Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F724B/1BC71A62168911E68EEFD97BC4F9AE02/0421DAD0200311ECBC05BF48C4F9AE02.roa
File:                     0421DAD0200311ECBC05BF48C4F9AE02.roa (raw, json)
Hash identifier:          nHbhkI/p4WhRYMTbCIbLIe95CUSasrpodisudkOaxjE=
Subject key identifier:   B3:DC:6D:25:58:37:80:2D:B7:FC:EF:74:4F:21:F3:79:FB:D2:A5:4C
Certificate issuer:       /CN=A91F724B/serialNumber=E8EDA71C8964D29F06C24A2B6D1B77153CA8F389
Certificate serial:       1CE0
Authority key identifier: E8:ED:A7:1C:89:64:D2:9F:06:C2:4A:2B:6D:1B:77:15:3C:A8:F3:89
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6O2nHIlk0p8GwkorbRt3FTyo84k.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F724B/1BC71A62168911E68EEFD97BC4F9AE02/0421DAD0200311ECBC05BF48C4F9AE02.roa
Signing time:             Tue 08 Mar 2022 17:03:09 +0000
ROA not before:           Tue 08 Mar 2022 17:03:09 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     9930
IP address blocks:        203.10.58.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7392 (0x1ce0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F724B/serialNumber=E8EDA71C8964D29F06C24A2B6D1B77153CA8F389
        Validity
            Not Before: Mar  8 17:03:09 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62278c4d-2a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e6:56:53:7c:94:96:8b:a0:20:c2:2c:22:42:
                    d1:73:cd:d4:f4:98:b1:4b:7d:9c:84:05:b0:4d:f3:
                    75:9c:e9:19:05:b8:37:ee:b2:9a:43:46:7e:26:c0:
                    8f:d9:5d:f2:e7:95:79:6f:07:93:1a:af:5d:c1:d4:
                    be:cb:59:30:cf:3f:aa:ae:34:de:cd:5c:af:23:14:
                    53:3a:cd:2a:5e:77:39:b2:0d:b8:57:a8:7b:85:26:
                    98:ab:55:f6:2c:5a:74:50:99:54:b3:42:83:9e:0d:
                    c6:f8:0e:82:77:71:7e:a9:9e:6d:28:8c:06:a1:f0:
                    e4:2f:23:ad:27:96:02:de:69:34:59:36:69:6e:a4:
                    9d:70:2b:c4:41:14:c0:da:59:66:3b:be:43:bb:46:
                    7c:60:51:ab:6a:79:7a:7b:4a:76:7d:7b:16:77:8c:
                    56:30:fb:ec:10:b1:c4:1a:81:7e:c3:f5:70:b1:72:
                    cf:4e:33:1b:9e:14:11:61:dc:08:d8:51:ba:03:02:
                    3c:57:48:f2:08:9e:20:a4:5b:9d:ad:5c:c4:e3:00:
                    49:c8:f1:e5:48:60:4b:e3:28:95:df:40:8c:de:d2:
                    01:72:9b:e7:a8:48:59:68:3c:7b:2a:e1:cf:c4:93:
                    0d:c1:79:7d:da:27:7c:83:c1:ac:23:17:6c:5c:e5:
                    66:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:DC:6D:25:58:37:80:2D:B7:FC:EF:74:4F:21:F3:79:FB:D2:A5:4C
            X509v3 Authority Key Identifier:
                keyid:E8:ED:A7:1C:89:64:D2:9F:06:C2:4A:2B:6D:1B:77:15:3C:A8:F3:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F724B/1BC71A62168911E68EEFD97BC4F9AE02/6O2nHIlk0p8GwkorbRt3FTyo84k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6O2nHIlk0p8GwkorbRt3FTyo84k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F724B/1BC71A62168911E68EEFD97BC4F9AE02/0421DAD0200311ECBC05BF48C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.10.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:04:e9:06:03:7d:3f:05:1e:ec:1e:01:76:02:e0:a0:7c:e6:
         4c:bf:f2:14:97:c7:c5:32:d9:c5:4a:5f:7a:20:1e:97:a2:f1:
         81:c5:63:61:e0:f0:1b:c5:13:ed:c0:47:ce:23:72:b8:a0:a7:
         ad:04:40:9e:db:43:b5:16:fb:f0:9f:12:d1:aa:7c:4d:09:96:
         5b:ef:47:ff:44:17:6c:03:6b:b0:5f:cb:47:dd:58:45:d8:ce:
         01:3f:e4:48:a9:d9:a6:48:07:4b:99:e2:60:df:25:2b:15:ce:
         d0:4b:1e:4d:31:f4:84:29:98:f2:dd:1f:0f:d4:24:8f:9c:62:
         b9:95:f6:61:e1:c5:c2:ff:35:25:52:18:8b:85:c8:e6:5b:ca:
         21:42:54:ac:73:5a:4b:00:50:5b:41:ee:f2:73:b3:55:6e:16:
         5c:09:a5:bd:f9:66:84:04:56:48:a4:fd:69:d8:7a:54:8e:91:
         50:f0:d5:29:92:45:c8:67:1c:02:3e:e8:ed:ff:de:2b:a6:c2:
         20:5a:f3:af:01:ee:5a:ae:ba:1f:e1:1b:54:0a:0e:c0:57:a4:
         ac:87:55:f3:fa:9d:81:71:1a:de:e1:0a:14:ac:35:29:39:db:
         93:bd:c5:30:5d:48:60:10:ce:21:81:03:0e:d8:d6:7e:ab:54:
         65:e6:cb:0c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjcyNEIxMTAvBgNVBAUTKEU4RURBNzFDODk2NEQyOUYwNkMyNEEyQjZEMUI3NzE1
M0NBOEYzODkwHhcNMjIwMzA4MTcwMzA5WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI3OGM0ZC0yYTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqOZWU3yUlougIMIsIkLRc83U9JixS32chAWwTfN1nOkZBbg37rKaQ0Z+JsCP
2V3y55V5bweTGq9dwdS+y1kwzz+qrjTezVyvIxRTOs0qXnc5sg24V6h7hSaYq1X2
LFp0UJlUs0KDng3G+A6Cd3F+qZ5tKIwGofDkLyOtJ5YC3mk0WTZpbqSdcCvEQRTA
2llmO75Du0Z8YFGranl6e0p2fXsWd4xWMPvsELHEGoF+w/VwsXLPTjMbnhQRYdwI
2FG6AwI8V0jyCJ4gpFudrVzE4wBJyPHlSGBL4yiV30CM3tIBcpvnqEhZaDx7KuHP
xJMNwXl92id8g8GsIxdsXOVmSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLPcbSVY
N4Att/zvdE8h83n70qVMMB8GA1UdIwQYMBaAFOjtpxyJZNKfBsJKK20bdxU8qPOJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzI0Qi8xQkM3MUE2MjE2
ODkxMUU2OEVFRkQ5N0JDNEY5QUUwMi82TzJuSElsazBwOEd3a29yYlJ0M0ZUeW84
NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZPMm5ISWxrMHA4R3drb3JiUnQzRlR5bzg0ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjcyNEIvMUJDNzFBNjIxNjg5MTFFNjhFRUZEOTdCQzRGOUFFMDIvMDQyMURBRDAy
MDAzMTFFQ0JDMDVCRjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLCjowDQYJKoZIhvcNAQELBQADggEBALME6QYDfT8FHuwe
AXYC4KB85ky/8hSXx8Uy2cVKX3ogHpei8YHFY2Hg8BvFE+3AR84jcrigp60EQJ7b
Q7UW+/CfEtGqfE0JllvvR/9EF2wDa7Bfy0fdWEXYzgE/5Eip2aZIB0uZ4mDfJSsV
ztBLHk0x9IQpmPLdHw/UJI+cYrmV9mHhxcL/NSVSGIuFyOZbyiFCVKxzWksAUFtB
7vJzs1VuFlwJpb35ZoQEVkik/WnYelSOkVDw1SmSRchnHAI+6O3/3iumwiBa868B
7lquuh/hG1QKDsBXpKyHVfP6nYFxGt7hChSsNSk525O9xTBdSGAQziGBAw7Y1n6r
VGXmyww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org