Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/2CC9A7F21CB711EAAA03506DC4F9AE02.roa
File:                     2CC9A7F21CB711EAAA03506DC4F9AE02.roa (raw, json)
Hash identifier:          KaO1m+0C/HyFe5HiP9YqU4FfJ45WtF/6CXNtfzKJlcM=
Subject key identifier:   AE:EF:D7:00:2B:15:D7:D3:13:56:D8:58:D4:8D:D6:6A:B1:7A:B0:4D
Certificate issuer:       /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial:       0CF6
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/2CC9A7F21CB711EAAA03506DC4F9AE02.roa
Signing time:             Wed 08 Feb 2023 19:26:38 +0000
ROA not before:           Wed 08 Feb 2023 19:26:38 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     45932
IP address blocks:        122.152.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3318 (0xcf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
        Validity
            Not Before: Feb  8 19:26:38 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63e3f76e-3de5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9a:01:1e:17:30:50:07:96:ca:99:99:56:6a:
                    53:02:b9:03:72:ba:c1:77:3e:f6:bd:3b:e4:5d:ca:
                    62:5d:03:73:e1:ca:23:a1:cd:ac:c7:05:f8:a6:c2:
                    4b:54:1b:de:12:c7:8f:8f:93:8e:f4:7e:02:e8:d0:
                    f8:94:93:ba:76:73:0e:71:48:51:93:53:e8:8d:77:
                    13:b8:c4:89:71:b7:04:3a:ee:8c:bc:4f:59:02:2a:
                    a4:1d:d9:38:fc:ea:96:7c:f7:c7:87:f7:bd:94:3c:
                    84:73:a3:b0:95:74:c5:0c:86:67:88:91:95:a1:ad:
                    57:2a:e7:8b:38:10:96:bd:7a:ee:80:a8:f8:3f:db:
                    cd:45:81:2e:8f:2e:c9:14:e8:4b:ec:35:0e:f1:c0:
                    06:85:83:f1:5c:62:8c:19:77:90:47:9f:71:f4:a5:
                    a6:68:81:8c:6b:e2:8c:76:86:45:f3:49:0f:6a:30:
                    4f:17:0f:49:d4:ed:b4:cb:a5:cd:e5:69:db:dd:ab:
                    9c:0c:87:45:af:09:f0:eb:60:18:0f:46:c8:c3:58:
                    c6:2c:7c:3e:82:59:27:c8:87:56:b3:00:3c:5d:73:
                    c1:0a:40:f5:1e:40:6b:f7:78:65:80:9a:65:82:0b:
                    6f:52:27:63:f4:af:cf:29:9e:d7:80:24:b6:67:80:
                    ac:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:EF:D7:00:2B:15:D7:D3:13:56:D8:58:D4:8D:D6:6A:B1:7A:B0:4D
            X509v3 Authority Key Identifier:
                keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/2CC9A7F21CB711EAAA03506DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.152.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:7c:5f:cf:e7:b3:c8:4f:cb:7b:43:37:1c:77:f1:d9:b6:e8:
         c7:4c:e1:9d:db:3e:5d:c5:b1:d9:13:84:bb:69:b1:9a:a7:2b:
         f6:5e:7b:52:83:bb:66:18:35:76:16:e3:3b:54:4f:aa:64:6c:
         94:14:87:a9:fd:c7:68:c9:42:c3:23:b2:75:6d:3f:6b:b3:e0:
         dc:c1:74:35:0e:9b:2c:8b:5f:85:46:09:f7:74:10:6b:f1:6b:
         5f:73:b3:87:1a:17:f4:47:b8:93:0f:e9:1e:c8:40:69:6b:2f:
         de:b5:9e:65:b1:c1:c7:8c:ff:89:f1:83:d7:fd:a9:6c:82:f5:
         59:3d:dc:e6:8a:c8:17:53:fb:15:5a:c4:d7:29:99:48:48:0a:
         2f:03:89:7a:9a:b0:09:a8:50:d5:ce:25:4c:3f:b9:36:70:61:
         3d:47:f5:b3:aa:09:5d:7e:1c:8e:76:f0:c9:a3:d4:17:b6:25:
         35:71:73:b1:32:c2:a4:8d:0f:45:6e:15:1f:d2:a6:95:d6:17:
         ba:73:f7:b6:18:a9:6b:03:01:1b:97:2b:37:d9:20:0b:0d:c1:
         81:a4:13:d4:f1:7e:47:c4:1b:dc:31:54:34:72:23:f8:4d:bb:
         be:57:34:17:6c:41:59:59:75:dd:e6:96:5b:45:ed:a4:ba:5a:
         8e:95:67:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjMwMjA4MTkyNjM4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzZjc2ZS0zZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZoBHhcwUAeWypmZVmpTArkDcrrBdz72vTvkXcpiXQNz4cojoc2sxwX4psJL
VBveEsePj5OO9H4C6ND4lJO6dnMOcUhRk1PojXcTuMSJcbcEOu6MvE9ZAiqkHdk4
/OqWfPfHh/e9lDyEc6OwlXTFDIZniJGVoa1XKueLOBCWvXrugKj4P9vNRYEujy7J
FOhL7DUO8cAGhYPxXGKMGXeQR59x9KWmaIGMa+KMdoZF80kPajBPFw9J1O20y6XN
5Wnb3aucDIdFrwnw62AYD0bIw1jGLHw+glknyIdWswA8XXPBCkD1HkBr93hlgJpl
ggtvUidj9K/PKZ7XgCS2Z4CsYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK7v1wAr
FdfTE1bYWNSN1mqxerBNMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMkNDOUE3RjIx
Q0I3MTFFQUFBMDM1MDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB6mK4wDQYJKoZIhvcNAQELBQADggEBAFN8X8/ns8hPy3tD
Nxx38dm26MdM4Z3bPl3FsdkThLtpsZqnK/Zee1KDu2YYNXYW4ztUT6pkbJQUh6n9
x2jJQsMjsnVtP2uz4NzBdDUOmyyLX4VGCfd0EGvxa19zs4caF/RHuJMP6R7IQGlr
L961nmWxwceM/4nxg9f9qWyC9Vk93OaKyBdT+xVaxNcpmUhICi8DiXqasAmoUNXO
JUw/uTZwYT1H9bOqCV1+HI528Mmj1Be2JTVxc7EywqSND0VuFR/SppXWF7pz97YY
qWsDARuXKzfZIAsNwYGkE9TxfkfEG9wxVDRyI/hNu75XNBdsQVlZdd3mlltF7aS6
Wo6VZyo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org