Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/479EDFBCCA3C11E89ED4CE58C4F9AE02.roa
File:                     479EDFBCCA3C11E89ED4CE58C4F9AE02.roa (raw, json)
Hash identifier:          yR/GeTkxJ3/Qhq4UY0dWzt2T4BesaK9DHbzvdLH1QMs=
Subject key identifier:   2B:9C:C0:1E:FD:13:A3:CA:54:85:B2:77:8B:7F:74:D3:C7:E7:46:57
Certificate issuer:       /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Certificate serial:       1604
Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/479EDFBCCA3C11E89ED4CE58C4F9AE02.roa
Signing time:             Tue 14 Feb 2023 17:44:22 +0000
ROA not before:           Tue 14 Feb 2023 17:44:22 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     135028
IP address blocks:        2402:28c0:fff5::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5636 (0x1604)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
        Validity
            Not Before: Feb 14 17:44:22 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63ebc876-6e34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bf:cf:16:1e:0f:4b:1b:09:5f:32:d6:ec:8f:
                    50:8a:61:2d:19:5a:7c:fb:86:5a:5f:30:60:2e:a3:
                    10:5f:75:66:39:15:d0:84:3c:74:1f:88:b0:c6:9f:
                    63:d8:b1:f5:b6:4f:06:57:33:06:a7:14:44:ab:1d:
                    0a:9b:3c:55:94:21:2d:e1:74:77:05:ea:19:be:fc:
                    18:ff:85:c8:28:d3:37:63:fb:70:1f:4d:6d:8c:55:
                    f6:6e:ec:a9:10:ac:e1:26:aa:e8:84:48:88:00:6b:
                    60:b9:13:93:0a:59:29:03:64:db:88:14:a1:2a:08:
                    ae:a7:f8:6a:00:d0:61:74:e4:5e:53:92:6a:18:16:
                    95:86:b1:fd:19:e9:81:e1:38:af:b0:04:42:69:21:
                    ff:5e:0c:c4:06:23:1c:ac:1a:79:82:c8:a0:30:9b:
                    40:94:98:c9:fa:3d:06:53:b2:5f:59:c5:5a:7e:72:
                    5b:b6:97:2e:a7:0d:d6:78:d4:fd:a1:78:e2:a2:47:
                    86:86:67:26:9e:9a:c5:c4:c3:ad:cf:85:32:25:e0:
                    09:40:5c:0f:08:fe:c8:32:73:bb:76:ab:dd:cc:dc:
                    b3:f4:37:57:49:d4:91:a0:81:c6:c1:18:b3:98:5f:
                    ff:9d:e4:69:e7:b5:c3:18:d2:be:46:af:67:46:48:
                    a8:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:9C:C0:1E:FD:13:A3:CA:54:85:B2:77:8B:7F:74:D3:C7:E7:46:57
            X509v3 Authority Key Identifier:
                keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/479EDFBCCA3C11E89ED4CE58C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:28c0:fff5::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:a1:6c:ea:e0:d9:8e:46:61:26:a4:0c:0a:b7:ba:28:78:1c:
         bd:40:e0:c0:8d:f7:06:ea:bd:6e:b3:fe:19:7c:86:3a:de:17:
         3b:35:31:53:67:75:d7:7d:9d:14:c4:f3:68:15:8b:bc:3d:2e:
         a9:8e:38:fa:cd:91:da:de:91:04:23:f2:34:ff:9b:d2:86:dc:
         60:d0:97:07:08:22:06:f6:f1:48:96:23:de:c7:ce:b9:47:29:
         02:b7:0f:01:db:8f:02:8a:98:58:88:7c:84:b3:c7:35:f6:af:
         9a:ab:64:05:82:cb:67:37:c9:1e:ed:a5:44:0a:a6:81:ae:4f:
         87:f2:4f:88:e0:30:3b:79:3f:84:0e:a5:0d:18:58:eb:e4:ba:
         de:e6:14:4d:04:4b:37:a5:c4:97:82:2d:d3:e0:f3:bb:41:cc:
         f3:f2:38:83:63:64:78:dd:e8:8d:e3:02:a0:17:de:e9:0e:cc:
         f8:41:c8:aa:c4:6d:c1:f7:23:a4:ab:9f:a6:4a:69:9a:0f:db:
         22:93:80:5a:22:8d:fc:7a:3c:0e:06:1d:a6:3a:18:40:a3:69:
         ad:ca:e8:04:d5:c5:99:ba:06:49:ac:49:e3:2a:33:b6:f8:66:
         65:61:c2:58:c3:7b:17:04:6a:88:a0:52:8e:40:59:dd:79:e3:
         59:a4:5b:bc
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw
QjZGN0QzMEMwHhcNMjMwMjE0MTc0NDIyWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViYzg3Ni02ZTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAub/PFh4PSxsJXzLW7I9QimEtGVp8+4ZaXzBgLqMQX3VmORXQhDx0H4iwxp9j
2LH1tk8GVzMGpxREqx0KmzxVlCEt4XR3BeoZvvwY/4XIKNM3Y/twH01tjFX2buyp
EKzhJqrohEiIAGtguROTClkpA2TbiBShKgiup/hqANBhdOReU5JqGBaVhrH9GemB
4TivsARCaSH/XgzEBiMcrBp5gsigMJtAlJjJ+j0GU7JfWcVafnJbtpcupw3WeNT9
oXjiokeGhmcmnprFxMOtz4UyJeAJQFwPCP7IMnO7dqvdzNyz9DdXSdSRoIHGwRiz
mF//neRp57XDGNK+Rq9nRkiojwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCucwB79
E6PKVIWyd4t/dNPH50ZXMB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5
NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvNDc5RURGQkND
QTNDMTFFODlFRDRDRTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAijA//UwDQYJKoZIhvcNAQELBQADggEBACKhbOrg2Y5G
YSakDAq3uih4HL1A4MCN9wbqvW6z/hl8hjreFzs1MVNnddd9nRTE82gVi7w9LqmO
OPrNkdrekQQj8jT/m9KG3GDQlwcIIgb28UiWI97HzrlHKQK3DwHbjwKKmFiIfISz
xzX2r5qrZAWCy2c3yR7tpUQKpoGuT4fyT4jgMDt5P4QOpQ0YWOvkut7mFE0ESzel
xJeCLdPg87tBzPPyOINjZHjd6I3jAqAX3ukOzPhByKrEbcH3I6Srn6ZKaZoP2yKT
gFoijfx6PA4GHaY6GECjaa3K6ATVxZm6BkmsSeMqM7b4ZmVhwljDexcEaoigUo5A
Wd1541mkW7w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org