Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/3D13F0FCAA0311EA91C05109C4F9AE02.roa
File:                     3D13F0FCAA0311EA91C05109C4F9AE02.roa (raw, json)
Hash identifier:          rP71gmDuW5nORfYdBeebPUUN2djv1/zKcOLoDWYyZzc=
Subject key identifier:   33:2A:F7:FB:FD:7D:09:C0:A3:EF:91:C7:87:40:E8:AE:2B:6C:2F:EB
Certificate issuer:       /CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826
Certificate serial:       11AB
Authority key identifier: A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/3D13F0FCAA0311EA91C05109C4F9AE02.roa
Signing time:             Thu 02 Feb 2023 18:24:45 +0000
ROA not before:           Thu 02 Feb 2023 18:24:45 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     10204
IP address blocks:        146.88.196.0/22 maxlen: 22
                          146.88.196.0/24 maxlen: 24
                          146.88.197.0/24 maxlen: 24
                          146.88.198.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4523 (0x11ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826
        Validity
            Not Before: Feb  2 18:24:45 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63dbffed-f5df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:54:c3:d3:e0:ab:16:55:02:44:0f:49:f2:1b:
                    bc:e2:f0:7d:28:a0:d1:71:ec:13:b8:ba:3a:5c:25:
                    39:bb:c6:e1:0e:49:7c:a2:02:96:d9:82:b9:78:9e:
                    ce:d2:bc:67:5b:2f:00:27:a0:4a:32:f0:a5:a4:b9:
                    ff:3d:62:91:d9:82:4b:e7:49:5b:d2:39:9b:37:09:
                    19:2b:e6:8b:e8:db:39:05:e5:36:92:75:6b:f9:3a:
                    fa:73:3c:29:16:9a:65:e7:3c:7c:81:94:81:f8:7f:
                    e9:a1:0a:04:7d:8d:5e:18:81:df:54:a7:98:d9:5d:
                    94:ea:0d:ec:d3:0f:f2:d4:23:c3:5f:38:7f:25:d5:
                    97:80:e4:c6:bf:d0:93:7f:cb:bf:c1:51:eb:e4:69:
                    41:42:fc:bd:4b:83:f0:7d:4c:2a:bf:a9:95:c2:85:
                    46:0b:06:6c:44:0b:e5:50:a9:04:24:21:31:64:9b:
                    57:dc:a6:18:0d:ae:a9:15:15:dd:03:41:81:7b:78:
                    08:bb:bc:e3:77:ee:06:05:cd:43:5b:2a:0b:57:d1:
                    48:ff:c0:87:64:5f:7c:97:c5:95:b9:8f:6c:36:09:
                    8f:a6:43:c6:66:b0:fd:d1:04:ff:c5:5a:1a:f9:65:
                    85:91:49:55:cb:63:34:3e:dc:67:6c:84:41:b5:8c:
                    e1:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:2A:F7:FB:FD:7D:09:C0:A3:EF:91:C7:87:40:E8:AE:2B:6C:2F:EB
            X509v3 Authority Key Identifier:
                keyid:A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/3D13F0FCAA0311EA91C05109C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.88.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:83:42:55:8d:a0:4c:51:1b:c8:c5:c6:70:c4:e6:90:ca:8a:
         f5:45:96:83:1a:41:c0:6d:c5:31:db:88:c9:98:c0:e8:e1:48:
         e6:87:78:e3:b3:5b:70:e8:58:86:5d:18:b0:70:ab:17:d4:ac:
         19:12:17:9e:93:8c:80:88:f0:9a:63:48:34:cb:fa:34:b6:f4:
         8b:86:2b:b2:3a:af:87:ed:93:70:f3:0d:c6:85:bc:20:ad:62:
         2c:d5:ae:b5:bb:fa:73:8d:b3:01:a8:e7:bd:25:d9:aa:c9:96:
         33:38:9a:35:48:5e:8a:da:e6:45:7f:d3:3e:53:32:c0:23:50:
         5c:f4:4a:3d:1a:2d:ec:5c:8a:74:b6:25:2c:28:80:e5:5b:a7:
         59:45:5c:d6:bf:f6:b0:c5:91:ae:8b:0d:91:b7:52:33:8c:a4:
         67:58:14:0b:7c:61:f7:05:81:06:78:22:21:70:b1:3d:bc:8e:
         ee:71:43:c9:11:ad:02:0b:66:aa:6d:68:d2:55:d0:e4:02:3c:
         4c:20:8b:d9:76:7c:af:fb:4d:9f:95:54:da:44:b0:ba:89:0f:
         33:ef:ef:34:1e:50:cd:a1:90:9d:b0:ab:c6:4e:7e:5a:7d:93:
         37:d8:90:7d:38:5a:12:ef:df:96:44:b2:c8:c8:60:ec:e3:cb:
         65:01:0f:ae
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFEQjgxMTAvBgNVBAUTKEExMTFFODFDNEIzRTI3QkRBNkUyNzEyNDk3RjZEQkJB
MENGQjA4MjYwHhcNMjMwMjAyMTgyNDQ1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RiZmZlZC1mNWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqFTD0+CrFlUCRA9J8hu84vB9KKDRcewTuLo6XCU5u8bhDkl8ogKW2YK5eJ7O
0rxnWy8AJ6BKMvClpLn/PWKR2YJL50lb0jmbNwkZK+aL6Ns5BeU2knVr+Tr6czwp
Fppl5zx8gZSB+H/poQoEfY1eGIHfVKeY2V2U6g3s0w/y1CPDXzh/JdWXgOTGv9CT
f8u/wVHr5GlBQvy9S4PwfUwqv6mVwoVGCwZsRAvlUKkEJCExZJtX3KYYDa6pFRXd
A0GBe3gIu7zjd+4GBc1DWyoLV9FI/8CHZF98l8WVuY9sNgmPpkPGZrD90QT/xVoa
+WWFkUlVy2M0PtxnbIRBtYzhbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDMq9/v9
fQnAo++Rx4dA6K4rbC/rMB8GA1UdIwQYMBaAFKER6BxLPie9puJxJJf227oM+wgm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8wRDk5MzFCQUEx
MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3Mm00bkVrbF9iYnVnejdD
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL29SSG9IRXMtSjcybTRuRWtsX2JidWd6N0NDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFEQjgvMEQ5OTMxQkFBMTFFMTFFODlFNjM2NzEwQzRGOUFFMDIvM0QxM0YwRkNB
QTAzMTFFQTkxQzA1MTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKSWMQwDQYJKoZIhvcNAQELBQADggEBADWDQlWNoExRG8jF
xnDE5pDKivVFloMaQcBtxTHbiMmYwOjhSOaHeOOzW3DoWIZdGLBwqxfUrBkSF56T
jICI8JpjSDTL+jS29IuGK7I6r4ftk3DzDcaFvCCtYizVrrW7+nONswGo570l2arJ
ljM4mjVIXora5kV/0z5TMsAjUFz0Sj0aLexcinS2JSwogOVbp1lFXNa/9rDFka6L
DZG3UjOMpGdYFAt8YfcFgQZ4IiFwsT28ju5xQ8kRrQILZqptaNJV0OQCPEwgi9l2
fK/7TZ+VVNpEsLqJDzPv7zQeUM2hkJ2wq8ZOflp9kzfYkH04WhLv35ZEssjIYOzj
y2UBD64=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org