Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C74/44CC971E4E1F11EDB3E6CC2FC4F9AE02/4FD2D8F256A911EDA6AAB044C4F9AE02.roa
File:                     4FD2D8F256A911EDA6AAB044C4F9AE02.roa (raw, json)
Hash identifier:          QlxM6Sn+cd3i0zzyOQUp0epzlJh5IV1lrJC/XSOIgws=
Subject key identifier:   9F:71:19:B6:75:02:7A:42:B0:E9:7A:28:26:44:E0:78:0E:FF:63:67
Certificate issuer:       /CN=A91B9C74/serialNumber=0013792078D11B2F94030D7C3BEEF50132A26D40
Certificate serial:       09
Authority key identifier: 00:13:79:20:78:D1:1B:2F:94:03:0D:7C:3B:EE:F5:01:32:A2:6D:40
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ABN5IHjRGy-UAw18O-71ATKibUA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9C74/44CC971E4E1F11EDB3E6CC2FC4F9AE02/4FD2D8F256A911EDA6AAB044C4F9AE02.roa
Signing time:             Fri 28 Oct 2022 10:14:31 +0000
ROA not before:           Fri 28 Oct 2022 10:14:31 +0000
ROA not after:            Sat 30 Dec 2023 00:00:00 +0000
asID:                     65567
IP address blocks:        2001:df1:5cc0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9C74/serialNumber=0013792078D11B2F94030D7C3BEEF50132A26D40
        Validity
            Not Before: Oct 28 10:14:31 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=635bab87-72e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6d:1d:cd:46:bb:0b:b2:5c:ce:08:b6:ba:c0:
                    12:6f:58:b6:7d:88:12:ad:c4:8d:f0:4d:45:9d:38:
                    b1:a5:df:ce:aa:c5:20:9c:b2:78:e4:38:69:4f:32:
                    b1:6a:fa:bb:fa:83:c8:4b:3f:79:59:bf:1c:e1:f9:
                    dd:c1:3e:b0:18:22:55:cf:f9:ff:0f:6a:98:9d:4e:
                    0f:8e:42:16:da:41:9d:91:1c:96:4d:74:8d:76:bd:
                    24:d6:54:91:f2:a1:c2:2f:79:97:ab:7d:44:0e:da:
                    c8:8b:cd:91:2b:70:ec:1b:1e:56:d1:fb:df:66:9d:
                    90:40:b4:b3:76:c5:d4:8f:f1:37:1e:ee:89:ec:e6:
                    89:df:a0:fa:55:84:2f:96:7a:a4:ee:4d:79:bb:2e:
                    70:17:c1:7b:cd:e1:27:66:76:88:94:81:15:8c:db:
                    e5:b8:27:48:4c:a6:84:65:35:07:3a:26:7b:6e:c7:
                    51:7f:c4:70:af:f4:92:37:59:ea:cc:ba:f8:6a:60:
                    db:f9:ca:a6:ae:cb:06:1a:c4:7c:2c:cf:69:e0:1f:
                    6c:b9:c9:fb:fa:3d:e9:19:c0:67:34:68:b6:55:f0:
                    c8:11:42:16:41:28:84:b1:13:35:bd:a2:86:20:a7:
                    f0:76:8d:57:eb:f5:f5:34:e2:b9:3e:2d:4d:8d:12:
                    91:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:71:19:B6:75:02:7A:42:B0:E9:7A:28:26:44:E0:78:0E:FF:63:67
            X509v3 Authority Key Identifier:
                keyid:00:13:79:20:78:D1:1B:2F:94:03:0D:7C:3B:EE:F5:01:32:A2:6D:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9C74/44CC971E4E1F11EDB3E6CC2FC4F9AE02/ABN5IHjRGy-UAw18O-71ATKibUA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ABN5IHjRGy-UAw18O-71ATKibUA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C74/44CC971E4E1F11EDB3E6CC2FC4F9AE02/4FD2D8F256A911EDA6AAB044C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df1:5cc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:38:02:02:e3:63:7d:74:8c:d7:56:94:76:55:86:c6:32:4e:
         c8:9f:d7:3c:65:1f:82:c5:b1:a3:4b:cd:db:7c:5e:a4:e5:92:
         8c:5d:a3:9e:9b:60:0e:39:ea:cf:2e:5d:7a:d7:78:63:f8:15:
         a2:b6:1d:4d:56:d8:89:26:eb:4e:cb:7e:8d:a3:b8:8c:65:c6:
         ce:7f:a3:1d:c6:be:d7:ed:c4:f4:3a:dc:6f:eb:1c:01:ae:58:
         b0:1a:2c:91:7c:45:9c:71:9d:2a:05:8c:fb:23:8d:61:30:00:
         38:3a:9d:82:a3:47:91:07:61:db:88:0a:d7:cd:66:22:c8:ab:
         8b:e0:c7:fd:f6:69:af:b6:cd:fa:ed:00:83:31:17:44:5e:7e:
         69:f2:3e:b2:8d:e0:7c:14:60:08:6c:41:3a:b3:3c:eb:fe:4f:
         42:b7:45:13:d2:52:08:b6:8d:b3:88:7d:f9:21:01:14:22:b2:
         28:11:87:4c:2e:c3:15:ee:5f:85:c5:a9:2a:b0:9c:31:d1:0d:
         40:08:60:91:30:13:3f:1e:7c:8d:c8:cb:a3:10:14:97:af:ce:
         68:06:4c:b7:4b:d9:22:0c:73:fa:88:0c:f6:f7:6a:6e:09:94:
         6f:c0:f2:0d:69:39:be:80:d5:d8:dd:f3:0e:d9:43:98:3d:3f:
         aa:97:28:ed
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
OUM3NDExMC8GA1UEBRMoMDAxMzc5MjA3OEQxMUIyRjk0MDMwRDdDM0JFRUY1MDEz
MkEyNkQ0MDAeFw0yMjEwMjgxMDE0MzFaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNWJhYjg3LTcyZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqbR3NRrsLslzOCLa6wBJvWLZ9iBKtxI3wTUWdOLGl386qxSCcsnjkOGlPMrFq
+rv6g8hLP3lZvxzh+d3BPrAYIlXP+f8PapidTg+OQhbaQZ2RHJZNdI12vSTWVJHy
ocIveZerfUQO2siLzZErcOwbHlbR+99mnZBAtLN2xdSP8Tce7ons5onfoPpVhC+W
eqTuTXm7LnAXwXvN4SdmdoiUgRWM2+W4J0hMpoRlNQc6Jntux1F/xHCv9JI3WerM
uvhqYNv5yqauywYaxHwsz2ngH2y5yfv6PekZwGc0aLZV8MgRQhZBKISxEzW9ooYg
p/B2jVfr9fU04rk+LU2NEpGfAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUn3EZtnUC
ekKw6XooJkTgeA7/Y2cwHwYDVR0jBBgwFoAUABN5IHjRGy+UAw18O+71ATKibUAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5Qzc0LzQ0Q0M5NzFFNEUx
RjExRURCM0U2Q0MyRkM0RjlBRTAyL0FCTjVJSGpSR3ktVUF3MThPLTcxQVRLaWJV
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQUJONUlIalJHeS1VQXcxOE8tNzFBVEtpYlVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OUM3NC80NENDOTcxRTRFMUYxMUVEQjNFNkNDMkZDNEY5QUUwMi80RkQyRDhGMjU2
QTkxMUVEQTZBQUIwNDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfFcwDANBgkqhkiG9w0BAQsFAAOCAQEAgDgCAuNjfXSM
11aUdlWGxjJOyJ/XPGUfgsWxo0vN23xepOWSjF2jnptgDjnqzy5detd4Y/gVorYd
TVbYiSbrTst+jaO4jGXGzn+jHca+1+3E9Drcb+scAa5YsBoskXxFnHGdKgWM+yON
YTAAODqdgqNHkQdh24gK181mIsiri+DH/fZpr7bN+u0AgzEXRF5+afI+so3gfBRg
CGxBOrM86/5PQrdFE9JSCLaNs4h9+SEBFCKyKBGHTC7DFe5fhcWpKrCcMdENQAhg
kTATPx58jcjLoxAUl6/OaAZMt0vZIgxz+ogM9vdqbgmUb8DyDWk5voDV2N3zDtlD
mD0/qpco7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org