Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
File:                     48475B20FA6111E78D59AD37C4F9AE02.roa (raw, json)
Hash identifier:          LWfIkFR3TS+i9RKB3YhkTr6gkOn445uOM6DY3EKmHXg=
Subject key identifier:   4B:7B:C9:13:67:8E:AE:E2:D1:DE:77:B2:55:D8:FB:A9:1F:81:26:53
Certificate issuer:       /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
Certificate serial:       1607
Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
Signing time:             Tue 14 Feb 2023 17:44:26 +0000
ROA not before:           Tue 14 Feb 2023 17:44:26 +0000
ROA not after:            Sun 31 Mar 2024 00:00:00 +0000
asID:                     137410
IP address blocks:        2402:28c0:eee0::/44 maxlen: 44
                          2402:28c0:fffa::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5639 (0x1607)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C
        Validity
            Not Before: Feb 14 17:44:26 2023 GMT
            Not After : Mar 31 00:00:00 2024 GMT
        Subject: CN=63ebc87a-63b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b3:07:a2:52:85:58:f2:a9:fc:d5:03:73:92:
                    20:d8:32:2e:a2:01:84:c6:1f:25:ee:88:29:74:09:
                    79:79:cd:ce:a4:9d:d2:ea:45:7e:50:99:24:98:1e:
                    f6:a3:e4:c2:07:ff:fe:54:27:3c:ac:71:ec:11:c5:
                    3c:56:f8:49:e3:e4:93:f3:af:21:24:c3:a3:22:2c:
                    db:8d:8c:21:4f:3c:4e:54:40:2e:65:b1:21:d5:4f:
                    ca:7d:dc:b6:0d:88:3f:c7:ce:31:ea:3e:1d:57:f7:
                    f5:d4:29:b6:d4:03:9d:df:4a:c2:c4:bb:94:b7:36:
                    db:eb:ea:ef:ac:24:46:19:7f:92:37:d2:30:8a:d3:
                    da:ec:e2:04:a9:e2:36:f2:04:96:95:bc:22:e7:11:
                    30:f8:89:39:16:5c:01:01:07:6e:70:bf:70:45:f2:
                    ea:bf:5d:6a:78:1e:ee:8d:61:24:89:11:97:95:fd:
                    49:ba:4e:c9:ae:2c:d5:a2:29:1c:8a:5c:55:de:d8:
                    73:73:37:d9:d5:c9:fe:ab:f2:d1:c6:54:f5:d2:0f:
                    ce:89:1e:56:8c:1a:60:e4:f9:cd:71:68:16:36:90:
                    64:b5:d5:4e:0b:86:23:68:bb:2a:71:4c:0b:e8:32:
                    1b:98:e6:17:98:89:36:c7:31:53:dc:bf:07:13:bd:
                    c4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:7B:C9:13:67:8E:AE:E2:D1:DE:77:B2:55:D8:FB:A9:1F:81:26:53
            X509v3 Authority Key Identifier:
                keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/48475B20FA6111E78D59AD37C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:28c0:eee0::/44
                  2402:28c0:fffa::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:04:e7:76:d3:33:97:fe:11:f9:29:a2:a5:63:7a:79:66:7d:
         e2:e6:be:a2:34:e5:85:f1:28:0b:ed:9a:04:8b:28:64:b5:23:
         d2:93:f7:11:03:10:42:9a:e0:74:34:23:66:0f:99:c7:99:3c:
         5b:7e:1d:54:69:a1:23:c4:3e:12:27:55:a3:0b:ae:58:f7:7d:
         a9:e6:99:e9:54:ed:ef:c2:46:a2:b4:fb:5e:b5:b1:83:53:c7:
         b4:6f:37:c2:92:00:0a:03:86:24:3b:58:09:8d:13:1b:8d:b4:
         cb:24:56:c9:0a:0a:a8:ef:82:ca:03:a7:1c:67:24:b0:f7:7d:
         6a:c1:c2:dc:3c:46:cf:62:14:28:04:8e:9f:52:7c:44:e2:f4:
         de:fb:67:99:55:f1:e4:18:0f:a5:70:cb:7c:77:5d:f0:be:d3:
         9f:5e:27:34:53:2b:4c:e1:30:a6:2c:43:8b:a1:d1:02:d2:0b:
         9c:cd:0f:df:c1:e1:ac:e3:38:86:88:3c:1b:c6:3e:7b:b2:6d:
         97:f8:fe:e7:05:44:f4:f4:7c:ce:16:4e:d1:ae:f5:cf:47:c1:
         94:d7:9e:45:3a:5f:12:7a:1b:d5:f4:2a:f6:ce:d7:a0:3a:a1:
         b2:43:87:e6:3d:fa:8d:1b:f1:e9:26:f4:b5:66:03:e8:45:07:
         36:8b:08:fe
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw
QjZGN0QzMEMwHhcNMjMwMjE0MTc0NDI2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViYzg3YS02M2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2LMHolKFWPKp/NUDc5Ig2DIuogGExh8l7ogpdAl5ec3OpJ3S6kV+UJkkmB72
o+TCB//+VCc8rHHsEcU8VvhJ4+ST868hJMOjIizbjYwhTzxOVEAuZbEh1U/Kfdy2
DYg/x84x6j4dV/f11Cm21AOd30rCxLuUtzbb6+rvrCRGGX+SN9IwitPa7OIEqeI2
8gSWlbwi5xEw+Ik5FlwBAQducL9wRfLqv11qeB7ujWEkiRGXlf1Juk7JrizVoikc
ilxV3thzczfZ1cn+q/LRxlT10g/OiR5WjBpg5PnNcWgWNpBktdVOC4YjaLsqcUwL
6DIbmOYXmIk2xzFT3L8HE73E9QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEt7yRNn
jq7i0d53slXY+6kfgSZTMB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5
NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvNDg0NzVCMjBG
QTYxMTFFNzhENTlBRDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkAijA7uADBwAkAijA//owDQYJKoZIhvcNAQELBQADggEB
ABIE53bTM5f+EfkpoqVjenlmfeLmvqI05YXxKAvtmgSLKGS1I9KT9xEDEEKa4HQ0
I2YPmceZPFt+HVRpoSPEPhInVaMLrlj3fanmmelU7e/CRqK0+161sYNTx7RvN8KS
AAoDhiQ7WAmNExuNtMskVskKCqjvgsoDpxxnJLD3fWrBwtw8Rs9iFCgEjp9SfETi
9N77Z5lV8eQYD6Vwy3x3XfC+059eJzRTK0zhMKYsQ4uh0QLSC5zND9/B4azjOIaI
PBvGPnuybZf4/ucFRPT0fM4WTtGu9c9HwZTXnkU6XxJ6G9X0KvbO16A6obJDh+Y9
+o0b8ekm9LVmA+hFBzaLCP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org