Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/5AD3E9E477CC11EAB764ED34C4F9AE02.roa
File:                     5AD3E9E477CC11EAB764ED34C4F9AE02.roa (raw, json)
Hash identifier:          Y90fceD2xt99UObX4xOmq7zVO0ipc4hIIh18q6r/zMo=
Subject key identifier:   3D:55:D2:08:3B:B8:98:AE:41:8F:EC:DD:EE:DF:1B:A7:9D:21:18:43
Certificate issuer:       /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial:       0A47
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/5AD3E9E477CC11EAB764ED34C4F9AE02.roa
Signing time:             Mon 24 Jan 2022 07:36:07 +0000
ROA not before:           Mon 24 Jan 2022 07:36:07 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     30103
IP address blocks:        210.57.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2631 (0xa47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
        Validity
            Not Before: Jan 24 07:36:07 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=61ee56e7-70f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e8:90:47:38:4f:13:a3:64:d0:e7:dc:d3:da:
                    5a:0c:37:ad:af:dc:3b:4a:b6:2a:fd:12:15:e5:b9:
                    bf:c0:bc:fc:45:ad:c7:a6:67:a0:cc:d4:7b:02:97:
                    e1:12:63:c9:90:f3:14:23:69:f7:0d:ae:4c:6f:ae:
                    53:ea:40:b5:ea:15:b8:d0:67:8c:e1:30:ec:ca:a6:
                    08:1b:85:2c:28:e0:68:74:3d:96:0b:bf:00:9a:8e:
                    c5:61:3e:7e:2d:f4:68:29:2a:90:d0:45:34:12:7d:
                    36:09:86:50:0e:4f:26:ad:2b:b8:8d:a3:a0:e8:92:
                    7f:10:b3:c5:30:cf:da:c4:62:7b:ce:00:e3:2e:9d:
                    47:a7:82:71:ec:0b:51:b1:e8:52:3d:97:88:d1:b4:
                    7b:c5:3d:78:a3:a2:54:a8:41:86:f5:db:79:ce:b9:
                    ed:ef:ec:d2:54:80:2d:04:d1:f8:7a:d9:4b:49:de:
                    5e:b7:d9:da:98:88:fe:e1:14:f7:99:ff:ab:09:5f:
                    81:94:23:f6:c6:b5:b3:de:db:fa:86:8f:ce:1f:ea:
                    8c:6c:d0:44:0f:13:aa:04:74:85:41:ce:12:84:0b:
                    43:72:78:d3:1a:5e:1e:91:02:7c:9b:2a:94:b6:c8:
                    9c:28:6f:2d:1e:62:db:ec:f6:39:73:82:86:f6:d3:
                    52:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:55:D2:08:3B:B8:98:AE:41:8F:EC:DD:EE:DF:1B:A7:9D:21:18:43
            X509v3 Authority Key Identifier:
                keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/5AD3E9E477CC11EAB764ED34C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.57.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:cd:00:d1:00:7e:53:81:f0:dc:a3:e3:79:33:7c:b6:e0:20:
         95:42:63:0a:90:3a:83:40:60:90:a2:f9:09:fc:78:e1:52:5f:
         0e:f9:1f:b4:69:4c:27:c1:70:1e:2b:c1:bd:b8:a8:eb:3d:d8:
         54:c2:a5:3f:77:0c:ec:fe:c6:0b:67:03:b7:0b:5d:2a:2e:84:
         9f:29:3a:f7:03:55:1e:b4:8c:79:85:ed:2b:b3:71:32:24:25:
         9e:1d:d2:88:d2:e2:db:1e:5d:3c:f3:91:9f:0b:d3:4d:06:37:
         bf:62:54:83:92:c4:e6:55:0b:11:b7:85:fb:c2:85:a6:f0:f4:
         67:03:6f:d6:af:d3:45:8a:02:7d:2b:df:d2:34:7c:b9:b4:19:
         42:da:2d:48:25:91:47:63:23:e6:2b:de:66:2d:7a:65:7a:71:
         61:31:d4:c8:e1:c4:f1:c1:b9:e0:c9:39:0b:b8:dd:2b:82:4e:
         58:2e:12:ae:11:b1:39:ac:aa:72:80:f6:b4:b9:10:56:d2:75:
         93:a5:da:e8:e6:f9:82:29:5e:61:70:c3:f5:88:34:e5:a4:3e:
         06:c3:1c:9b:22:71:48:7c:2f:57:d4:c6:4d:bb:be:2a:68:c7:
         90:c1:b2:2d:57:7a:f3:62:ca:c2:a3:02:de:db:b0:ab:42:52:
         fc:33:32:d9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjIwMTI0MDczNjA3WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWVlNTZlNy03MGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAruiQRzhPE6Nk0Ofc09paDDetr9w7SrYq/RIV5bm/wLz8Ra3HpmegzNR7Apfh
EmPJkPMUI2n3Da5Mb65T6kC16hW40GeM4TDsyqYIG4UsKOBodD2WC78Amo7FYT5+
LfRoKSqQ0EU0En02CYZQDk8mrSu4jaOg6JJ/ELPFMM/axGJ7zgDjLp1Hp4Jx7AtR
sehSPZeI0bR7xT14o6JUqEGG9dt5zrnt7+zSVIAtBNH4etlLSd5et9namIj+4RT3
mf+rCV+BlCP2xrWz3tv6ho/OH+qMbNBEDxOqBHSFQc4ShAtDcnjTGl4ekQJ8myqU
tsicKG8tHmLb7PY5c4KG9tNSJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD1V0gg7
uJiuQY/s3e7fG6edIRhDMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvNUFEM0U5RTQ3
N0NDMTFFQUI3NjRFRDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADSOTcwDQYJKoZIhvcNAQELBQADggEBAHvNANEAflOB8Nyj
43kzfLbgIJVCYwqQOoNAYJCi+Qn8eOFSXw75H7RpTCfBcB4rwb24qOs92FTCpT93
DOz+xgtnA7cLXSouhJ8pOvcDVR60jHmF7SuzcTIkJZ4d0ojS4tseXTzzkZ8L000G
N79iVIOSxOZVCxG3hfvChabw9GcDb9av00WKAn0r39I0fLm0GULaLUglkUdjI+Yr
3mYtemV6cWEx1MjhxPHBueDJOQu43SuCTlguEq4RsTmsqnKA9rS5EFbSdZOl2ujm
+YIpXmFww/WINOWkPgbDHJsicUh8L1fUxk27vipox5DBsi1XevNiysKjAt7bsKtC
UvwzMtk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:28 2024 by rpki-client on console-ams.rpki-client.org