Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/294F32BA308011EDBB256D13C4F9AE02.roa
File:                     294F32BA308011EDBB256D13C4F9AE02.roa (raw, json)
Hash identifier:          xG2XdElbv/l2gj/P8JX+v7mokA1OjkySIRMAJGot14E=
Subject key identifier:   DC:75:AB:95:C7:94:A7:43:87:A2:11:B4:21:BF:FB:F6:88:5E:42:AA
Certificate issuer:       /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial:       02
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/294F32BA308011EDBB256D13C4F9AE02.roa
Signing time:             Fri 09 Sep 2022 20:44:13 +0000
ROA not before:           Fri 09 Sep 2022 20:44:12 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        203.33.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
        Validity
            Not Before: Sep  9 20:44:12 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=631ba59c-0784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:98:32:81:fe:21:ec:d9:7f:f6:49:9c:9f:a8:
                    f1:8d:d8:6b:72:ae:31:bc:e1:e5:17:32:29:36:11:
                    86:69:0b:ed:98:09:e1:36:43:a0:fa:2d:a4:e3:79:
                    ca:9f:b8:bd:ce:f4:3b:b1:8b:64:c3:01:ae:47:04:
                    aa:e5:24:df:f3:c7:f3:af:3a:b9:66:cd:48:e1:cc:
                    a0:25:1f:df:f3:91:7f:c2:61:74:73:ad:c0:3c:9a:
                    46:a6:f9:6d:2e:56:9f:2c:f9:f5:ff:9d:43:c4:f5:
                    05:7f:92:eb:f5:a2:d7:fe:b7:14:7c:ac:e1:09:ab:
                    2f:bb:07:81:1d:b4:f1:18:82:f5:3d:5f:91:74:57:
                    da:1f:3c:42:93:cd:8b:e2:58:9e:3f:53:17:e1:9b:
                    ef:49:5e:6c:27:90:fd:6d:7c:7d:c5:8a:8a:cf:4c:
                    cd:f4:21:88:9e:db:94:bf:30:74:23:4b:47:1f:2d:
                    eb:72:94:eb:66:95:0a:93:78:04:74:fb:0f:84:a6:
                    2e:5b:d4:07:9a:38:41:58:ab:c5:e4:5c:f4:bf:98:
                    1e:36:33:17:32:cd:11:79:4f:eb:1c:a9:25:63:b2:
                    2e:77:dd:d0:d2:44:76:27:ee:2c:6b:e6:5e:ad:a9:
                    99:16:c8:60:2e:a7:88:18:d0:da:61:4d:3e:ee:d2:
                    0a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:75:AB:95:C7:94:A7:43:87:A2:11:B4:21:BF:FB:F6:88:5E:42:AA
            X509v3 Authority Key Identifier:
                keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/294F32BA308011EDBB256D13C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.33.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:6d:a1:c0:45:e7:ca:c5:35:74:03:e4:e0:37:5c:bd:3b:35:
         f3:5b:4a:5b:cd:c2:24:9d:51:3c:5b:ad:7e:9e:c8:6b:a5:c3:
         b2:e2:18:d8:6f:93:e7:e3:f2:3f:50:9a:ee:db:e4:30:76:e9:
         05:d7:72:f6:73:d3:80:39:5c:26:06:8e:a9:3d:b8:7d:fc:49:
         c3:c0:18:4d:05:e5:4b:14:07:4e:f4:a5:b1:98:a2:81:4f:b4:
         d9:dc:7a:7c:67:56:cd:c9:63:7e:b4:f4:af:5b:bc:c1:86:0d:
         4c:74:3c:37:5b:8a:6d:20:32:77:87:d7:42:4e:00:f7:b9:29:
         25:8b:f7:3b:8f:58:21:4c:c8:88:7c:e1:52:fd:99:4e:79:6e:
         f4:a7:da:84:f6:2f:a2:d7:a5:7b:3a:d3:84:62:f2:37:9b:b5:
         6d:c8:d4:bd:42:db:a4:cf:52:8d:98:9f:1f:5b:46:b4:05:8c:
         c1:41:39:87:b9:8f:14:b5:14:c8:29:54:81:69:be:93:e9:39:
         01:33:ce:24:8c:12:cf:77:0b:6a:fe:44:b0:b8:06:fa:3c:ec:
         93:d4:3c:e7:2f:c2:ab:58:a8:b0:e8:b2:45:59:2c:c6:3c:6f:
         ba:1f:00:a9:52:7d:98:03:e1:09:f4:56:18:60:b8:f5:f2:07:
         a4:51:f8:4a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MzY2QTExMC8GA1UEBRMoQjA2N0M2QkI3MERGMERDMDRDRTc3RjdDOEQ3NjcwNkE0
OUY2Q0I4NTAeFw0yMjA5MDkyMDQ0MTJaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMWJhNTljLTA3ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzmDKB/iHs2X/2SZyfqPGN2GtyrjG84eUXMik2EYZpC+2YCeE2Q6D6LaTjecqf
uL3O9Duxi2TDAa5HBKrlJN/zx/OvOrlmzUjhzKAlH9/zkX/CYXRzrcA8mkam+W0u
Vp8s+fX/nUPE9QV/kuv1otf+txR8rOEJqy+7B4EdtPEYgvU9X5F0V9ofPEKTzYvi
WJ4/Uxfhm+9JXmwnkP1tfH3FiorPTM30IYie25S/MHQjS0cfLetylOtmlQqTeAR0
+w+Epi5b1AeaOEFYq8XkXPS/mB42MxcyzRF5T+scqSVjsi533dDSRHYn7ixr5l6t
qZkWyGAup4gY0NphTT7u0gofAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3HWrlceU
p0OHohG0Ib/79oheQqowHwYDVR0jBBgwFoAUsGfGu3DfDcBM5398jXZwakn2y4Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzNjZBL0VDMDlBQTRBMzA3
RDExRURBNkMzQTIxMkM0RjlBRTAyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc0dmR3UzRGZEY0JNNTM5OGpYWndha24yeTRVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MzY2QS9FQzA5QUE0QTMwN0QxMUVEQTZDM0EyMTJDNEY5QUUwMi8yOTRGMzJCQTMw
ODAxMUVEQkIyNTZEMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsh7jANBgkqhkiG9w0BAQsFAAOCAQEAhG2hwEXnysU1dAPk
4DdcvTs181tKW83CJJ1RPFutfp7Ia6XDsuIY2G+T5+PyP1Ca7tvkMHbpBddy9nPT
gDlcJgaOqT24ffxJw8AYTQXlSxQHTvSlsZiigU+02dx6fGdWzcljfrT0r1u8wYYN
THQ8N1uKbSAyd4fXQk4A97kpJYv3O49YIUzIiHzhUv2ZTnlu9KfahPYvotelezrT
hGLyN5u1bcjUvULbpM9SjZifH1tGtAWMwUE5h7mPFLUUyClUgWm+k+k5ATPOJIwS
z3cLav5EsLgG+jzsk9Q85y/Cq1iosOiyRVksxjxvuh8AqVJ9mAPhCfRWGGC49fIH
pFH4Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org