Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E11D6/77DEFD32063911ED818C4016C4F9AE02/5E04128C063C11EDB3961119C4F9AE02.roa
File:                     5E04128C063C11EDB3961119C4F9AE02.roa (raw, json)
Hash identifier:          Ng3aAchlFxAdTtY4kGntOyaAb0+vD9FYcurVeRfEfi4=
Subject key identifier:   49:C6:AA:C2:F7:A2:FD:3B:48:6B:72:8F:58:26:0C:7C:D8:9C:A4:BA
Certificate issuer:       /CN=A91E11D6/serialNumber=C28610722C1BC89BE32B4D4B8A2CC21DE6717CC8
Certificate serial:       02
Authority key identifier: C2:86:10:72:2C:1B:C8:9B:E3:2B:4D:4B:8A:2C:C2:1D:E6:71:7C:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woYQciwbyJvjK01LiizCHeZxfMg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E11D6/77DEFD32063911ED818C4016C4F9AE02/5E04128C063C11EDB3961119C4F9AE02.roa
Signing time:             Mon 18 Jul 2022 01:53:07 +0000
ROA not before:           Mon 18 Jul 2022 01:53:07 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     131270
IP address blocks:        203.30.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E11D6/serialNumber=C28610722C1BC89BE32B4D4B8A2CC21DE6717CC8
        Validity
            Not Before: Jul 18 01:53:07 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62d4bd02-3221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c4:0d:64:ba:c8:b5:c3:d6:a4:1c:2c:76:88:
                    ef:a0:6a:81:75:55:eb:31:b5:ec:3a:5f:3e:be:0b:
                    fd:2c:13:ea:11:b5:cf:c4:81:58:b5:3a:e7:62:4c:
                    91:6f:dc:f5:dc:00:b1:59:9b:ff:8c:dc:da:05:fb:
                    70:6b:ad:7e:a1:cc:ab:61:c3:7e:7b:42:07:b1:52:
                    f6:d5:4c:c2:20:01:d1:0b:6b:11:4b:4a:2b:0a:88:
                    d0:d4:9d:72:52:10:37:b8:83:2c:3b:b9:35:c4:03:
                    55:f2:1b:f7:2a:0f:bb:5c:2e:e9:80:3c:42:2d:c9:
                    81:e9:8e:f1:8f:7f:e1:e1:ba:67:bd:dd:e9:e3:c9:
                    f9:cc:d4:cc:8a:2c:74:15:cc:52:3c:e2:2c:34:16:
                    b6:8a:58:cb:ec:50:2d:2d:f5:ee:08:27:36:0d:94:
                    d6:2f:e0:81:9e:30:e1:0e:cf:35:f5:ba:33:b0:c9:
                    85:03:d6:67:d3:ef:9e:fb:a7:24:32:74:20:8e:5f:
                    4c:38:df:de:0b:20:d9:22:be:a4:7e:11:40:b2:d7:
                    b7:0d:37:48:06:95:0a:df:00:88:b8:2a:44:c6:c6:
                    d7:66:db:fc:13:62:ce:da:ca:92:0f:6b:2f:a4:36:
                    2f:3e:1c:11:00:be:4e:be:04:12:4a:a0:cf:40:a3:
                    2f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C6:AA:C2:F7:A2:FD:3B:48:6B:72:8F:58:26:0C:7C:D8:9C:A4:BA
            X509v3 Authority Key Identifier:
                keyid:C2:86:10:72:2C:1B:C8:9B:E3:2B:4D:4B:8A:2C:C2:1D:E6:71:7C:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E11D6/77DEFD32063911ED818C4016C4F9AE02/woYQciwbyJvjK01LiizCHeZxfMg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woYQciwbyJvjK01LiizCHeZxfMg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E11D6/77DEFD32063911ED818C4016C4F9AE02/5E04128C063C11EDB3961119C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.30.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:98:61:a9:51:1a:a7:a4:d4:0e:89:b0:15:4d:77:0c:da:cb:
         51:c2:0c:fc:47:ba:d4:fd:18:01:c8:5a:16:eb:33:fd:eb:83:
         44:83:6e:77:f5:3f:29:93:02:97:48:3c:32:21:2c:c3:1f:42:
         e4:83:30:2d:6a:f8:29:7d:48:52:eb:12:da:f1:a3:e1:ee:ff:
         b4:a4:06:54:ef:35:19:0b:a4:41:43:e6:12:f0:08:6e:d9:c1:
         1d:5e:c3:b4:17:ab:3e:19:03:75:18:4b:de:81:16:90:b2:f3:
         11:46:cf:cf:0a:95:93:f8:a4:09:86:00:15:ca:61:ba:b1:e8:
         22:c2:86:ca:4b:ce:37:b3:94:60:58:c4:80:34:67:fe:30:a3:
         2a:27:a2:cc:24:6e:61:bd:b0:d8:9f:e3:8c:80:f8:c0:ba:72:
         5d:7a:01:04:4c:17:e3:8d:0e:79:c6:80:ae:79:ff:39:50:91:
         96:e8:59:04:07:5e:c6:eb:06:ff:d1:cf:f1:58:4e:a5:7e:d9:
         d9:1d:8b:72:b0:4c:45:35:7f:a3:21:65:46:3b:47:0d:70:89:
         36:72:7c:8a:06:dc:fe:af:e1:0a:21:76:ce:d6:56:4c:b5:7f:
         2e:66:19:18:f1:13:18:b9:6a:aa:8a:8a:06:bf:5d:c1:ed:c6:
         f8:79:32:8f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MTFENjExMC8GA1UEBRMoQzI4NjEwNzIyQzFCQzg5QkUzMkI0RDRCOEEyQ0MyMURF
NjcxN0NDODAeFw0yMjA3MTgwMTUzMDdaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZDRiZDAyLTMyMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmxA1kusi1w9akHCx2iO+gaoF1Vesxtew6Xz6+C/0sE+oRtc/EgVi1OudiTJFv
3PXcALFZm/+M3NoF+3BrrX6hzKthw357QgexUvbVTMIgAdELaxFLSisKiNDUnXJS
EDe4gyw7uTXEA1XyG/cqD7tcLumAPEItyYHpjvGPf+Hhume93enjyfnM1MyKLHQV
zFI84iw0FraKWMvsUC0t9e4IJzYNlNYv4IGeMOEOzzX1ujOwyYUD1mfT7577pyQy
dCCOX0w4394LINkivqR+EUCy17cNN0gGlQrfAIi4KkTGxtdm2/wTYs7aypIPay+k
Ni8+HBEAvk6+BBJKoM9Aoy/ZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUScaqwvei
/TtIa3KPWCYMfNicpLowHwYDVR0jBBgwFoAUwoYQciwbyJvjK01LiizCHeZxfMgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxMUQ2Lzc3REVGRDMyMDYz
OTExRUQ4MThDNDAxNkM0RjlBRTAyL3dvWVFjaXdieUp2akswMUxpaXpDSGVaeGZN
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd29ZUWNpd2J5SnZqSzAxTGlpekNIZVp4Zk1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MTFENi83N0RFRkQzMjA2MzkxMUVEODE4QzQwMTZDNEY5QUUwMi81RTA0MTI4QzA2
M0MxMUVEQjM5NjExMTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsewTANBgkqhkiG9w0BAQsFAAOCAQEAnZhhqVEap6TUDomw
FU13DNrLUcIM/Ee61P0YAchaFusz/euDRINud/U/KZMCl0g8MiEswx9C5IMwLWr4
KX1IUusS2vGj4e7/tKQGVO81GQukQUPmEvAIbtnBHV7DtBerPhkDdRhL3oEWkLLz
EUbPzwqVk/ikCYYAFcphurHoIsKGykvON7OUYFjEgDRn/jCjKieizCRuYb2w2J/j
jID4wLpyXXoBBEwX440OecaArnn/OVCRluhZBAdexusG/9HP8VhOpX7Z2R2LcrBM
RTV/oyFlRjtHDXCJNnJ8igbc/q/hCiF2ztZWTLV/LmYZGPETGLlqqoqKBr9dwe3G
+Hkyjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org