Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BE86CE4633E111E98918DB77C4F9AE02.roa
File:                     BE86CE4633E111E98918DB77C4F9AE02.roa (raw, json)
Hash identifier:          bBu+0YQWqyJ7bjYT5pA0pMp3DB2TGfUc0htvDmWLU/U=
Subject key identifier:   CA:F4:C0:A7:2C:7A:55:B3:60:07:F7:DF:95:A3:FF:48:D4:90:5B:C7
Certificate issuer:       /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial:       324F
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BE86CE4633E111E98918DB77C4F9AE02.roa
Signing time:             Tue 21 Jun 2022 15:20:41 +0000
ROA not before:           Tue 21 Jun 2022 15:20:41 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     45131
IP address blocks:        163.7.130.0/23 maxlen: 23
                          163.7.130.0/24 maxlen: 24
                          163.7.131.0/24 maxlen: 24
                          163.7.132.0/24 maxlen: 24
                          2404:138:130::/47 maxlen: 47
                          2404:138:130::/48 maxlen: 48
                          2404:138:131::/48 maxlen: 48
                          2404:138:132::/47 maxlen: 47

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12879 (0x324f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
        Validity
            Not Before: Jun 21 15:20:41 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62b1e1c9-8658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:24:55:a6:e6:8f:17:09:c9:c8:ee:a4:35:f9:
                    dd:6c:2e:21:82:97:17:19:b1:ea:19:86:3b:08:06:
                    bb:de:73:0c:bf:d0:a1:d0:a8:62:52:99:05:f1:47:
                    62:c6:11:11:59:7d:fe:8d:51:db:aa:1c:63:11:f3:
                    cb:82:76:cc:e5:13:a5:2c:80:92:77:9e:f1:88:ed:
                    ac:50:b9:3b:14:db:62:c8:36:7f:79:22:c1:5b:2b:
                    e7:42:e3:ce:ed:08:bc:bb:e8:5a:02:cc:0e:47:55:
                    58:71:43:d9:2f:c0:f4:57:4b:42:09:b4:78:5c:c0:
                    b6:32:4a:6f:32:2a:c0:55:69:15:fd:0b:bc:c6:f7:
                    94:dd:c8:8b:ec:7f:26:56:6c:49:71:f2:e7:86:f2:
                    cd:a7:a5:9f:23:ef:e9:7c:35:21:e7:35:b8:fc:28:
                    aa:e0:b8:a8:92:e9:22:93:ab:95:22:fa:3d:48:49:
                    3e:1a:66:dc:8b:8e:b3:32:28:6b:7c:cf:74:52:95:
                    88:e1:52:96:77:e0:35:a1:90:90:8e:42:d3:e3:43:
                    03:ad:a7:39:a7:ab:94:ad:98:3c:80:6f:98:60:61:
                    ef:3c:ee:14:69:d9:16:9c:00:97:61:d5:3d:ee:ab:
                    09:ab:77:27:cb:d7:a5:55:9b:a6:3a:fd:cc:22:77:
                    d5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:F4:C0:A7:2C:7A:55:B3:60:07:F7:DF:95:A3:FF:48:D4:90:5B:C7
            X509v3 Authority Key Identifier:
                keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/BE86CE4633E111E98918DB77C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.7.130.0-163.7.132.255
                IPv6:
                  2404:138:130::/46

    Signature Algorithm: sha256WithRSAEncryption
         3b:14:e5:06:5e:ab:3b:f4:e8:99:62:78:6a:0c:92:41:77:b5:
         83:59:49:3b:c7:cd:71:ac:01:25:d0:51:b8:3b:6f:41:6c:bd:
         15:51:bd:20:9b:7b:5e:84:03:f7:aa:5c:d6:8c:66:a0:39:77:
         4c:31:1d:e3:54:6c:92:3c:e5:b6:13:ec:91:a4:a9:00:9d:30:
         3e:1f:f8:03:5c:ad:cd:16:57:93:76:b6:58:f1:5b:3b:98:82:
         c1:bf:03:85:cd:3e:dd:7b:1b:8c:cd:aa:f3:27:52:cd:76:d0:
         c7:67:0c:3f:4a:dc:4f:f7:6f:d2:c5:73:ba:99:2a:2b:49:90:
         d8:56:b8:d9:25:66:7e:69:0e:39:8a:2f:27:dc:b5:0e:2e:36:
         47:a6:0a:b0:b5:b3:68:cb:9d:a3:31:99:f4:d3:13:8c:5e:80:
         ff:5f:32:30:f7:33:b6:58:48:1d:77:45:2c:3e:c3:7c:a2:66:
         8b:2c:08:e3:11:08:ec:ba:ac:5c:c0:a7:cb:68:71:80:58:b3:
         e1:3b:f7:7c:87:f2:4f:f6:8c:5e:86:07:e9:4e:46:4d:c7:3e:
         4a:9e:03:7c:38:ac:bd:cf:e1:f3:87:c5:89:73:69:c8:34:77:
         2b:7d:62:80:75:ce:1d:00:5e:4b:33:f0:34:c6:d0:74:80:87:
         94:22:31:fa
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICMk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjIwNjIxMTUyMDQxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIxZTFjOS04NjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApyRVpuaPFwnJyO6kNfndbC4hgpcXGbHqGYY7CAa73nMMv9Ch0KhiUpkF8Udi
xhERWX3+jVHbqhxjEfPLgnbM5ROlLICSd57xiO2sULk7FNtiyDZ/eSLBWyvnQuPO
7Qi8u+haAswOR1VYcUPZL8D0V0tCCbR4XMC2MkpvMirAVWkV/Qu8xveU3ciL7H8m
VmxJcfLnhvLNp6WfI+/pfDUh5zW4/Ciq4Liokukik6uVIvo9SEk+Gmbci46zMihr
fM90UpWI4VKWd+A1oZCQjkLT40MDrac5p6uUrZg8gG+YYGHvPO4UadkWnACXYdU9
7qsJq3cny9elVZumOv3MInfVxQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFMr0wKcs
elWzYAf335Wj/0jUkFvHMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQkU4NkNFNDYz
M0UxMTFFOTg5MThEQjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMBQEAgABMA4wDAMEAaMHggMEAKMHhDAPBAIAAjAJAwcCJAQBOAEwMA0GCSqG
SIb3DQEBCwUAA4IBAQA7FOUGXqs79OiZYnhqDJJBd7WDWUk7x81xrAEl0FG4O29B
bL0VUb0gm3tehAP3qlzWjGagOXdMMR3jVGySPOW2E+yRpKkAnTA+H/gDXK3NFleT
drZY8Vs7mILBvwOFzT7dexuMzarzJ1LNdtDHZww/StxP92/SxXO6mSorSZDYVrjZ
JWZ+aQ45ii8n3LUOLjZHpgqwtbNoy52jMZn00xOMXoD/XzIw9zO2WEgdd0UsPsN8
omaLLAjjEQjsuqxcwKfLaHGAWLPhO/d8h/JP9oxehgfpTkZNxz5KngN8OKy9z+Hz
h8WJc2nINHcrfWKAdc4dAF5LM/A0xtB0gIeUIjH6
-----END CERTIFICATE-----