Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/5C7AD114067611EDA1DEB529C4F9AE02.roa
File:                     5C7AD114067611EDA1DEB529C4F9AE02.roa (raw, json)
Hash identifier:          +Ltp878rDnokblZdQvqddVKw3sub8c1rLeKEQERYzrc=
Subject key identifier:   6D:E3:B5:71:FC:7E:0B:46:FA:31:22:D3:DE:FC:10:7A:B6:B7:59:9A
Certificate issuer:       /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918
Certificate serial:       0632
Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/5C7AD114067611EDA1DEB529C4F9AE02.roa
Signing time:             Mon 18 Jul 2022 09:29:48 +0000
ROA not before:           Mon 18 Jul 2022 09:29:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59239
IP address blocks:        114.129.12.0/22 maxlen: 22
                          114.129.12.0/23 maxlen: 23
                          114.129.12.0/24 maxlen: 24
                          114.129.13.0/24 maxlen: 24
                          114.129.14.0/23 maxlen: 23
                          114.129.14.0/24 maxlen: 24
                          114.129.15.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1586 (0x632)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918
        Validity
            Not Before: Jul 18 09:29:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62d5280c-8f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:bf:84:d6:f3:ba:f5:d1:72:5b:24:07:97:81:
                    6e:cb:d1:a2:4c:db:1a:19:9c:86:6d:0b:8a:c7:2c:
                    69:cc:e9:5b:c0:2e:5b:89:89:74:00:e9:b4:46:21:
                    48:77:7d:7a:4f:93:a0:90:5e:e9:76:48:55:6b:c4:
                    af:ae:9b:a3:ae:e1:7b:8d:b4:b2:48:ff:df:a0:c7:
                    31:70:9b:85:39:c5:32:06:c5:aa:f9:4f:96:03:d7:
                    d0:53:62:b5:18:7d:15:3f:7a:60:03:18:48:6d:2f:
                    a5:da:bd:ea:9d:4f:f1:eb:30:a3:7c:52:be:10:07:
                    81:0c:61:27:dd:d6:8d:48:d8:ab:28:a2:e7:b0:1b:
                    3c:c6:77:06:ec:43:4d:e8:ca:8a:9e:d5:52:cc:05:
                    c2:cb:87:98:c1:3b:b9:e9:ff:73:c2:da:a5:11:d1:
                    f9:31:6d:1d:93:03:16:60:29:28:58:7e:f9:fa:cd:
                    2c:20:64:91:38:14:a0:2a:7b:18:37:cd:27:ed:3b:
                    ea:78:9e:b4:4a:42:11:52:d0:4d:41:e2:08:31:d8:
                    19:35:85:69:c1:ab:5a:8f:42:f4:72:0f:4b:ef:c2:
                    66:d6:51:32:f9:58:ca:d3:fd:9a:18:50:1f:47:2d:
                    ce:89:23:a9:58:77:41:60:54:32:d6:02:53:94:78:
                    9c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:E3:B5:71:FC:7E:0B:46:FA:31:22:D3:DE:FC:10:7A:B6:B7:59:9A
            X509v3 Authority Key Identifier:
                keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/5C7AD114067611EDA1DEB529C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.129.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:47:fd:73:94:0d:6b:d1:ef:a5:07:c2:66:ee:fc:f2:49:15:
         de:e7:5b:87:5b:f4:6b:4e:58:2e:db:49:c7:aa:d7:80:6a:ef:
         b0:8a:dd:97:62:75:d4:ab:6e:95:8f:f6:1c:44:26:28:34:0d:
         bb:d3:0f:b8:b4:eb:3c:eb:e6:6a:24:93:63:19:29:7b:18:f9:
         70:a0:84:f2:12:b6:9b:58:96:c7:67:37:01:37:1b:3d:6f:9b:
         a8:8d:56:d4:e0:d3:38:df:ec:ee:3d:9d:84:12:a9:d8:6d:b0:
         94:11:e5:a0:ee:af:fb:60:6d:de:87:d8:b7:fc:4d:e6:58:11:
         0d:8f:9f:1b:10:cb:ec:21:37:22:09:85:45:45:ab:d0:a1:a8:
         1f:85:e9:83:11:69:f6:50:03:45:63:43:14:7b:e4:01:a0:84:
         6e:a4:74:a6:37:bd:48:b7:66:8b:b4:26:08:5f:64:e4:fa:24:
         29:85:2c:8a:e4:25:cd:89:cf:e2:36:8b:81:66:c4:ec:40:4e:
         e2:ce:91:9d:15:d3:52:5d:94:06:88:f0:55:28:82:27:d1:22:
         26:58:07:4f:c7:ad:04:5d:2c:96:47:ce:38:08:00:0d:2b:48:
         12:19:b7:cb:6a:c4:c0:ab:19:91:35:bb:39:5b:18:fa:34:7f:
         3d:a3:17:4e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC
RTE2OTA5MTgwHhcNMjIwNzE4MDkyOTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ1MjgwYy04ZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwb+E1vO69dFyWyQHl4Fuy9GiTNsaGZyGbQuKxyxpzOlbwC5biYl0AOm0RiFI
d316T5OgkF7pdkhVa8SvrpujruF7jbSySP/foMcxcJuFOcUyBsWq+U+WA9fQU2K1
GH0VP3pgAxhIbS+l2r3qnU/x6zCjfFK+EAeBDGEn3daNSNirKKLnsBs8xncG7ENN
6MqKntVSzAXCy4eYwTu56f9zwtqlEdH5MW0dkwMWYCkoWH75+s0sIGSROBSgKnsY
N80n7TvqeJ60SkIRUtBNQeIIMdgZNYVpwataj0L0cg9L78Jm1lEy+VjK0/2aGFAf
Ry3OiSOpWHdBYFQy1gJTlHicAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFG3jtXH8
fgtG+jEi0978EHq2t1maMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5
NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvNUM3QUQxMTQw
Njc2MTFFREExREVCNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJygQwwDQYJKoZIhvcNAQELBQADggEBABBH/XOUDWvR76UH
wmbu/PJJFd7nW4db9GtOWC7bSceq14Bq77CK3ZdiddSrbpWP9hxEJig0DbvTD7i0
6zzr5mokk2MZKXsY+XCghPIStptYlsdnNwE3Gz1vm6iNVtTg0zjf7O49nYQSqdht
sJQR5aDur/tgbd6H2Lf8TeZYEQ2PnxsQy+whNyIJhUVFq9ChqB+F6YMRafZQA0Vj
QxR75AGghG6kdKY3vUi3Zou0JghfZOT6JCmFLIrkJc2Jz+I2i4FmxOxATuLOkZ0V
01JdlAaI8FUogifRIiZYB0/HrQRdLJZHzjgIAA0rSBIZt8tqxMCrGZE1uzlbGPo0
fz2jF04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org