Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/ADEC4046DD1D11ECA5B8FA39C4F9AE02.roa
File:                     ADEC4046DD1D11ECA5B8FA39C4F9AE02.roa (raw, json)
Hash identifier:          7HfW4EozbzW4nIe++psUs2x9M0/jgQh3xmf4bDbYKpY=
Subject key identifier:   4C:40:1B:07:6B:3F:D6:3D:FF:60:C1:7F:FE:8A:91:08:C8:C1:7B:71
Certificate issuer:       /CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63
Certificate serial:       EF
Authority key identifier: AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/ADEC4046DD1D11ECA5B8FA39C4F9AE02.roa
Signing time:             Wed 08 Jun 2022 20:10:56 +0000
ROA not before:           Wed 08 Jun 2022 20:10:56 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     149513
IP address blocks:        103.181.164.0/24 maxlen: 24
                          103.181.165.0/24 maxlen: 24
                          2400:5a60::/48 maxlen: 48
                          2400:5a60:1::/48 maxlen: 48
                          2400:5a60:2::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 239 (0xef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63
        Validity
            Not Before: Jun  8 20:10:56 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62a1024f-32ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:82:e9:c6:ee:0e:93:7d:8a:2c:a5:68:a1:f8:
                    b7:06:46:a8:b2:c5:a4:ea:d6:bb:f1:02:9e:54:e2:
                    75:69:0d:ef:4d:6c:21:a4:f3:63:d0:2f:74:f6:46:
                    12:79:cf:b2:db:a5:e9:bb:ff:4c:d8:80:79:2c:37:
                    27:07:89:89:30:c5:69:a8:19:07:2a:cb:a5:fd:ed:
                    f5:21:41:51:14:93:fe:db:f2:65:3e:53:fc:71:b7:
                    d4:2b:77:27:62:93:48:78:4c:48:49:34:c9:a3:45:
                    2c:0b:b6:20:97:2e:a8:ea:2a:f1:7a:1d:73:13:52:
                    0a:8f:57:df:df:a3:3b:38:19:09:30:80:27:f4:2a:
                    7f:d8:38:7f:91:87:8b:24:83:8e:a3:5e:2f:4c:8b:
                    5b:7a:e0:f2:a7:88:d6:2e:d9:ed:81:64:85:cd:e7:
                    f8:56:f1:f7:2d:c7:1f:ea:42:37:62:74:0f:ea:ac:
                    53:ab:c4:5a:9a:48:5f:cb:3a:72:d7:aa:80:38:e7:
                    eb:28:b4:1f:6c:ec:6a:9a:4f:f8:68:ac:d5:34:3b:
                    80:ab:1c:94:c1:56:08:fd:ab:3f:c8:52:1a:f4:1f:
                    01:b9:fd:0e:77:df:04:31:ac:8c:58:c3:6e:94:b2:
                    42:b7:cd:bc:0c:dd:ea:ec:d0:c0:54:c7:a8:24:56:
                    88:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:40:1B:07:6B:3F:D6:3D:FF:60:C1:7F:FE:8A:91:08:C8:C1:7B:71
            X509v3 Authority Key Identifier:
                keyid:AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/ADEC4046DD1D11ECA5B8FA39C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.164.0/23
                IPv6:
                  2400:5a60::-2400:5a60:2:0:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         29:f6:5d:3e:b5:42:76:df:3c:4a:0a:88:25:11:76:3b:20:b8:
         2d:21:e0:8d:a6:8f:a4:ce:8e:14:88:e8:cd:92:32:5b:b1:22:
         95:d4:b4:c1:79:77:3a:e6:d8:23:da:b7:d5:7c:57:a9:dc:06:
         2b:06:70:38:4a:e7:27:85:38:21:6c:3c:6b:44:dc:79:c5:8b:
         f4:ea:96:cb:fa:4c:87:c1:67:c4:0e:dc:df:cc:26:62:ae:69:
         9e:92:8f:91:42:08:56:57:9a:7e:53:31:c4:5c:4e:72:c3:b8:
         07:07:8a:83:96:ee:85:b2:47:17:9a:cc:00:e0:ac:ce:83:56:
         30:6d:86:95:ca:63:36:84:d7:d6:13:3b:94:aa:5c:15:be:e6:
         b8:0b:ae:89:8a:11:c9:0b:0e:bb:19:03:5d:6a:d9:60:e2:86:
         07:a7:bb:82:56:b4:6a:5d:8f:3f:f8:8a:24:45:43:70:4a:10:
         b9:ad:db:0d:2a:03:6a:1d:69:e3:2a:3e:c3:4c:17:44:5a:3f:
         02:29:7b:7b:2c:46:ec:e7:91:fa:8d:2a:fe:f5:24:b3:c0:63:
         e5:f5:12:22:42:1e:ad:98:07:e7:ab:52:d9:70:ef:6f:b6:42:
         5a:06:12:38:99:6f:6c:af:84:a1:1f:15:22:bd:0f:bc:79:6f:
         41:b5:c4:1a
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjEwMTgxMTAvBgNVBAUTKEFGRDA5NTVBN0REN0Y5QjBFQzJBNDRBMTFEOTM3MjA3
QzI3NTRBNjMwHhcNMjIwNjA4MjAxMDU2WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MmExMDI0Zi0zMmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2YLpxu4Ok32KLKVoofi3BkaossWk6ta78QKeVOJ1aQ3vTWwhpPNj0C909kYS
ec+y26Xpu/9M2IB5LDcnB4mJMMVpqBkHKsul/e31IUFRFJP+2/JlPlP8cbfUK3cn
YpNIeExISTTJo0UsC7Ygly6o6irxeh1zE1IKj1ff36M7OBkJMIAn9Cp/2Dh/kYeL
JIOOo14vTItbeuDyp4jWLtntgWSFzef4VvH3Lccf6kI3YnQP6qxTq8Ramkhfyzpy
16qAOOfrKLQfbOxqmk/4aKzVNDuAqxyUwVYI/as/yFIa9B8Buf0Od98EMayMWMNu
lLJCt828DN3q7NDAVMeoJFaIqQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFExAGwdr
P9Y9/2DBf/6KkQjIwXtxMB8GA1UdIwQYMBaAFK/QlVp91/mw7CpEoR2TcgfCdUpj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTAxOC84ODM2RkE2MDhE
NEMxMUVDOTg4QUU4NURDNEY5QUUwMi9yOUNWV24zWC1iRHNLa1NoSFpOeUI4SjFT
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I5Q1ZXbjNYLWJEc0trU2hIWk55QjhKMVNtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjEwMTgvODgzNkZBNjA4RDRDMTFFQzk4OEFFODVEQzRGOUFFMDIvQURFQzQwNDZE
RDFEMTFFQ0E1QjhGQTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMAwEAgABMAYDBAFntaQwGgQCAAIwFDASAwUFJABaYAMJACQAWmAAAgAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAp9l0+tUJ23zxKCoglEXY7ILgtIeCNpo+kzo4UiOjN
kjJbsSKV1LTBeXc65tgj2rfVfFep3AYrBnA4SucnhTghbDxrRNx5xYv06pbL+kyH
wWfEDtzfzCZirmmeko+RQghWV5p+UzHEXE5yw7gHB4qDlu6FskcXmswA4KzOg1Yw
bYaVymM2hNfWEzuUqlwVvua4C66JihHJCw67GQNdatlg4oYHp7uCVrRqXY8/+Iok
RUNwShC5rdsNKgNqHWnjKj7DTBdEWj8CKXt7LEbs55H6jSr+9SSzwGPl9RIiQh6t
mAfnq1LZcO9vtkJaBhI4mW9sr4ShHxUivQ+8eW9BtcQa
-----END CERTIFICATE-----