Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/A276B330739011EE81F4DD45C4F9AE02.roa
File:                     A276B330739011EE81F4DD45C4F9AE02.roa (raw, json)
Hash identifier:          t2cwVtV4q/ILTGXw1v6aeyms1Jv11swt44b91xRz154=
Subject key identifier:   62:A6:D5:5D:84:BE:0F:42:3A:86:DF:D7:47:DE:FA:FE:C2:D8:98:07
Certificate issuer:       /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Certificate serial:       025E
Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/A276B330739011EE81F4DD45C4F9AE02.roa
Signing time:             Wed 25 Oct 2023 23:45:54 +0000
ROA not before:           Wed 25 Oct 2023 23:45:54 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     9224
IP address blocks:        58.96.128.0/19 maxlen: 20
                          123.50.144.0/20 maxlen: 20
                          125.254.64.0/19 maxlen: 19
                          125.254.96.0/19 maxlen: 19
                          202.191.8.0/21 maxlen: 21
                          210.56.224.0/19 maxlen: 19
                          210.56.224.0/21 maxlen: 21
                          210.56.232.0/21 maxlen: 21
                          210.56.240.0/21 maxlen: 21
                          210.56.248.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 606 (0x25e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
        Validity
            Not Before: Oct 25 23:45:54 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=6539a8b1-0930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f7:d3:19:96:f8:0d:b2:e8:52:5a:af:b9:da:
                    d5:50:6a:b4:d7:59:f0:e4:5a:36:ae:98:f7:05:5a:
                    fd:dd:0e:9f:25:f7:f0:70:5a:5d:27:f0:bb:01:ac:
                    d0:86:e7:f2:53:00:5f:e4:d4:64:6c:33:be:72:ed:
                    94:36:ac:95:68:09:37:aa:d6:c7:22:b1:cc:e2:9f:
                    32:8b:ce:4f:59:75:7e:af:d5:6c:16:de:19:5b:8c:
                    29:5e:52:9a:6b:e6:45:69:b5:60:bf:32:a6:3a:6e:
                    df:64:47:ce:85:b7:bb:07:fe:bc:f7:19:b3:70:53:
                    62:f8:18:7a:2d:3e:4d:90:5b:c0:94:6c:8c:dc:c3:
                    b2:e5:16:fe:dd:85:1b:a7:ad:79:59:20:20:db:02:
                    85:03:2a:2e:5d:a2:a2:c4:01:91:2a:d0:a8:4d:ae:
                    37:b5:57:49:26:b1:3f:09:c4:bb:63:38:5b:4e:ff:
                    b8:26:e1:1c:22:3b:55:35:dc:ae:04:c8:e9:61:0f:
                    21:fa:8e:4d:db:43:1d:8a:df:1c:ff:17:a0:df:75:
                    1d:96:f8:0c:97:ca:83:75:5a:18:f2:e3:3e:b5:45:
                    ac:48:16:d9:aa:1c:fa:b7:75:fa:d0:40:6f:fc:2e:
                    c9:5f:6a:a1:c9:08:22:9f:f0:27:dc:15:6a:03:40:
                    ac:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:A6:D5:5D:84:BE:0F:42:3A:86:DF:D7:47:DE:FA:FE:C2:D8:98:07
            X509v3 Authority Key Identifier:
                keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/A276B330739011EE81F4DD45C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.96.128.0/19
                  123.50.144.0/20
                  125.254.64.0/18
                  202.191.8.0/21
                  210.56.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5c:fd:11:76:d5:a0:65:b0:0a:68:38:fd:ee:2b:09:c9:46:11:
         f9:a4:9b:7f:b4:84:4d:94:78:db:69:45:10:e9:49:34:44:f9:
         68:1c:4a:74:7f:76:cc:95:70:50:52:be:ad:ea:2b:b7:f0:08:
         6a:d5:d5:51:95:44:78:ce:32:a3:02:f8:fd:a8:df:05:86:45:
         5b:e2:97:c0:20:bb:2c:fc:39:d8:6f:02:09:da:cb:5a:f0:47:
         2b:67:d9:94:fb:97:7c:3e:0a:e1:88:0f:d6:2d:ee:f0:81:b4:
         93:65:7c:e0:0f:7f:b5:c3:09:af:0c:2f:05:a4:55:79:d7:93:
         75:36:01:ab:14:31:48:9e:cd:40:d0:52:06:b2:66:4e:12:16:
         f6:72:da:6b:db:cb:48:5c:73:f8:ba:66:9b:e6:97:19:37:7f:
         4b:a1:ac:11:53:3e:8f:1b:32:61:99:a8:51:e7:33:34:3c:2e:
         c5:de:07:ab:db:2f:29:ba:55:f3:d5:8c:01:7a:a8:c6:6e:c4:
         e4:ba:67:4b:25:02:69:2f:51:26:bc:6a:cb:96:af:b0:7c:f3:
         14:f6:38:5a:42:ae:a1:62:b0:dd:80:68:fb:72:2b:c0:5f:45:
         b3:e1:a7:a6:5f:2f:92:f3:ac:30:47:05:41:89:4b:fb:b8:0d:
         3e:a7:49:4a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz
MjA5ODYwMDIwHhcNMjMxMDI1MjM0NTU0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM5YThiMS0wOTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPfTGZb4DbLoUlqvudrVUGq011nw5Fo2rpj3BVr93Q6fJffwcFpdJ/C7AazQ
hufyUwBf5NRkbDO+cu2UNqyVaAk3qtbHIrHM4p8yi85PWXV+r9VsFt4ZW4wpXlKa
a+ZFabVgvzKmOm7fZEfOhbe7B/689xmzcFNi+Bh6LT5NkFvAlGyM3MOy5Rb+3YUb
p615WSAg2wKFAyouXaKixAGRKtCoTa43tVdJJrE/CcS7YzhbTv+4JuEcIjtVNdyu
BMjpYQ8h+o5N20Mdit8c/xeg33UdlvgMl8qDdVoY8uM+tUWsSBbZqhz6t3X60EBv
/C7JX2qhyQgin/An3BVqA0CsiwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGKm1V2E
vg9COobf10fe+v7C2JgHMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5
NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvQTI3NkIzMzA3
MzkwMTFFRTgxRjRERDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAU6YIADBAR7MpADBAZ9/kADBAPKvwgDBAXSOOAwDQYJKoZI
hvcNAQELBQADggEBAFz9EXbVoGWwCmg4/e4rCclGEfmkm3+0hE2UeNtpRRDpSTRE
+WgcSnR/dsyVcFBSvq3qK7fwCGrV1VGVRHjOMqMC+P2o3wWGRVvil8Aguyz8Odhv
Agnay1rwRytn2ZT7l3w+CuGID9Yt7vCBtJNlfOAPf7XDCa8MLwWkVXnXk3U2AasU
MUiezUDQUgayZk4SFvZy2mvby0hcc/i6Zpvmlxk3f0uhrBFTPo8bMmGZqFHnMzQ8
LsXeB6vbLym6VfPVjAF6qMZuxOS6Z0slAmkvUSa8asuWr7B88xT2OFpCrqFisN2A
aPtyK8BfRbPhp6ZfL5LzrDBHBUGJS/u4DT6nSUo=
-----END CERTIFICATE-----