Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CBE62742ED4411ECA329BA62C4F9AE02.roa
File:                     CBE62742ED4411ECA329BA62C4F9AE02.roa (raw, json)
Hash identifier:          eFGcqEOL3ub/dkstjhiGsTRJhNih42Ff60IefKPWwPs=
Subject key identifier:   3A:FE:C9:55:8E:09:30:F3:BC:2F:3F:1F:2B:96:0F:EA:5F:D0:DF:57
Certificate issuer:       /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial:       3261
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CBE62742ED4411ECA329BA62C4F9AE02.roa
Signing time:             Thu 16 Jun 2022 07:20:28 +0000
ROA not before:           Thu 16 Jun 2022 07:20:27 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     7018
IP address blocks:        175.29.112.0/21 maxlen: 24
                          175.29.128.0/21 maxlen: 24
                          175.29.200.0/21 maxlen: 24
                          203.76.152.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12897 (0x3261)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Validity
            Not Before: Jun 16 07:20:27 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=62aad9bb-f616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:ab:08:f8:b1:05:de:f4:b5:23:f8:4c:fc:15:
                    c5:6b:fe:72:04:7f:61:45:a4:39:47:96:6a:29:85:
                    90:7a:93:8a:a1:2d:39:9d:16:9f:bb:2e:c6:f7:2e:
                    e3:22:fc:10:71:6b:4e:d6:b3:d8:4c:c4:ef:89:ec:
                    dc:98:8b:a2:66:d3:a1:91:ef:ad:3a:27:9e:91:5e:
                    e1:4c:9c:5d:e3:f9:51:cd:7f:55:a2:1f:f0:61:e6:
                    82:e2:fe:ac:40:04:06:16:55:48:18:5e:4a:94:ee:
                    3a:29:51:e8:a8:3d:aa:de:83:48:04:3a:03:39:35:
                    eb:e7:2a:fc:de:4b:8e:64:09:97:88:89:9b:da:1e:
                    a9:f2:60:29:00:9e:58:32:dd:39:5e:26:ec:54:41:
                    d0:98:5a:75:0a:45:a4:12:11:64:9c:38:6b:61:97:
                    7d:36:6e:62:eb:a3:f8:2a:90:2c:8b:ec:d5:73:17:
                    e9:c3:88:09:b0:84:f7:47:08:d4:19:68:7a:5c:75:
                    44:77:5b:ba:8f:bf:c2:0a:07:55:01:d1:7c:0d:38:
                    e4:be:e5:89:a3:66:40:a8:87:ff:12:00:b8:e8:b9:
                    78:4a:0c:e5:73:45:dc:38:a3:05:d6:b4:03:f4:d9:
                    e1:eb:b5:e8:8c:6d:43:9e:be:d0:9e:90:cb:98:ba:
                    3b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:FE:C9:55:8E:09:30:F3:BC:2F:3F:1F:2B:96:0F:EA:5F:D0:DF:57
            X509v3 Authority Key Identifier:
                keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CBE62742ED4411ECA329BA62C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.112.0/21
                  175.29.128.0/21
                  175.29.200.0/21
                  203.76.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7e:dd:de:69:25:c5:42:67:09:c7:78:54:ba:9d:10:e6:91:94:
         9a:7b:0c:ad:27:b2:22:12:f3:b0:be:28:29:fc:53:70:ed:02:
         72:f2:37:01:24:04:27:eb:04:9d:83:9e:34:14:62:0f:fe:f9:
         4d:67:50:9f:24:53:98:95:47:c1:10:f5:d3:81:ea:29:3b:46:
         3a:82:a3:3b:2c:c5:34:48:21:f8:8d:ca:e4:89:02:9a:e0:e9:
         be:0b:7a:17:e7:56:6c:54:43:93:40:f8:96:18:9d:21:1e:eb:
         f0:ae:11:53:74:66:b2:7b:7f:6e:82:56:7d:05:39:37:2f:c8:
         47:99:51:f2:81:a5:9d:26:f0:b7:8b:96:b3:21:ca:4b:80:a9:
         dd:62:ea:3d:72:f5:64:20:ea:ed:1b:19:eb:c1:57:7f:3f:2a:
         c8:b8:0c:e2:ae:3d:5d:d0:4d:a5:59:96:8e:41:ec:56:e4:31:
         5e:6f:21:f0:63:d4:f8:06:e5:39:57:35:97:bf:16:76:21:2d:
         0b:4c:ca:14:67:48:e0:ea:85:d9:e9:91:c7:df:bc:10:b1:90:
         04:fa:97:c6:46:a3:fd:2f:66:cd:db:0e:6c:b7:e6:3d:57:20:
         94:9d:a0:cc:59:4c:21:9f:ea:71:39:79:47:a9:00:0e:74:fb:
         cd:99:e6:59
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNjE2MDcyMDI3WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmFhZDliYi1mNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7KsI+LEF3vS1I/hM/BXFa/5yBH9hRaQ5R5ZqKYWQepOKoS05nRafuy7G9y7j
IvwQcWtO1rPYTMTviezcmIuiZtOhke+tOieekV7hTJxd4/lRzX9Voh/wYeaC4v6s
QAQGFlVIGF5KlO46KVHoqD2q3oNIBDoDOTXr5yr83kuOZAmXiImb2h6p8mApAJ5Y
Mt05XibsVEHQmFp1CkWkEhFknDhrYZd9Nm5i66P4KpAsi+zVcxfpw4gJsIT3RwjU
GWh6XHVEd1u6j7/CCgdVAdF8DTjkvuWJo2ZAqIf/EgC46Ll4Sgzlc0XcOKMF1rQD
9Nnh67XojG1Dnr7QnpDLmLo7ZQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDr+yVWO
CTDzvC8/HyuWD+pf0N9XMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQ0JFNjI3NDJF
RDQ0MTFFQ0EzMjlCQTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAOvHXADBAOvHYADBAOvHcgDBAPLTJgwDQYJKoZIhvcNAQEL
BQADggEBAH7d3mklxUJnCcd4VLqdEOaRlJp7DK0nsiIS87C+KCn8U3DtAnLyNwEk
BCfrBJ2DnjQUYg/++U1nUJ8kU5iVR8EQ9dOB6ik7RjqCozssxTRIIfiNyuSJAprg
6b4LehfnVmxUQ5NA+JYYnSEe6/CuEVN0ZrJ7f26CVn0FOTcvyEeZUfKBpZ0m8LeL
lrMhykuAqd1i6j1y9WQg6u0bGevBV38/Ksi4DOKuPV3QTaVZlo5B7FbkMV5vIfBj
1PgG5TlXNZe/FnYhLQtMyhRnSODqhdnpkcffvBCxkAT6l8ZGo/0vZs3bDmy35j1X
IJSdoMxZTCGf6nE5eUepAA50+82Z5lk=
-----END CERTIFICATE-----