Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/0B1BAA1CD46411ECAF6E0216C4F9AE02.roa
File:                     0B1BAA1CD46411ECAF6E0216C4F9AE02.roa (raw, json)
Hash identifier:          LVeIFpGtZT2iWhl+iETkxi0YRcAZdxSc2FEIt6oXQvc=
Subject key identifier:   CA:FC:E9:98:FB:ED:F0:7A:F8:C0:12:30:3A:CB:C2:98:D4:3B:E6:8F
Certificate issuer:       /CN=A91D4834/serialNumber=A350FAF3B6F14BC8EE1B2996EED48E27020E1083
Certificate serial:       0547
Authority key identifier: A3:50:FA:F3:B6:F1:4B:C8:EE:1B:29:96:EE:D4:8E:27:02:0E:10:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1D687bxS8juGymW7tSOJwIOEIM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/0B1BAA1CD46411ECAF6E0216C4F9AE02.roa
Signing time:             Wed 18 May 2022 16:44:16 +0000
ROA not before:           Wed 18 May 2022 16:44:16 +0000
ROA not after:            Mon 31 Oct 2022 00:00:00 +0000
asID:                     132325
IP address blocks:        45.125.48.0/24 maxlen: 24
                          45.125.49.0/24 maxlen: 24
                          45.125.50.0/24 maxlen: 24
                          45.125.51.0/24 maxlen: 24
                          103.193.172.0/24 maxlen: 24
                          103.193.173.0/24 maxlen: 24
                          103.193.174.0/24 maxlen: 24
                          103.193.175.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1351 (0x547)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D4834/serialNumber=A350FAF3B6F14BC8EE1B2996EED48E27020E1083
        Validity
            Not Before: May 18 16:44:16 2022 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=62852260-0a9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8c:6e:84:98:5f:25:b4:70:f5:3d:61:98:9c:
                    0c:20:73:9e:63:45:8a:42:04:06:e7:c5:21:e8:c8:
                    6d:e0:14:a0:42:ab:4a:43:49:c9:8d:1b:a1:53:c4:
                    35:98:ce:80:5e:4f:d2:b8:60:ee:a6:f7:41:fc:43:
                    ca:97:6a:ab:3e:82:aa:08:57:59:35:f2:57:ed:fa:
                    99:38:60:be:d7:39:d5:0c:0d:53:45:da:f9:2d:62:
                    b8:46:71:ef:ad:30:c3:ec:9f:59:6a:34:12:2b:83:
                    36:d4:e8:4a:86:71:dc:51:cf:6a:a6:50:04:90:57:
                    0e:74:b7:70:0c:1b:a9:5f:33:05:db:b5:94:96:99:
                    b1:04:3c:79:40:15:3f:fe:50:85:8b:64:71:51:34:
                    19:b8:99:f7:8d:cb:48:e9:45:a7:6e:bf:30:88:f7:
                    29:10:92:4b:ae:db:2e:ac:18:96:e6:98:d1:ff:03:
                    88:91:b7:f2:01:af:f3:8b:f4:cf:6d:d4:bd:0f:10:
                    a3:03:55:f2:63:40:7b:0e:1d:7e:6e:df:b2:6b:d9:
                    da:30:39:35:ec:60:b8:35:ef:0f:f1:37:ea:f7:cc:
                    4f:d5:76:f5:bb:a9:5b:3a:b8:e1:07:7b:e9:8a:df:
                    30:7d:d2:0a:f7:7a:5a:2d:74:f1:1b:fc:fd:01:9a:
                    38:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:FC:E9:98:FB:ED:F0:7A:F8:C0:12:30:3A:CB:C2:98:D4:3B:E6:8F
            X509v3 Authority Key Identifier:
                keyid:A3:50:FA:F3:B6:F1:4B:C8:EE:1B:29:96:EE:D4:8E:27:02:0E:10:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1D687bxS8juGymW7tSOJwIOEIM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/0B1BAA1CD46411ECAF6E0216C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.125.48.0/22
                  103.193.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:bd:33:90:97:4f:2a:83:73:5f:49:97:1d:f5:61:c1:98:44:
         48:e3:9e:15:b9:8e:16:9f:2c:76:f4:7e:21:27:5a:49:46:13:
         54:67:c4:5c:c5:eb:91:88:ff:7a:ed:f9:e0:83:d5:b9:33:20:
         2f:94:f1:5e:a6:fb:c9:d7:be:eb:cc:b6:b0:9b:96:86:c3:db:
         f9:94:e5:ad:35:df:52:cb:77:af:0c:8a:e1:32:6d:48:70:36:
         78:4a:19:9c:65:b9:a1:cb:d7:18:66:a7:3c:40:2e:5a:85:fb:
         3e:0e:4a:47:ed:4d:60:a0:9f:62:54:39:36:c8:8d:10:c7:a6:
         a7:cf:a9:97:b2:07:85:a0:a1:61:f6:de:8d:9a:35:1c:79:93:
         62:b7:4d:0c:1f:50:3f:29:ac:70:93:81:06:7b:1c:c6:c7:5f:
         d1:a3:43:8a:f4:ca:94:06:bd:81:f4:d2:6c:e6:49:eb:29:a9:
         c4:e7:4c:67:7c:78:77:cf:c9:1c:6d:18:b6:fc:f9:7a:52:be:
         fc:17:25:04:85:d2:47:15:2a:95:9e:c0:4d:74:85:54:79:7d:
         48:06:01:35:1b:f3:45:be:38:34:cf:ce:ec:a8:44:41:27:0e:
         68:57:84:c7:00:86:42:a7:fe:25:44:24:d3:e3:54:61:6c:8a:
         ec:e3:f8:95
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ4MzQxMTAvBgNVBAUTKEEzNTBGQUYzQjZGMTRCQzhFRTFCMjk5NkVFRDQ4RTI3
MDIwRTEwODMwHhcNMjIwNTE4MTY0NDE2WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg1MjI2MC0wYTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxIxuhJhfJbRw9T1hmJwMIHOeY0WKQgQG58Uh6Mht4BSgQqtKQ0nJjRuhU8Q1
mM6AXk/SuGDupvdB/EPKl2qrPoKqCFdZNfJX7fqZOGC+1znVDA1TRdr5LWK4RnHv
rTDD7J9ZajQSK4M21OhKhnHcUc9qplAEkFcOdLdwDBupXzMF27WUlpmxBDx5QBU/
/lCFi2RxUTQZuJn3jctI6UWnbr8wiPcpEJJLrtsurBiW5pjR/wOIkbfyAa/zi/TP
bdS9DxCjA1XyY0B7Dh1+bt+ya9naMDk17GC4Ne8P8Tfq98xP1Xb1u6lbOrjhB3vp
it8wfdIK93paLXTxG/z9AZo4KwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMr86Zj7
7fB6+MASMDrLwpjUO+aPMB8GA1UdIwQYMBaAFKNQ+vO28UvI7hsplu7UjicCDhCD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDgzNC81MUJFREZDNEND
OEQxMUVBQUZGRURCMzZDNEY5QUUwMi9vMUQ2ODdieFM4anVHeW1XN3RTT0p3SU9F
SU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL28xRDY4N2J4UzhqdUd5bVc3dFNPSndJT0VJTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ4MzQvNTFCRURGQzRDQzhEMTFFQUFGRkVEQjM2QzRGOUFFMDIvMEIxQkFBMUNE
NDY0MTFFQ0FGNkUwMjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItfTADBAJnwawwDQYJKoZIhvcNAQELBQADggEBAAq9M5CX
TyqDc19Jlx31YcGYREjjnhW5jhafLHb0fiEnWklGE1RnxFzF65GI/3rt+eCD1bkz
IC+U8V6m+8nXvuvMtrCblobD2/mU5a0131LLd68MiuEybUhwNnhKGZxluaHL1xhm
pzxALlqF+z4OSkftTWCgn2JUOTbIjRDHpqfPqZeyB4WgoWH23o2aNRx5k2K3TQwf
UD8prHCTgQZ7HMbHX9GjQ4r0ypQGvYH00mzmSespqcTnTGd8eHfPyRxtGLb8+XpS
vvwXJQSF0kcVKpWewE10hVR5fUgGATUb80W+ODTPzuyoREEnDmhXhMcAhkKn/iVE
JNPjVGFsiuzj+JU=
-----END CERTIFICATE-----