Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
File:                     05A8E0F29AE711EBAB07485EC4F9AE02.roa (raw, json)
Hash identifier:          cZaTRPsaMIP/1Eb4zlCZSy0FtDM71p5yVnj/VzP0zw8=
Subject key identifier:   FD:6F:5E:EA:93:B2:D3:22:22:93:7C:EA:9E:35:41:B9:E6:01:23:D0
Certificate issuer:       /CN=A91F6D91/serialNumber=F6718A5E5E42D08E253A2FB300FF09C3F5351D32
Certificate serial:       02
Authority key identifier: F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
Signing time:             Sun 11 Apr 2021 16:57:39 +0000
ROA not before:           Sun 11 Apr 2021 16:57:39 +0000
ROA not after:            Wed 02 Mar 2022 00:00:00 +0000
asID:                     14618
IP address blocks:        203.175.0.0/24 maxlen: 24
                          203.175.1.0/24 maxlen: 24
                          203.175.2.0/24 maxlen: 24
                          203.175.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F6D91/serialNumber=F6718A5E5E42D08E253A2FB300FF09C3F5351D32
        Validity
            Not Before: Apr 11 16:57:39 2021 GMT
            Not After : Mar  2 00:00:00 2022 GMT
        Subject: CN=60732a83-1154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:0e:d5:02:17:bd:22:67:ea:f7:e6:4a:0e:9b:
                    61:39:10:64:93:d6:ed:8a:b4:77:8b:d1:62:02:f5:
                    51:6f:89:0b:19:d8:19:29:6f:4b:b7:84:44:79:e2:
                    f0:d6:42:c4:35:74:f0:bd:d4:17:f3:d0:35:26:49:
                    de:75:d6:48:50:71:07:66:67:83:2e:e1:6b:12:46:
                    c8:56:e6:f3:c0:67:9e:a1:bf:f8:e6:a2:d6:42:0c:
                    eb:de:b0:ce:02:0f:bd:35:03:0a:e9:8f:9f:fa:4a:
                    a1:0b:31:b1:a8:ed:97:da:33:5b:30:5c:a5:a6:30:
                    1e:d7:f8:45:59:a9:c4:a2:42:c8:ef:fe:35:74:3a:
                    4b:3b:c0:5d:db:50:07:4e:a7:bc:75:32:2c:da:a7:
                    4a:4d:8c:fd:37:53:56:cb:e2:6d:e0:fb:28:e1:3e:
                    6b:76:e8:a0:90:9c:6e:fa:e8:6a:e6:b6:7e:81:cc:
                    6b:d8:e9:60:2a:9e:19:b3:10:c2:c5:dc:44:55:fe:
                    4a:b3:e5:51:e7:57:47:c4:04:e5:5c:9e:b1:e6:1d:
                    40:e9:9a:aa:c0:da:c6:37:f4:ad:bf:be:8d:bd:d1:
                    f0:de:cb:76:2a:df:86:87:ce:83:a8:04:22:09:60:
                    88:c6:ed:a5:79:a7:f2:6f:5f:14:b3:27:06:0c:47:
                    8d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6F:5E:EA:93:B2:D3:22:22:93:7C:EA:9E:35:41:B9:E6:01:23:D0
            X509v3 Authority Key Identifier:
                keyid:F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.175.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:65:70:c0:b0:ff:b7:ca:d9:ba:85:3a:ae:53:ad:f1:7f:2f:
         1d:4c:3e:9b:69:07:b2:81:2b:87:2f:7d:05:ac:97:f7:6d:64:
         1e:76:59:6a:ce:ca:47:c1:4e:8a:4b:a5:17:12:ea:05:dc:d6:
         05:b0:6e:5b:03:94:19:75:da:d4:37:ab:c0:e3:ae:00:66:40:
         8a:54:e6:05:4b:79:79:2d:38:36:14:e3:5a:e8:82:83:64:9c:
         7c:b0:c0:f7:1e:c9:8f:b6:15:c9:fa:5f:b8:28:eb:39:5f:da:
         3f:87:f7:4a:cf:0d:36:ab:71:0d:d2:d6:4d:3c:d4:db:d8:42:
         48:c5:e2:81:0e:e5:39:51:e8:19:e7:c4:1d:7b:8c:15:f1:8f:
         97:26:08:ff:49:72:78:25:2a:03:56:2e:9a:86:73:cd:7b:47:
         6e:8f:51:fd:93:9a:c5:91:81:3b:3c:35:88:a2:0c:08:42:51:
         d7:33:00:63:ca:83:d8:77:12:b5:2c:21:bb:e0:7e:5c:ef:e5:
         01:24:41:78:69:14:d6:a0:b6:fe:73:17:14:bc:6d:b7:73:60:
         1b:71:4c:30:82:cb:70:44:be:a5:6c:be:b9:86:78:05:90:15:
         47:57:b8:a6:eb:4c:f2:b2:3e:65:41:88:26:e7:c8:66:9e:b7:
         c0:0b:82:d5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NkQ5MTExMC8GA1UEBRMoRjY3MThBNUU1RTQyRDA4RTI1M0EyRkIzMDBGRjA5QzNG
NTM1MUQzMjAeFw0yMTA0MTExNjU3MzlaFw0yMjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYwNzMyYTgzLTExNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzDtUCF70iZ+r35koOm2E5EGST1u2KtHeL0WIC9VFviQsZ2Bkpb0u3hER54vDW
QsQ1dPC91Bfz0DUmSd511khQcQdmZ4Mu4WsSRshW5vPAZ56hv/jmotZCDOvesM4C
D701Awrpj5/6SqELMbGo7ZfaM1swXKWmMB7X+EVZqcSiQsjv/jV0Oks7wF3bUAdO
p7x1Mizap0pNjP03U1bL4m3g+yjhPmt26KCQnG766Grmtn6BzGvY6WAqnhmzEMLF
3ERV/kqz5VHnV0fEBOVcnrHmHUDpmqrA2sY39K2/vo290fDey3Yq34aHzoOoBCIJ
YIjG7aV5p/JvXxSzJwYMR41DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/W9e6pOy
0yIik3zqnjVBueYBI9AwHwYDVR0jBBgwFoAU9nGKXl5C0I4lOi+zAP8Jw/U1HTIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY2RDkxL0U1MTdGMkI2OUFF
NTExRUI4MzdGMTM1RUM0RjlBRTAyLzluR0tYbDVDMEk0bE9pLXpBUDhKd19VMUhU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOW5HS1hsNUMwSTRsT2ktekFQOEp3X1UxSFRJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NkQ5MS9FNTE3RjJCNjlBRTUxMUVCODM3RjEzNUVDNEY5QUUwMi8wNUE4RTBGMjlB
RTcxMUVCQUIwNzQ4NUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsuvADANBgkqhkiG9w0BAQsFAAOCAQEAumVwwLD/t8rZuoU6
rlOt8X8vHUw+m2kHsoErhy99BayX921kHnZZas7KR8FOikulFxLqBdzWBbBuWwOU
GXXa1DerwOOuAGZAilTmBUt5eS04NhTjWuiCg2ScfLDA9x7Jj7YVyfpfuCjrOV/a
P4f3Ss8NNqtxDdLWTTzU29hCSMXigQ7lOVHoGefEHXuMFfGPlyYI/0lyeCUqA1Yu
moZzzXtHbo9R/ZOaxZGBOzw1iKIMCEJR1zMAY8qD2HcStSwhu+B+XO/lASRBeGkU
1qC2/nMXFLxtt3NgG3FMMILLcES+pWy+uYZ4BZAVR1e4putM8rI+ZUGIJufIZp63
wAuC1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org