Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/56E568662C3811EEAE9A1449C4F9AE02.roa
File:                     56E568662C3811EEAE9A1449C4F9AE02.roa (raw, json)
Hash identifier:          zupHiVH5K1c7+KbNvc/qcX4nuM+lULTA6LoMwGBNP9c=
Subject key identifier:   13:9C:D4:15:67:24:B4:A6:59:7A:AF:0B:78:2E:31:A8:4B:B8:63:28
Certificate issuer:       /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial:       03B3
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/56E568662C3811EEAE9A1449C4F9AE02.roa
Signing time:             Thu 27 Jul 2023 04:44:58 +0000
ROA not before:           Thu 27 Jul 2023 04:44:58 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     44547
IP address blocks:        117.55.205.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 947 (0x3b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
        Validity
            Not Before: Jul 27 04:44:58 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=64c1f64a-b8ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:71:4f:85:22:4d:1f:84:35:42:75:fb:8f:a6:
                    46:e7:c7:60:05:b0:0e:5c:24:8e:23:42:a0:c7:b6:
                    65:20:a7:16:ad:a3:d3:e2:c8:9f:0f:d7:9e:30:81:
                    b7:2a:23:d9:6c:47:7a:43:f1:a5:be:a5:84:f1:a2:
                    a0:21:a8:39:1d:07:21:7f:11:5e:b6:c7:ad:8c:f4:
                    83:4f:5f:3d:a6:2e:fe:69:a5:5b:4d:65:87:d6:3b:
                    31:10:43:38:fb:92:90:7b:a7:6d:7b:9b:41:a5:73:
                    a7:20:bf:a9:da:34:18:d1:21:61:01:19:4b:af:d0:
                    73:61:f1:6e:4b:21:0a:ac:cb:23:cc:45:1a:f7:98:
                    71:62:3f:b1:44:01:94:dd:3a:4d:f0:e8:da:54:ac:
                    98:56:d6:1e:22:99:f6:43:db:4a:a7:6d:76:ee:d7:
                    57:60:7f:24:cc:3b:48:43:e6:e8:51:cf:37:bb:30:
                    2b:31:fe:10:bf:96:88:dd:af:71:8d:7a:ad:76:86:
                    b4:77:a2:92:a5:b9:da:49:44:75:76:97:f2:24:db:
                    4f:ea:87:e2:26:87:71:62:7a:c8:1b:1c:47:25:de:
                    73:98:bb:42:9a:5b:76:ff:42:18:c5:c7:f4:e7:0d:
                    6b:5f:fb:73:4d:5e:31:02:52:3c:a0:02:cb:d0:fe:
                    64:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:9C:D4:15:67:24:B4:A6:59:7A:AF:0B:78:2E:31:A8:4B:B8:63:28
            X509v3 Authority Key Identifier:
                keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/56E568662C3811EEAE9A1449C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.55.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:1e:ea:5b:83:6e:a9:6c:e1:de:53:a4:89:9d:41:2c:d4:d7:
         5d:3b:a4:34:70:22:d8:7b:52:a0:fd:40:ea:c9:d9:86:c8:5f:
         e0:87:24:2d:94:fc:1a:9b:3d:1a:08:eb:ef:25:45:7e:58:42:
         ac:cf:fd:df:b1:e7:47:ce:ab:1c:14:29:92:d0:4f:f9:3a:66:
         99:08:a1:1d:41:68:8a:9b:fb:a8:2b:c6:58:7e:e5:57:0c:f8:
         e5:1e:6c:94:55:6e:d9:1d:dd:4a:7c:f1:f2:64:34:49:83:d8:
         5a:1a:a7:7e:a6:07:50:20:c7:71:c0:2e:1f:ff:6d:9d:9c:23:
         8d:db:54:a0:24:9b:2d:9b:eb:11:97:2e:f3:32:c1:b1:26:87:
         0c:4e:02:32:f2:0f:3e:89:d9:cb:c9:dd:c9:94:bf:d5:02:ce:
         c2:23:51:2c:b2:16:cb:ff:f8:42:78:68:62:19:4e:4a:96:6d:
         14:d6:14:bf:3a:d7:a1:e6:05:c1:24:4b:25:b8:62:1a:42:c7:
         db:b6:a3:3e:2a:58:ad:4b:a5:50:2c:0c:5e:8c:f8:6d:0d:6a:
         2d:34:a5:eb:80:84:3c:47:bb:ab:24:aa:d0:d1:1a:5d:97:a8:
         16:7a:66:5d:4d:28:5c:04:89:e7:18:48:2c:d5:8c:b7:00:5c:
         fc:44:bc:a5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjMwNzI3MDQ0NDU4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMxZjY0YS1iOGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmXFPhSJNH4Q1QnX7j6ZG58dgBbAOXCSOI0Kgx7ZlIKcWraPT4sifD9eeMIG3
KiPZbEd6Q/GlvqWE8aKgIag5HQchfxFetsetjPSDT189pi7+aaVbTWWH1jsxEEM4
+5KQe6dte5tBpXOnIL+p2jQY0SFhARlLr9BzYfFuSyEKrMsjzEUa95hxYj+xRAGU
3TpN8OjaVKyYVtYeIpn2Q9tKp2127tdXYH8kzDtIQ+boUc83uzArMf4Qv5aI3a9x
jXqtdoa0d6KSpbnaSUR1dpfyJNtP6ofiJodxYnrIGxxHJd5zmLtCmlt2/0IYxcf0
5w1rX/tzTV4xAlI8oALL0P5k3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBOc1BVn
JLSmWXqvC3guMahLuGMoMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvNTZFNTY4NjYy
QzM4MTFFRUFFOUExNDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1N80wDQYJKoZIhvcNAQELBQADggEBAFce6luDbqls4d5T
pImdQSzU1107pDRwIth7UqD9QOrJ2YbIX+CHJC2U/BqbPRoI6+8lRX5YQqzP/d+x
50fOqxwUKZLQT/k6ZpkIoR1BaIqb+6grxlh+5VcM+OUebJRVbtkd3Up88fJkNEmD
2Foap36mB1Agx3HALh//bZ2cI43bVKAkmy2b6xGXLvMywbEmhwxOAjLyDz6J2cvJ
3cmUv9UCzsIjUSyyFsv/+EJ4aGIZTkqWbRTWFL8616HmBcEkSyW4YhpCx9u2oz4q
WK1LpVAsDF6M+G0Nai00peuAhDxHu6skqtDRGl2XqBZ6Zl1NKFwEiecYSCzVjLcA
XPxEvKU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org