Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4C3/C23F767C998011EAB3373E6FC4F9AE02/6EF9943AA7ED11EB97C0A512C4F9AE02.roa
File:                     6EF9943AA7ED11EB97C0A512C4F9AE02.roa (raw, json)
Hash identifier:          7CTOds6Mcx3u5Dhw+KfYydmLLs9K2Oz7SoOC8HJBC6w=
Subject key identifier:   C6:B0:E7:0B:60:4F:FE:48:D5:74:AA:BF:73:CD:4D:83:F6:4E:B1:4E
Certificate issuer:       /CN=A91DB4C3/serialNumber=4EF9473B554AE1A72BA0981FFEFE138E2D480ECC
Certificate serial:       07DE
Authority key identifier: 4E:F9:47:3B:55:4A:E1:A7:2B:A0:98:1F:FE:FE:13:8E:2D:48:0E:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TvlHO1VK4acroJgf_v4Tji1IDsw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DB4C3/C23F767C998011EAB3373E6FC4F9AE02/6EF9943AA7ED11EB97C0A512C4F9AE02.roa
Signing time:             Mon 19 Jun 2023 04:23:19 +0000
ROA not before:           Mon 19 Jun 2023 04:23:19 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     134160
IP address blocks:        45.115.232.0/22 maxlen: 24
                          103.56.12.0/22 maxlen: 24
                          103.225.216.0/23 maxlen: 23
                          2402:4880::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2014 (0x7de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DB4C3/serialNumber=4EF9473B554AE1A72BA0981FFEFE138E2D480ECC
        Validity
            Not Before: Jun 19 04:23:19 2023 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=648fd837-0662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:b4:8b:7d:e4:e8:b8:a0:b1:22:2b:29:a9:f0:
                    ba:c9:4f:d3:72:07:4a:e8:5c:3b:cc:a2:b3:9c:f3:
                    28:e8:4e:95:0d:ce:c6:e1:95:1d:bc:95:c0:90:f9:
                    d8:a8:43:a8:e5:21:d7:c2:be:54:70:00:22:eb:12:
                    f0:e8:96:1d:ad:45:b8:40:df:bc:85:48:b2:7e:95:
                    95:4c:76:20:5c:14:99:6a:6e:c5:b8:62:0d:06:c1:
                    0b:0a:7d:61:ca:f1:a7:4f:fd:9b:c7:7c:a5:57:0f:
                    6e:e0:52:bc:70:e2:8c:f8:22:b0:fe:f8:97:bb:27:
                    4a:ca:df:68:ec:e9:59:09:1d:f3:e7:8f:a3:94:06:
                    7b:23:90:44:94:60:ed:9a:29:d8:ad:4d:e7:5c:04:
                    09:50:14:ac:c1:06:b2:d1:f3:09:d9:62:d0:19:91:
                    6a:3d:7d:d1:f8:cf:1a:8a:a1:42:1e:09:64:bc:f1:
                    7c:5e:86:61:10:15:d3:6b:35:41:1d:d6:6f:6d:16:
                    0a:85:78:86:0c:87:fc:b8:ba:50:7e:6a:f8:31:df:
                    d3:b3:e2:f3:75:62:6e:5c:8f:8b:18:5f:92:f0:4f:
                    7a:5a:ff:cb:a1:53:b8:1a:fe:29:5e:2f:8c:d5:f9:
                    27:e9:18:3d:e3:2c:da:5a:00:38:26:bd:4e:f6:e7:
                    21:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:B0:E7:0B:60:4F:FE:48:D5:74:AA:BF:73:CD:4D:83:F6:4E:B1:4E
            X509v3 Authority Key Identifier:
                keyid:4E:F9:47:3B:55:4A:E1:A7:2B:A0:98:1F:FE:FE:13:8E:2D:48:0E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DB4C3/C23F767C998011EAB3373E6FC4F9AE02/TvlHO1VK4acroJgf_v4Tji1IDsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TvlHO1VK4acroJgf_v4Tji1IDsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4C3/C23F767C998011EAB3373E6FC4F9AE02/6EF9943AA7ED11EB97C0A512C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.115.232.0/22
                  103.56.12.0/22
                  103.225.216.0/23
                IPv6:
                  2402:4880::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:0e:6c:e9:2e:71:60:1b:83:3a:c5:e8:fe:a1:d1:42:4c:d2:
         be:c6:7f:56:f3:76:04:e2:00:b0:df:54:c2:ce:7c:6c:a9:71:
         a9:8e:7b:7f:ac:66:5a:8c:c9:0d:89:9d:37:0c:a4:0b:12:32:
         97:08:56:0d:29:55:7f:3d:ef:bb:9d:50:2b:32:b3:ab:89:09:
         2d:6d:2b:b7:f4:50:72:31:1d:95:45:e4:1d:e4:b9:72:0e:41:
         2c:47:5a:eb:f5:23:e8:ea:ac:ca:8b:23:2f:d1:4b:c5:05:b5:
         6c:ed:54:26:8d:30:26:78:15:e8:1c:08:73:1b:54:55:df:48:
         74:09:79:a4:49:cb:48:e5:83:69:cc:4a:35:c8:a5:74:bd:b2:
         58:45:92:b5:46:10:0b:d0:7b:fa:ca:f2:03:25:19:f9:fe:26:
         2d:01:6d:4b:1e:36:e8:2f:91:e8:88:ca:1b:96:45:3e:a5:cc:
         43:ef:62:aa:f4:00:47:ec:18:5b:ed:4f:fc:e2:4b:fe:70:16:
         1d:80:63:aa:6f:9a:c3:9e:62:b2:97:3e:4f:6f:bc:41:fb:cc:
         be:56:8d:36:25:44:e3:2d:20:65:7c:1e:d2:0b:b2:de:be:19:
         78:2d:14:41:33:28:89:b6:e0:f0:21:25:cd:a1:23:e6:02:8c:
         ed:e2:ad:9d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICB94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0QzMxMTAvBgNVBAUTKDRFRjk0NzNCNTU0QUUxQTcyQkEwOTgxRkZFRkUxMzhF
MkQ0ODBFQ0MwHhcNMjMwNjE5MDQyMzE5WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDhmZDgzNy0wNjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5rSLfeTouKCxIispqfC6yU/TcgdK6Fw7zKKznPMo6E6VDc7G4ZUdvJXAkPnY
qEOo5SHXwr5UcAAi6xLw6JYdrUW4QN+8hUiyfpWVTHYgXBSZam7FuGINBsELCn1h
yvGnT/2bx3ylVw9u4FK8cOKM+CKw/viXuydKyt9o7OlZCR3z54+jlAZ7I5BElGDt
minYrU3nXAQJUBSswQay0fMJ2WLQGZFqPX3R+M8aiqFCHglkvPF8XoZhEBXTazVB
HdZvbRYKhXiGDIf8uLpQfmr4Md/Ts+LzdWJuXI+LGF+S8E96Wv/LoVO4Gv4pXi+M
1fkn6Rg94yzaWgA4Jr1O9uchGQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMaw5wtg
T/5I1XSqv3PNTYP2TrFOMB8GA1UdIwQYMBaAFE75RztVSuGnK6CYH/7+E44tSA7M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRDMy9DMjNGNzY3Qzk5
ODAxMUVBQjMzNzNFNkZDNEY5QUUwMi9UdmxITzFWSzRhY3JvSmdmX3Y0VGppMUlE
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R2bEhPMVZLNGFjcm9KZ2ZfdjRUamkxSURzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0QzMvQzIzRjc2N0M5OTgwMTFFQUIzMzczRTZGQzRGOUFFMDIvNkVGOTk0M0FB
N0VEMTFFQjk3QzBBNTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItc+gDBAJnOAwDBAFn4dgwDQQCAAIwBwMFACQCSIAwDQYJ
KoZIhvcNAQELBQADggEBAIwObOkucWAbgzrF6P6h0UJM0r7Gf1bzdgTiALDfVMLO
fGypcamOe3+sZlqMyQ2JnTcMpAsSMpcIVg0pVX8977udUCsys6uJCS1tK7f0UHIx
HZVF5B3kuXIOQSxHWuv1I+jqrMqLIy/RS8UFtWztVCaNMCZ4FegcCHMbVFXfSHQJ
eaRJy0jlg2nMSjXIpXS9slhFkrVGEAvQe/rK8gMlGfn+Ji0BbUseNugvkeiIyhuW
RT6lzEPvYqr0AEfsGFvtT/ziS/5wFh2AY6pvmsOeYrKXPk9vvEH7zL5WjTYlROMt
IGV8HtILst6+GXgtFEEzKIm24PAhJc2hI+YCjO3irZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org