not Before: Apr 27 10:07:18 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=644a4955-cb75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:81:bb:9e:14:cf:db:35:b2:50:aa:cb:6b:a0:
                    25:a8:c1:79:ce:dc:d5:a8:82:88:65:43:e0:c7:cf:
                    f5:61:74:a1:d9:27:74:e3:e7:96:16:4f:dc:34:4c:
                    a9:a5:17:76:72:23:ea:b4:93:ac:ca:88:16:b6:19:
                    8e:1a:32:da:67:b3:ca:17:18:1f:84:db:78:87:82:
                    89:07:99:42:dd:be:8b:f8:da:d6:9d:7f:ce:01:39:
                    5d:cc:8a:c0:9e:04:5f:3f:6b:1b:70:5f:2c:97:89:
                    91:a3:83:0a:0a:b3:31:90:00:be:dd:0b:11:f3:70:
                    f9:a0:7d:b0:e5:4f:bf:f3:f4:e1:53:6c:26:2f:7a:
                    af:e2:6c:a8:ad:1f:aa:f2:44:c1:ad:e4:a4:72:1b:
                    ce:4d:79:61:bf:19:af:64:68:8d:aa:32:2d:20:6f:
                    8a:8f:9d:ba:de:42:2e:a1:e6:65:11:96:0c:26:53:
                    51:9d:56:d1:4d:ba:d9:3c:75:38:39:e7:44:94:6d:
                    9c:45:0f:47:a8:ab:d6:2e:75:6e:27:8d:a7:ec:74:
                    64:b3:ba:2e:4d:f6:61:f1:52:95:15:04:4b:0b:66:
                    fe:2a:57:ec:2f:50:29:74:9f:b5:30:41:35:14:82:
                    81:29:77:20:7b:70:1c:0f:7f:ba:a9:7d:c4:c7:5a:
                    7e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:63:BF:75:22:72:0D:DD:43:84:67:91:B1:EF:64:45:E9:04:CB:9D
            X509v3 Authority Key Identifier:
                keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4A6CEA56E4E311ED90315A7AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.225.80.0/22
                  150.107.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:cd:8c:ec:77:73:b7:3a:91:2e:69:c4:6e:bd:c7:63:72:a7:
         17:c4:7a:e6:ef:df:0b:c9:16:13:37:88:39:18:79:09:cf:51:
         2a:db:36:a2:7e:6e:bc:d4:9f:73:0d:b9:36:06:8c:04:d9:ac:
         31:3d:b4:17:1a:b6:36:28:48:1f:4b:74:03:ef:c6:67:47:22:
         6a:18:21:10:2a:79:a0:c3:d2:43:c7:2d:1d:cd:01:67:f6:3f:
         02:d5:5b:5d:3b:f9:b7:08:55:6a:6d:c2:2d:01:6f:52:71:7a:
         78:4f:a9:5f:7a:0a:42:68:bf:2d:14:80:c6:77:d5:52:61:5a:
         1e:20:ee:20:5c:a6:77:36:60:86:14:7b:76:90:96:11:0a:cf:
         3d:70:10:cf:71:79:75:dd:f5:d6:bb:4c:e9:fb:a1:8d:67:94:
         88:d5:59:6b:73:04:63:08:71:8c:57:ff:67:2f:ce:2e:4a:9b:
         a3:48:a8:00:41:21:de:2b:02:b9:22:8f:81:85:c0:79:14:14:
         f2:f6:de:58:49:fc:bd:0f:df:fe:e6:36:c4:b9:15:cc:2b:13:
         3d:f2:09:29:c3:c6:45:56:f0:37:3e:0a:db:88:ad:4c:c1:db:
         b4:af:81:37:84:6b:bf:32:64:4f:6c:cc:6c:c2:92:79:63:86:
         64:c9:fe:f4
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NjU4NzExMC8GA1UEBRMoMkQ2MzQwNzdDQzg0N0I1OUQ0MDQ4RDQzRTA0QjMzMDk2
OThGRTYzODAeFw0yMzA0MjcxMDA3MThaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NGE0OTU1LWNiNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvgbueFM/bNbJQqstroCWowXnO3NWogohlQ+DHz/VhdKHZJ3Tj55YWT9w0TKml
F3ZyI+q0k6zKiBa2GY4aMtpns8oXGB+E23iHgokHmULdvov42tadf84BOV3MisCe
BF8/axtwXyyXiZGjgwoKszGQAL7dCxHzcPmgfbDlT7/z9OFTbCYveq/ibKitH6ry
RMGt5KRyG85NeWG/Ga9kaI2qMi0gb4qPnbreQi6h5mURlgwmU1GdVtFNutk8dTg5
50SUbZxFD0eoq9YudW4njafsdGSzui5N9mHxUpUVBEsLZv4qV+wvUCl0n7UwQTUU
goEpdyB7cBwPf7qpfcTHWn4XAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUfmO/dSJy
Dd1DhGeRse9kRekEy50wHwYDVR0jBBgwFoAULWNAd8yEe1nUBI1D4EszCWmP5jgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2NTg3LzQxN0Q3MUI0OTE4
NjExRURBODRBMTI0REM0RjlBRTAyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVq
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTFdOQWQ4eUVlMW5VQkkxRDRFc3pDV21QNWpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjU4Ny80MTdENzFCNDkxODYxMUVEQTg0QTEyNERDNEY5QUUwMi80QTZDRUE1NkU0
RTMxMUVEOTAzMTVBN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivhUAMEAJZr4jANBgkqhkiG9w0BAQsFAAOCAQEAPM2M7Hdz
tzqRLmnEbr3HY3KnF8R65u/fC8kWEzeIORh5Cc9RKts2on5uvNSfcw25NgaMBNms
MT20Fxq2NihIH0t0A+/GZ0ciahghECp5oMPSQ8ctHc0BZ/Y/AtVbXTv5twhVam3C
LQFvUnF6eE+pX3oKQmi/LRSAxnfVUmFaHiDuIFymdzZghhR7dpCWEQrPPXAQz3F5
dd311rtM6fuhjWeUiNVZa3MEYwhxjFf/Zy/OLkqbo0ioAEEh3isCuSKPgYXAeRQU
8vbeWEn8vQ/f/uY2xLkVzCsTPfIJKcPGRVbwNz4K24itTMHbtK+BN4RrvzJkT2zM
bMKSeWOGZMn+9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org