Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/45771652FF0311EAAFD74F17C4F9AE02.roa
File:                     45771652FF0311EAAFD74F17C4F9AE02.roa (raw, json)
Hash identifier:          GlypEraCivFogYOhruUyzKP8KJbJfJCFpHE5wX/dcxE=
Subject key identifier:   15:D3:86:7E:08:9C:09:7F:AC:09:BC:69:5F:30:3C:BA:49:D4:27:2B
Certificate issuer:       /CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
Certificate serial:       02A7
Authority key identifier: 07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/45771652FF0311EAAFD74F17C4F9AE02.roa
Signing time:             Thu 24 Jun 2021 11:34:17 +0000
ROA not before:           Thu 24 Jun 2021 11:34:17 +0000
ROA not after:            Wed 31 Aug 2022 00:00:00 +0000
asID:                     36131
IP address blocks:        164.90.99.0/24 maxlen: 24
                          164.90.100.0/24 maxlen: 24
                          164.90.101.0/24 maxlen: 24
                          164.90.118.0/24 maxlen: 24
                          164.90.119.0/24 maxlen: 24
                          164.90.120.0/24 maxlen: 24
                          164.90.121.0/24 maxlen: 24
                          202.63.47.0/24 maxlen: 24
                          202.63.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 679 (0x2a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
        Validity
            Not Before: Jun 24 11:34:17 2021 GMT
            Not After : Aug 31 00:00:00 2022 GMT
        Subject: CN=60d46db8-30f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a8:89:c3:11:0b:0a:7e:3f:35:a7:0c:65:6d:
                    a3:6b:4a:30:43:3e:c3:2c:ff:4a:2e:c5:bd:d4:20:
                    b0:e3:94:6a:fb:55:f1:70:b6:5c:00:2b:d3:b7:32:
                    0d:53:4f:d2:17:87:06:de:da:a3:73:25:5d:f8:3b:
                    5f:9a:f1:47:f7:e4:99:4a:c3:78:8c:e8:63:78:7a:
                    69:05:ee:52:0e:e2:21:44:2b:ed:2c:4c:b2:fa:c0:
                    1e:d9:f2:fe:bb:7d:cf:c0:57:ef:b4:21:db:db:f9:
                    4b:a5:62:8b:9d:45:91:3a:5a:2b:76:5a:96:4c:a1:
                    16:de:a8:2b:6c:16:03:16:49:26:9f:fd:6e:ff:3a:
                    fa:4c:b1:db:4d:c6:24:00:58:42:c9:3e:d9:b1:6d:
                    4f:9a:fb:8c:fe:89:d5:eb:73:62:fd:53:0c:97:49:
                    ae:78:65:f8:f2:07:d4:3f:b6:1a:fe:c0:92:00:a9:
                    60:bf:ad:59:80:26:67:bc:12:92:4a:87:04:18:c4:
                    cd:18:ac:b6:c9:8d:13:35:5b:d1:9c:82:de:1f:b0:
                    4f:07:d1:88:de:b9:3d:1b:eb:cd:95:a0:53:12:da:
                    2f:c3:6f:ca:05:0a:39:f1:03:8e:cb:47:82:bc:f5:
                    a6:a2:f5:fd:06:9f:0f:94:0d:61:28:16:36:2e:4a:
                    bb:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:D3:86:7E:08:9C:09:7F:AC:09:BC:69:5F:30:3C:BA:49:D4:27:2B
            X509v3 Authority Key Identifier:
                keyid:07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/B6HAhUXKzGXgiC1J6fL4z9K-gmA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/45771652FF0311EAAFD74F17C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.90.99.0-164.90.101.255
                  164.90.118.0-164.90.121.255
                  202.63.47.0-202.63.48.255

    Signature Algorithm: sha256WithRSAEncryption
         26:e2:e0:f9:60:ea:1b:86:cd:dc:5b:c9:d6:c9:df:e1:fe:cb:
         b6:3c:94:c3:0e:c0:0b:d0:3d:55:94:6a:e3:74:0f:d4:ec:0d:
         77:5c:44:8f:eb:3e:39:47:39:5a:38:f0:70:99:84:56:69:2c:
         85:6e:a0:54:5d:2e:2f:92:bf:37:f8:d4:cb:fa:05:1c:c4:93:
         d8:70:bb:c3:49:ed:e5:20:07:6f:bd:6f:a1:a0:06:71:4c:e2:
         b6:dc:0c:19:4c:b2:17:cf:9f:37:49:12:8d:3c:ef:5c:94:fb:
         6e:44:64:79:75:64:f4:cd:2e:03:55:51:0e:f0:53:95:3a:b6:
         d8:c8:84:8c:fc:18:9e:75:c5:a7:4c:e0:1f:d2:46:ba:06:28:
         d9:61:49:dd:12:c2:d9:58:9f:d3:67:a6:dd:65:88:41:c0:89:
         58:18:57:7f:d4:81:fb:e7:38:7f:f6:4b:41:fa:b5:99:35:ce:
         26:71:2d:3c:6c:c5:75:f6:73:d2:68:c4:08:0d:b0:0b:94:c8:
         08:b0:7e:db:a2:cc:ea:f5:72:92:da:a8:3a:89:61:85:ff:42:
         db:3a:12:0f:9a:b3:d9:ff:d9:ca:bd:38:73:fd:da:02:a9:60:
         02:9f:a5:c4:cc:16:70:ee:da:1c:02:93:47:6f:9f:2a:cb:6e:
         6b:d4:9a:03
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICAqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDA3QTFDMDg1NDVDQUNDNjVFMDg4MkQ0OUU5RjJGOENG
RDJCRTgyNjAwHhcNMjEwNjI0MTEzNDE3WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGQ0NmRiOC0zMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsKiJwxELCn4/NacMZW2ja0owQz7DLP9KLsW91CCw45Rq+1XxcLZcACvTtzIN
U0/SF4cG3tqjcyVd+DtfmvFH9+SZSsN4jOhjeHppBe5SDuIhRCvtLEyy+sAe2fL+
u33PwFfvtCHb2/lLpWKLnUWROlordlqWTKEW3qgrbBYDFkkmn/1u/zr6TLHbTcYk
AFhCyT7ZsW1PmvuM/onV63Ni/VMMl0mueGX48gfUP7Ya/sCSAKlgv61ZgCZnvBKS
SocEGMTNGKy2yY0TNVvRnILeH7BPB9GI3rk9G+vNlaBTEtovw2/KBQo58QOOy0eC
vPWmovX9Bp8PlA1hKBY2Lkq7UQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFBXThn4I
nAl/rAm8aV8wPLpJ1CcrMB8GA1UdIwQYMBaAFAehwIVFysxl4IgtSeny+M/SvoJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GRjUxRTU5RUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9CNkhBaFVYS3pHWGdpQzFKNmZMNHo5Sy1n
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I2SEFoVVhLekdYZ2lDMUo2Zkw0ejlLLWdtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRkY1MUU1OUVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvNDU3NzE2NTJG
RjAzMTFFQUFGRDc0RjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCowDAMEAKRaYwMEAaRaZDAMAwQBpFp2AwQBpFp4MAwDBADKPy8D
BADKPzAwDQYJKoZIhvcNAQELBQADggEBACbi4Plg6huGzdxbydbJ3+H+y7Y8lMMO
wAvQPVWUauN0D9TsDXdcRI/rPjlHOVo48HCZhFZpLIVuoFRdLi+Svzf41Mv6BRzE
k9hwu8NJ7eUgB2+9b6GgBnFM4rbcDBlMshfPnzdJEo0871yU+25EZHl1ZPTNLgNV
UQ7wU5U6ttjIhIz8GJ51xadM4B/SRroGKNlhSd0SwtlYn9Nnpt1liEHAiVgYV3/U
gfvnOH/2S0H6tZk1ziZxLTxsxXX2c9JoxAgNsAuUyAiwftuizOr1cpLaqDqJYYX/
Qts6Eg+as9n/2cq9OHP92gKpYAKfpcTMFnDu2hwCk0dvnyrLbmvUmgM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org