Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/76B6B7C8CAAD11EC9B0BCC4BC4F9AE02.roa
File:                     76B6B7C8CAAD11EC9B0BCC4BC4F9AE02.roa (raw, json)
Hash identifier:          m+Bu6tdsNMP7IcrVo2Mi2nMaLl6b2q7+pkVGUprTT3U=
Subject key identifier:   2D:AC:32:49:BB:EE:03:A2:25:B1:8A:DB:CD:20:4E:B3:0F:1F:A5:9E
Certificate issuer:       /CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Certificate serial:       032A
Authority key identifier: E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/76B6B7C8CAAD11EC9B0BCC4BC4F9AE02.roa
Signing time:             Thu 26 May 2022 14:00:22 +0000
ROA not before:           Thu 26 May 2022 14:00:22 +0000
ROA not after:            Sat 30 Sep 2023 00:00:00 +0000
asID:                     397373
IP address blocks:        115.126.27.0/24 maxlen: 24
                          115.126.73.0/24 maxlen: 24
                          115.126.87.0/24 maxlen: 24
                          115.126.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 810 (0x32a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
        Validity
            Not Before: May 26 14:00:22 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=628f87f5-5d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:16:b4:b7:76:8d:27:6e:b5:e4:a5:d7:d5:60:
                    bf:5a:be:c4:9f:e1:c9:f1:a1:8a:a7:83:c1:43:a3:
                    a4:94:72:2b:34:b5:59:cf:3c:8d:4c:f8:e7:1f:b5:
                    5b:9b:b5:51:a0:12:bb:09:39:b2:12:82:0e:7d:f1:
                    34:d6:41:25:1b:c4:97:e1:90:42:92:5f:0f:0c:95:
                    e2:22:40:63:ce:73:c7:7b:00:4f:36:03:ce:34:6d:
                    5c:2c:3f:45:bd:1b:a1:0d:61:9d:32:58:64:af:69:
                    db:02:25:be:1e:4f:c8:90:2e:37:1f:6e:ff:1e:bf:
                    b5:8d:d4:cb:7c:aa:24:28:cd:22:19:13:a7:e7:55:
                    6f:e9:7a:af:50:87:1c:60:ae:b4:d3:89:71:28:de:
                    3f:bd:36:b7:77:2d:9c:ba:a3:a5:a4:8e:b0:9c:79:
                    13:bf:b8:c1:65:33:c5:2c:ff:0b:f9:dc:fc:c4:9e:
                    ca:7a:92:6b:4b:be:3f:79:5d:c2:02:dc:60:f2:92:
                    c7:4f:c8:df:0e:5f:86:2c:b3:e3:fe:b9:cc:1d:30:
                    ef:e9:d4:6e:77:f5:05:08:43:0e:15:93:82:c5:01:
                    d4:4f:da:f8:aa:d7:f8:d3:60:e1:04:39:7e:64:5d:
                    e1:3d:e6:92:73:79:3e:3d:65:7f:95:07:54:ee:37:
                    11:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:AC:32:49:BB:EE:03:A2:25:B1:8A:DB:CD:20:4E:B3:0F:1F:A5:9E
            X509v3 Authority Key Identifier:
                keyid:E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/4Loijq-YEvBn0v87-AaJVpjJOXc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/76B6B7C8CAAD11EC9B0BCC4BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.126.27.0/24
                  115.126.73.0/24
                  115.126.87.0/24
                  115.126.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:ed:28:be:60:9b:da:4d:3e:83:9d:75:b0:a7:aa:c1:f4:b0:
         6d:b7:19:6a:f3:b3:b7:37:83:e0:2b:41:bb:c2:99:d6:49:f1:
         24:71:30:07:7a:c9:55:61:ab:fc:92:80:40:e5:db:d2:6e:d7:
         aa:dd:3f:85:45:5c:37:2b:ea:53:8c:4e:c5:7a:19:52:6e:b0:
         c3:1f:ed:c9:b5:45:45:30:5a:26:79:37:83:00:8c:86:6c:81:
         bb:bb:55:af:55:b4:a9:fe:51:72:47:95:65:34:cd:10:dc:08:
         f7:d2:7d:68:40:91:91:b4:ec:84:c6:ae:3f:35:fa:0f:4b:d2:
         b1:1b:e5:f7:1c:da:ff:62:e5:53:ed:84:80:1c:1b:3d:de:b8:
         3b:8f:12:2b:03:92:24:1a:e6:3b:7c:1f:72:9a:40:eb:d6:92:
         80:da:c1:2f:75:04:94:4f:7a:b3:b8:0e:ee:18:79:93:09:e9:
         37:7c:d2:f3:bc:fd:93:2e:05:03:64:56:fa:29:45:5e:c3:50:
         24:9a:5c:4b:67:a4:b9:51:5c:c8:f0:d6:4f:e8:38:cc:42:71:
         ad:0e:11:57:bf:d0:fa:97:b9:ae:3f:70:08:11:19:16:b0:42:
         e5:de:49:d7:18:03:9d:c8:23:22:20:03:d5:b5:f4:4e:cd:aa:
         e9:83:da:ae
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRENjAxMTAvBgNVBAUTKEUwQkEyMjhFQUY5ODEyRjA2N0QyRkYzQkY4MDY4OTU2
OThDOTM5NzcwHhcNMjIwNTI2MTQwMDIyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhmODdmNS01ZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzxa0t3aNJ2615KXX1WC/Wr7En+HJ8aGKp4PBQ6OklHIrNLVZzzyNTPjnH7Vb
m7VRoBK7CTmyEoIOffE01kElG8SX4ZBCkl8PDJXiIkBjznPHewBPNgPONG1cLD9F
vRuhDWGdMlhkr2nbAiW+Hk/IkC43H27/Hr+1jdTLfKokKM0iGROn51Vv6XqvUIcc
YK6004lxKN4/vTa3dy2cuqOlpI6wnHkTv7jBZTPFLP8L+dz8xJ7KepJrS74/eV3C
Atxg8pLHT8jfDl+GLLPj/rnMHTDv6dRud/UFCEMOFZOCxQHUT9r4qtf402DhBDl+
ZF3hPeaSc3k+PWV/lQdU7jcR8wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFC2sMkm7
7gOiJbGK280gTrMPH6WeMB8GA1UdIwQYMBaAFOC6Io6vmBLwZ9L/O/gGiVaYyTl3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEQ2MC85RTBERTM5MkI0
NUYxMUVCQjYxQjc2MENDNEY5QUUwMi80TG9panEtWUV2Qm4wdjg3LUFhSlZwakpP
WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRMb2lqcS1ZRXZCbjB2ODctQWFKVnBqSk9YYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRENjAvOUUwREUzOTJCNDVGMTFFQkI2MUI3NjBDQzRGOUFFMDIvNzZCNkI3QzhD
QUFEMTFFQzlCMEJDQzRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABzfhsDBABzfkkDBABzflcDBABzfnAwDQYJKoZIhvcNAQEL
BQADggEBAAXtKL5gm9pNPoOddbCnqsH0sG23GWrzs7c3g+ArQbvCmdZJ8SRxMAd6
yVVhq/ySgEDl29Ju16rdP4VFXDcr6lOMTsV6GVJusMMf7cm1RUUwWiZ5N4MAjIZs
gbu7Va9VtKn+UXJHlWU0zRDcCPfSfWhAkZG07ITGrj81+g9L0rEb5fcc2v9i5VPt
hIAcGz3euDuPEisDkiQa5jt8H3KaQOvWkoDawS91BJRPerO4Du4YeZMJ6Td80vO8
/ZMuBQNkVvopRV7DUCSaXEtnpLlRXMjw1k/oOMxCca0OEVe/0PqXua4/cAgRGRaw
QuXeSdcYA53IIyIgA9W19E7NqumD2q4=
-----END CERTIFICATE-----