Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/4F20F7CEA04911EDB6A36234C4F9AE02.roa
File:                     4F20F7CEA04911EDB6A36234C4F9AE02.roa (raw, json)
Hash identifier:          SMSwnZZeEk4eFSfKjcE5YXvJo7yvtrZEtRRxcrJuKa4=
Subject key identifier:   5F:AB:4E:0F:8B:7D:37:21:F8:BD:B9:F7:7E:F2:22:DE:CF:A4:55:C8
Certificate issuer:       /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Certificate serial:       01B6
Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/4F20F7CEA04911EDB6A36234C4F9AE02.roa
Signing time:             Mon 30 Jan 2023 02:53:44 +0000
ROA not before:           Mon 30 Jan 2023 02:53:44 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     17551
IP address blocks:        125.254.112.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 438 (0x1b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
        Validity
            Not Before: Jan 30 02:53:44 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=63d73138-4b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f8:ab:a2:e9:ed:2c:bb:27:ba:f5:a2:ff:66:
                    4b:3f:38:7d:7e:88:07:4a:d0:26:2e:08:45:bd:e9:
                    74:0e:51:78:be:83:af:91:03:90:65:11:5e:73:69:
                    0d:e8:5f:72:e6:fd:cc:2b:c0:db:bf:61:68:23:5f:
                    89:f8:15:a8:8e:79:36:9f:4e:58:5a:dc:e0:fe:da:
                    52:b7:f4:c8:59:a0:8d:ef:c8:57:a2:b0:62:1f:3d:
                    2e:05:74:76:40:0f:f3:25:a9:6f:15:54:9e:57:a0:
                    38:ac:7f:4d:21:68:62:36:3d:23:03:d4:1d:63:fa:
                    c5:02:1d:a9:3f:eb:ca:ef:63:8b:97:9b:15:dc:3b:
                    7f:df:b6:31:75:8f:ca:49:e9:82:e8:1d:79:f3:6e:
                    af:61:64:b4:c4:5e:3a:97:43:bb:11:eb:52:9c:0b:
                    70:77:e4:c2:b4:75:80:ff:24:79:a5:37:68:99:4f:
                    01:3d:37:f6:ef:25:5d:1c:6e:9a:68:da:65:1b:15:
                    0f:89:f8:d2:0f:6c:84:c8:17:92:27:2d:98:1c:65:
                    62:fc:16:16:28:06:f0:3b:ec:16:09:6f:b4:b4:85:
                    b0:4b:76:5d:cd:8e:6c:1e:6d:cd:ce:dd:92:e6:6b:
                    3c:3b:fb:80:65:5c:5c:5f:35:01:61:e7:c1:3d:02:
                    5c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:AB:4E:0F:8B:7D:37:21:F8:BD:B9:F7:7E:F2:22:DE:CF:A4:55:C8
            X509v3 Authority Key Identifier:
                keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/4F20F7CEA04911EDB6A36234C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.254.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:00:1d:e4:09:48:43:70:12:23:c4:55:ec:02:e0:72:79:9b:
         09:41:28:c3:d1:c1:c4:c8:2e:c8:76:33:a3:aa:f3:ca:77:a1:
         0e:38:ed:2b:13:ab:a9:bf:3b:30:c2:84:5d:48:b7:ce:5c:dd:
         06:af:f9:8a:39:c1:f8:6a:27:08:61:f8:9d:b8:21:36:7a:b0:
         62:e5:ea:23:41:8c:c4:30:96:24:35:05:e7:a1:fb:40:c3:0d:
         30:61:e8:7f:09:1e:f8:24:3b:dd:7e:5a:94:87:a2:74:71:24:
         21:37:b1:5a:56:c0:98:2d:2c:05:0a:95:1a:85:b2:5c:c4:7d:
         ca:b3:06:e0:6f:3a:98:fd:7e:95:fe:7e:de:a8:b0:31:3d:6b:
         6a:9d:50:34:59:94:b5:f2:31:cd:65:f2:9b:84:38:12:be:e4:
         c6:d0:53:17:cb:e0:f6:4f:fc:0d:2c:fa:de:7f:db:9b:5c:e4:
         7a:a7:5e:e6:26:db:f3:be:b1:d9:5c:c7:f1:da:4a:60:3f:17:
         c8:97:57:89:54:cb:33:05:62:22:34:5a:cf:54:c8:cf:69:24:
         26:5f:e7:36:9f:73:5e:f2:e6:72:bc:b8:2c:3b:a7:31:67:75:
         0e:6a:82:00:18:cc:2d:93:fd:f3:d7:78:dd:8b:23:d3:eb:3f:
         05:6c:5c:50
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz
MjA5ODYwMDIwHhcNMjMwMTMwMDI1MzQ0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q3MzEzOC00YjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2firountLLsnuvWi/2ZLPzh9fogHStAmLghFvel0DlF4voOvkQOQZRFec2kN
6F9y5v3MK8Dbv2FoI1+J+BWojnk2n05YWtzg/tpSt/TIWaCN78hXorBiHz0uBXR2
QA/zJalvFVSeV6A4rH9NIWhiNj0jA9QdY/rFAh2pP+vK72OLl5sV3Dt/37YxdY/K
SemC6B15826vYWS0xF46l0O7EetSnAtwd+TCtHWA/yR5pTdomU8BPTf27yVdHG6a
aNplGxUPifjSD2yEyBeSJy2YHGVi/BYWKAbwO+wWCW+0tIWwS3ZdzY5sHm3Nzt2S
5ms8O/uAZVxcXzUBYefBPQJc4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFF+rTg+L
fTch+L25937yIt7PpFXIMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5
NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvNEYyMEY3Q0VB
MDQ5MTFFREI2QTM2MjM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ9/nAwDQYJKoZIhvcNAQELBQADggEBAA4AHeQJSENwEiPE
VewC4HJ5mwlBKMPRwcTILsh2M6Oq88p3oQ447SsTq6m/OzDChF1It85c3Qav+Yo5
wfhqJwhh+J24ITZ6sGLl6iNBjMQwliQ1Beeh+0DDDTBh6H8JHvgkO91+WpSHonRx
JCE3sVpWwJgtLAUKlRqFslzEfcqzBuBvOpj9fpX+ft6osDE9a2qdUDRZlLXyMc1l
8puEOBK+5MbQUxfL4PZP/A0s+t5/25tc5HqnXuYm2/O+sdlcx/HaSmA/F8iXV4lU
yzMFYiI0Ws9UyM9pJCZf5zafc17y5nK8uCw7pzFndQ5qggAYzC2T/fPXeN2LI9Pr
PwVsXFA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org