Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/4810A44628E111EDADB89B6DC4F9AE02.roa
File:                     4810A44628E111EDADB89B6DC4F9AE02.roa (raw, json)
Hash identifier:          MO0FxhfsX41gM+5mFtYnqsVFRkUHtGcy6FzgMNKCY78=
Subject key identifier:   20:16:34:E1:EF:25:E5:1B:0E:2D:04:95:8B:E5:58:A6:76:FA:56:39
Certificate issuer:       /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial:       0621
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/4810A44628E111EDADB89B6DC4F9AE02.roa
Signing time:             Wed 31 Aug 2022 03:59:16 +0000
ROA not before:           Wed 31 Aug 2022 03:59:16 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     36131
IP address blocks:        169.136.68.0/24 maxlen: 24
                          169.136.69.0/24 maxlen: 24
                          169.136.70.0/24 maxlen: 24
                          169.136.71.0/24 maxlen: 24
                          169.136.72.0/24 maxlen: 24
                          169.136.73.0/24 maxlen: 24
                          169.136.128.0/24 maxlen: 24
                          169.136.129.0/24 maxlen: 24
                          169.136.130.0/24 maxlen: 24
                          169.136.132.0/24 maxlen: 24
                          169.136.140.0/24 maxlen: 24
                          169.136.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1569 (0x621)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
        Validity
            Not Before: Aug 31 03:59:16 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=630edc94-79bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:31:db:e4:97:81:c7:5a:44:44:e2:0a:85:25:
                    55:7d:ff:31:ba:23:e4:3e:33:f5:e8:84:63:a2:0f:
                    44:75:8d:ba:53:b9:26:18:ed:8e:e8:f4:5d:60:cc:
                    34:d4:7e:f7:35:6e:81:43:77:85:88:41:aa:76:6f:
                    5e:42:33:4a:34:e3:03:b5:dc:ff:1a:cf:e9:41:dc:
                    cf:4d:ef:04:69:d2:d1:54:b6:6a:10:41:3a:78:4b:
                    58:32:4c:d5:48:02:91:7e:3b:14:f1:a4:cc:43:06:
                    45:cd:16:99:24:e1:f4:84:19:49:03:3c:dc:89:02:
                    0a:80:b6:63:31:42:33:18:8e:7a:87:70:d9:25:36:
                    03:67:99:b2:5a:ea:d5:ea:dc:9c:4c:68:21:b9:cb:
                    09:72:d9:2e:97:7d:4d:66:ff:4a:92:36:1f:0f:90:
                    04:b5:e5:c9:20:ea:fc:8b:a6:71:23:d6:7b:ea:fd:
                    b5:ad:dd:61:1a:03:34:7b:fb:97:1f:60:88:29:d5:
                    40:f3:bf:b4:b2:ce:29:0d:ff:12:00:75:8f:77:37:
                    14:73:74:2a:31:54:57:27:7b:95:02:99:82:38:bc:
                    ce:14:05:0d:60:70:63:9f:ce:be:66:6e:42:f9:47:
                    80:a3:57:94:ce:0a:c8:f8:b1:a2:b7:53:86:7e:95:
                    d6:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:16:34:E1:EF:25:E5:1B:0E:2D:04:95:8B:E5:58:A6:76:FA:56:39
            X509v3 Authority Key Identifier:
                keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/4810A44628E111EDADB89B6DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.136.68.0-169.136.73.255
                  169.136.128.0-169.136.130.255
                  169.136.132.0/24
                  169.136.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:b6:87:a2:98:04:41:93:f9:9a:7c:b3:7f:bb:dc:38:5b:16:
         dd:b0:36:94:69:e7:5b:8c:1f:bc:82:7a:c9:1b:4c:c7:6a:9d:
         8a:4b:bc:c4:65:77:b7:a5:fb:6f:17:93:89:5e:6e:34:ee:5f:
         0b:82:19:8e:ff:53:49:a1:2e:73:cf:59:62:66:c6:a0:5c:3a:
         6c:70:0b:7c:72:48:f0:cc:86:31:c4:8c:f0:db:88:8b:99:d4:
         36:aa:8d:1c:69:66:58:5b:54:69:b6:07:3a:49:d0:a2:9e:c8:
         41:a7:dc:5d:4b:21:05:6f:14:bc:32:b5:4d:76:3e:71:04:1a:
         72:a6:cc:7c:2a:d4:6d:58:60:f9:53:d8:a7:a9:0a:8d:66:b2:
         0f:8a:8c:d2:d9:bd:5f:53:a8:28:54:02:8c:be:71:24:e0:b2:
         e5:b5:65:f0:c9:ad:7f:76:30:1f:45:1d:d5:13:f0:fc:d9:86:
         7c:1a:4d:e9:d9:95:d1:56:8a:62:c4:19:72:84:df:b4:8c:b4:
         50:b7:90:56:3a:58:fe:45:03:77:5c:57:6c:e1:fa:85:f9:71:
         e6:81:e8:d1:dc:ce:d0:7d:3e:43:c3:b7:4e:98:26:73:41:82:
         67:14:2f:b1:fb:11:33:69:f7:ea:61:e5:fb:89:6c:da:ae:f5:
         30:fa:b7:e7
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjIwODMxMDM1OTE2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBlZGM5NC03OWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqzHb5JeBx1pEROIKhSVVff8xuiPkPjP16IRjog9EdY26U7kmGO2O6PRdYMw0
1H73NW6BQ3eFiEGqdm9eQjNKNOMDtdz/Gs/pQdzPTe8EadLRVLZqEEE6eEtYMkzV
SAKRfjsU8aTMQwZFzRaZJOH0hBlJAzzciQIKgLZjMUIzGI56h3DZJTYDZ5myWurV
6tycTGghucsJctkul31NZv9KkjYfD5AEteXJIOr8i6ZxI9Z76v21rd1hGgM0e/uX
H2CIKdVA87+0ss4pDf8SAHWPdzcUc3QqMVRXJ3uVApmCOLzOFAUNYHBjn86+Zm5C
+UeAo1eUzgrI+LGit1OGfpXWlQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFCAWNOHv
JeUbDi0ElYvlWKZ2+lY5MB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvNDgxMEE0NDYy
OEUxMTFFREFEQjg5QjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEAqmIRAMEAamISDAMAwQHqYiAAwQAqYiCAwQAqYiEAwQB
qYiMMA0GCSqGSIb3DQEBCwUAA4IBAQBqtoeimARBk/mafLN/u9w4WxbdsDaUaedb
jB+8gnrJG0zHap2KS7zEZXe3pftvF5OJXm407l8LghmO/1NJoS5zz1liZsagXDps
cAt8ckjwzIYxxIzw24iLmdQ2qo0caWZYW1Rptgc6SdCinshBp9xdSyEFbxS8MrVN
dj5xBBpypsx8KtRtWGD5U9inqQqNZrIPiozS2b1fU6goVAKMvnEk4LLltWXwya1/
djAfRR3VE/D82YZ8Gk3p2ZXRVopixBlyhN+0jLRQt5BWOlj+RQN3XFds4fqF+XHm
gejR3M7QfT5Dw7dOmCZzQYJnFC+x+xEzaffqYeX7iWzarvUw+rfn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org