Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/631BED4E7AD911EABD47BC7CF8AEA228.roa
File:                     631BED4E7AD911EABD47BC7CF8AEA228.roa (raw, json)
Hash identifier:          tq599WhEKDYVs+UP64O6/50vUkx3Cncy44bGxwXfMNg=
Subject key identifier:   2D:D5:B5:8B:E8:49:81:94:61:0F:56:86:7A:17:C1:BE:C5:89:5C:0F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       02B0
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/631BED4E7AD911EABD47BC7CF8AEA228.roa
Signing time:             Fri 10 Apr 2020 03:14:28 +0000
ROA not before:           Fri 10 Apr 2020 03:14:22 +0000
ROA not after:            Thu 14 Apr 2022 03:14:22 +0000
asID:                     397373
IP address blocks:        154.16.113.0/24 maxlen: 24
                          154.16.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 688 (0x2b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 10 03:14:22 2020 GMT
            Not After : Apr 14 03:14:22 2022 GMT
        Subject: CN=5e8fe494-d9f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:72:0e:96:5e:b6:35:70:fc:19:59:84:f1:aa:
                    91:0e:dd:e1:a1:81:48:01:af:18:f9:60:d9:37:18:
                    dd:0f:d3:8d:25:6a:8f:21:8c:34:7a:1e:19:3e:8d:
                    86:a0:25:e6:9b:b0:41:09:a1:fb:b4:d9:c1:08:6a:
                    03:e9:7e:90:e0:fb:76:0d:30:c2:61:1b:79:ff:60:
                    27:92:92:cc:7e:9a:a6:8e:01:1f:1d:17:53:af:a5:
                    2e:21:e3:e6:16:7b:df:2c:e3:87:de:a6:37:af:17:
                    b6:0e:ba:7b:01:e5:4f:3f:13:3e:96:70:c6:d5:3f:
                    48:6d:71:c7:e1:f7:2b:3e:e2:30:de:54:5f:57:18:
                    6b:8d:2c:e2:76:97:24:f4:d1:80:85:cf:d7:46:98:
                    8d:fa:e8:83:24:0c:b8:f6:51:69:d9:ec:f4:c4:44:
                    84:93:64:82:c1:34:92:5e:71:be:b8:e7:b2:8b:64:
                    60:47:cf:35:3d:84:90:f1:32:be:f5:d4:e6:3f:d7:
                    b9:5c:91:a2:ae:13:22:74:00:2d:87:9c:e7:44:df:
                    62:d9:2f:63:f5:81:4b:ad:47:66:c7:2a:f6:d5:12:
                    c2:58:d2:91:7c:1f:20:ad:3d:2d:1b:20:1f:94:0b:
                    fe:da:3e:b1:f8:61:97:28:a1:ae:ea:f4:f0:b2:6d:
                    0d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D5:B5:8B:E8:49:81:94:61:0F:56:86:7A:17:C1:BE:C5:89:5C:0F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/631BED4E7AD911EABD47BC7CF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.113.0/24
                  154.16.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:a7:56:cd:39:02:90:7b:fb:a6:d7:21:32:49:81:c1:bf:82:
         09:fb:62:de:31:9f:dc:b6:65:89:8e:eb:29:26:90:7a:65:9e:
         f2:2a:e2:cb:8e:8a:ab:93:8d:fc:07:49:91:fe:b7:05:83:65:
         bc:36:f4:8f:fd:12:60:ed:1d:81:25:12:25:9c:0e:51:f1:d1:
         65:f5:90:96:bc:ea:d8:12:87:3b:6e:a1:4b:a3:13:8b:a9:9d:
         65:99:f6:2e:0d:6e:eb:81:5b:13:c0:7f:9d:95:8a:89:70:7a:
         d9:93:db:63:60:ca:c3:8e:4e:9b:4b:e5:94:5d:e6:4c:79:58:
         65:54:93:f8:d9:d7:8e:23:b6:02:5f:e9:65:ca:ef:98:87:d3:
         01:c5:dd:05:51:32:ff:f8:df:23:b8:45:13:dd:28:e4:33:de:
         8f:77:ca:e2:b8:ce:3c:ea:2a:0b:db:72:df:83:49:cf:bb:b5:
         d9:ab:dc:69:5a:d0:c6:6b:c8:87:57:d0:06:a3:e2:b0:93:0d:
         a0:1b:c1:67:02:f1:d9:ef:51:56:4f:e3:78:ea:0f:c5:3f:bc:
         0e:9f:32:67:93:01:b0:22:e1:d0:9a:e6:62:6b:8e:b1:47:33:
         90:ea:d5:72:56:c7:01:c0:b6:06:1d:c4:bd:c0:11:e3:d6:2d:
         40:34:e2:63
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICArAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMDA0MTAwMzE0MjJaFw0yMjA0MTQwMzE0MjJaMBgxFjAU
BgNVBAMTDTVlOGZlNDk0LWQ5ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhcg6WXrY1cPwZWYTxqpEO3eGhgUgBrxj5YNk3GN0P040lao8hjDR6Hhk+
jYagJeabsEEJofu02cEIagPpfpDg+3YNMMJhG3n/YCeSksx+mqaOAR8dF1OvpS4h
4+YWe98s44fepjevF7YOunsB5U8/Ez6WcMbVP0htccfh9ys+4jDeVF9XGGuNLOJ2
lyT00YCFz9dGmI366IMkDLj2UWnZ7PTERISTZILBNJJecb6457KLZGBHzzU9hJDx
Mr711OY/17lckaKuEyJ0AC2HnOdE32LZL2P1gUutR2bHKvbVEsJY0pF8HyCtPS0b
IB+UC/7aPrH4YZcooa7q9PCybQ2RAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQULdW1
i+hJgZRhD1aGehfBvsWJXA8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzYzMUJFRDRFN0FEOTExRUFCRDQ3QkM3Q0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACaEHEDBACaEPcwDQYJKoZI
hvcNAQELBQADggEBADCnVs05ApB7+6bXITJJgcG/ggn7Yt4xn9y2ZYmO6ykmkHpl
nvIq4suOiquTjfwHSZH+twWDZbw29I/9EmDtHYElEiWcDlHx0WX1kJa86tgShztu
oUujE4upnWWZ9i4NbuuBWxPAf52ViolwetmT22NgysOOTptL5ZRd5kx5WGVUk/jZ
144jtgJf6WXK75iH0wHF3QVRMv/43yO4RRPdKOQz3o93yuK4zjzqKgvbct+DSc+7
tdmr3Gla0MZryIdX0Aaj4rCTDaAbwWcC8dnvUVZP43jqD8U/vA6fMmeTAbAi4dCa
5mJrjrFHM5Dq1XJWxwHAtgYdxL3AEePWLUA04mM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:58 2023 by rpki-client on console-ams.rpki-client.org