Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/17197B0290C311ED8950160AC4F9AE02.roa
File:                     17197B0290C311ED8950160AC4F9AE02.roa (raw, json)
Hash identifier:          aI0oVVlr3zs1nf3djvAZtYdV4Ni0gxSSRPPKqQ8O7OM=
Subject key identifier:   7F:10:34:14:04:EC:E9:B3:DA:FC:0E:DA:BA:10:BF:93:92:B3:5D:09
Certificate issuer:       /CN=A91E4696/serialNumber=27B8722C859CA4F6F03EC1E061FDD4C3B9B497E5
Certificate serial:       02
Authority key identifier: 27:B8:72:2C:85:9C:A4:F6:F0:3E:C1:E0:61:FD:D4:C3:B9:B4:97:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/17197B0290C311ED8950160AC4F9AE02.roa
Signing time:             Tue 10 Jan 2023 08:45:11 +0000
ROA not before:           Tue 10 Jan 2023 08:45:11 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     133115
IP address blocks:        203.124.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4696/serialNumber=27B8722C859CA4F6F03EC1E061FDD4C3B9B497E5
        Validity
            Not Before: Jan 10 08:45:11 2023 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=63bd2596-6a0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f7:fb:8e:50:dc:a5:aa:7a:66:14:ed:d4:ac:
                    03:d7:ea:3d:54:d2:eb:c3:90:99:e8:80:18:64:ff:
                    5e:91:13:0d:8a:9b:2b:3b:e0:b4:6c:6c:11:ec:52:
                    e2:14:1c:e1:cb:7f:2c:85:56:e0:2c:25:ce:24:29:
                    06:37:19:44:81:83:e3:9e:08:ae:84:f7:22:57:0c:
                    26:3c:2d:36:d0:05:3f:81:cc:a6:a8:9c:92:6c:2d:
                    39:65:56:5f:fb:0e:62:4e:2b:f2:5c:5a:fd:0a:6d:
                    9f:90:43:6d:26:69:71:5f:ce:f4:3f:c9:d2:1b:f4:
                    d3:92:35:60:7a:88:89:89:25:57:01:be:a0:c1:21:
                    87:4e:68:7b:e4:26:c6:ea:9a:28:ca:aa:d9:35:c8:
                    76:f6:56:b1:43:cd:74:b4:e0:d9:fa:16:91:f1:e8:
                    92:c1:68:e8:bc:63:6f:0b:5b:a0:a0:34:cc:76:d4:
                    7e:0e:54:ec:91:11:67:e3:1e:62:fd:35:78:c1:73:
                    6f:e6:f3:59:d7:7f:b0:13:df:3c:58:2b:ea:34:70:
                    ee:1d:b7:94:42:2e:17:67:1e:b3:52:b2:f1:e1:68:
                    4b:f9:39:a8:23:2e:49:2a:42:c6:50:24:d2:fc:8c:
                    6d:25:09:67:53:54:6d:94:52:56:66:49:18:1c:13:
                    05:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:10:34:14:04:EC:E9:B3:DA:FC:0E:DA:BA:10:BF:93:92:B3:5D:09
            X509v3 Authority Key Identifier:
                keyid:27:B8:72:2C:85:9C:A4:F6:F0:3E:C1:E0:61:FD:D4:C3:B9:B4:97:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/17197B0290C311ED8950160AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.124.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:04:05:5e:fe:d9:80:8b:bd:21:5d:40:d7:f3:23:ae:2f:e2:
         77:72:73:18:f5:95:af:b9:18:cf:ef:04:d3:3b:3c:ad:92:9d:
         e7:47:a5:38:29:2b:2b:7a:91:55:f3:c3:24:a3:41:14:f0:14:
         db:43:00:97:97:91:8a:54:59:7b:c2:b3:0c:97:54:40:fd:95:
         ec:06:a5:8e:3b:44:35:09:20:f4:5c:ad:12:8f:dd:ad:84:dc:
         d3:ed:06:05:ce:b1:13:76:be:99:6e:6b:1e:48:65:0c:43:35:
         11:52:07:fe:b7:25:5a:6b:15:bc:59:a5:5f:b1:bd:e2:28:8b:
         7e:dd:1d:45:2d:14:02:62:e2:d8:e4:61:51:01:8b:da:a5:21:
         22:41:8c:c2:01:3c:36:81:c0:20:13:37:c1:8d:30:c5:36:0d:
         ee:e9:12:f2:1e:e8:f6:d6:67:92:09:e4:36:63:c5:9d:21:b0:
         6d:a6:93:94:03:9f:ef:5d:35:de:d8:36:77:14:d2:2a:9e:36:
         99:51:9d:ee:1b:94:45:f4:e5:1c:02:93:88:1b:c4:52:af:68:
         a7:47:f4:cb:b0:45:ae:bb:59:b3:bb:fc:86:02:a2:61:ab:0a:
         ab:a8:15:e0:ff:03:38:a9:3b:50:35:eb:12:cc:f6:ea:de:2a:
         12:40:ea:53
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NDY5NjExMC8GA1UEBRMoMjdCODcyMkM4NTlDQTRGNkYwM0VDMUUwNjFGREQ0QzNC
OUI0OTdFNTAeFw0yMzAxMTAwODQ1MTFaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYmQyNTk2LTZhMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx9/uOUNylqnpmFO3UrAPX6j1U0uvDkJnogBhk/16REw2Kmys74LRsbBHsUuIU
HOHLfyyFVuAsJc4kKQY3GUSBg+OeCK6E9yJXDCY8LTbQBT+BzKaonJJsLTllVl/7
DmJOK/JcWv0KbZ+QQ20maXFfzvQ/ydIb9NOSNWB6iImJJVcBvqDBIYdOaHvkJsbq
mijKqtk1yHb2VrFDzXS04Nn6FpHx6JLBaOi8Y28LW6CgNMx21H4OVOyREWfjHmL9
NXjBc2/m81nXf7AT3zxYK+o0cO4dt5RCLhdnHrNSsvHhaEv5OagjLkkqQsZQJNL8
jG0lCWdTVG2UUlZmSRgcEwUjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfxA0FATs
6bPa/A7auhC/k5KzXQkwHwYDVR0jBBgwFoAUJ7hyLIWcpPbwPsHgYf3Uw7m0l+Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0Njk2L0Q2QTExQzRBOTBC
RjExRUQ4Q0MxRTc4M0M0RjlBRTAyL0o3aHlMSVdjcFBid1BzSGdZZjNVdzdtMGwt
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjdoeUxJV2NwUGJ3UHNIZ1lmM1V3N20wbC1VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NDY5Ni9ENkExMUM0QTkwQkYxMUVEOENDMUU3ODNDNEY5QUUwMi8xNzE5N0IwMjkw
QzMxMUVEODk1MDE2MEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMt8DjANBgkqhkiG9w0BAQsFAAOCAQEAXwQFXv7ZgIu9IV1A
1/Mjri/id3JzGPWVr7kYz+8E0zs8rZKd50elOCkrK3qRVfPDJKNBFPAU20MAl5eR
ilRZe8KzDJdUQP2V7AaljjtENQkg9FytEo/drYTc0+0GBc6xE3a+mW5rHkhlDEM1
EVIH/rclWmsVvFmlX7G94iiLft0dRS0UAmLi2ORhUQGL2qUhIkGMwgE8NoHAIBM3
wY0wxTYN7ukS8h7o9tZnkgnkNmPFnSGwbaaTlAOf71013tg2dxTSKp42mVGd7huU
RfTlHAKTiBvEUq9op0f0y7BFrrtZs7v8hgKiYasKq6gV4P8DOKk7UDXrEsz26t4q
EkDqUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org