Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/D2ED87AC134911EEABCE76804AD9E6FC.roa
File:                     D2ED87AC134911EEABCE76804AD9E6FC.roa (raw, json)
Hash identifier:          dUKP2BSyOp+rkb85Z5peuwtKBbQC/CFU7BcLsDoSAjo=
Subject key identifier:   81:AF:69:28:93:D0:38:FB:DB:A3:D0:29:C4:69:C7:98:26:1E:50:08
Certificate issuer:       /CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
Certificate serial:       0E
Authority key identifier: 39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/D2ED87AC134911EEABCE76804AD9E6FC.roa
Signing time:             Sun 25 Jun 2023 11:17:09 +0000
ROA not before:           Sun 25 Jun 2023 11:17:05 +0000
ROA not after:            Tue 25 Jun 2024 11:17:05 +0000
asID:                     36963
IP address blocks:        41.77.88.0/24 maxlen: 24
                          41.77.89.0/24 maxlen: 24
                          41.77.90.0/24 maxlen: 24
                          41.77.91.0/24 maxlen: 24
                          41.77.92.0/24 maxlen: 24
                          41.77.93.0/24 maxlen: 24
                          41.77.94.0/24 maxlen: 24
                          41.77.95.0/24 maxlen: 24
                          105.235.240.0/24 maxlen: 24
                          105.235.241.0/24 maxlen: 24
                          105.235.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
        Validity
            Not Before: Jun 25 11:17:05 2023 GMT
            Not After : Jun 25 11:17:05 2024 GMT
        Subject: CN=64982235-189d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:2b:10:6e:93:fc:45:d7:ec:dc:2e:1b:6f:27:
                    13:a1:9b:f1:4e:a3:ec:f2:19:47:01:cd:a2:c2:85:
                    23:47:bd:58:18:f5:65:08:d0:54:37:fb:68:8d:e6:
                    71:da:4d:80:c6:1e:7d:5b:9a:b4:11:f8:d7:cd:a9:
                    15:e4:e4:2c:b8:ff:bf:1f:05:fc:3c:40:7a:86:7e:
                    ff:69:52:8a:d7:06:22:4c:b7:55:aa:6a:c5:57:fc:
                    33:91:82:16:98:d7:d4:d0:11:79:2c:f4:bd:fa:d2:
                    7c:8c:3a:7a:7a:cb:82:3c:c2:c2:48:cc:16:c6:e7:
                    f2:db:49:d5:ae:e4:76:6e:02:01:48:c0:a2:0a:d7:
                    77:e6:e1:56:07:23:d7:28:6d:86:49:77:03:59:ab:
                    25:23:55:18:67:ed:27:8b:5d:35:29:75:54:e6:f9:
                    9a:c2:9e:b3:a7:94:25:93:2a:74:90:30:9d:a9:7a:
                    05:f8:35:7b:17:98:18:61:44:75:4a:1d:b0:e9:a4:
                    f1:57:38:6b:7c:34:1a:c8:7a:3f:e9:be:e0:23:b4:
                    3c:6f:9b:6d:4c:39:30:d0:69:27:f8:87:09:40:e9:
                    39:63:b9:9b:a1:2d:66:f1:ff:ba:b1:24:b1:03:2d:
                    03:ba:6c:2d:fd:90:92:7f:75:75:66:61:6f:32:ee:
                    4e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:AF:69:28:93:D0:38:FB:DB:A3:D0:29:C4:69:C7:98:26:1E:50:08
            X509v3 Authority Key Identifier:
                keyid:39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/D2ED87AC134911EEABCE76804AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.77.88.0/21
                  105.235.240.0-105.235.242.255

    Signature Algorithm: sha256WithRSAEncryption
         ad:e7:d4:7e:b8:54:8e:e5:71:d5:4e:e3:49:82:df:b9:19:07:
         12:d3:42:2c:86:00:84:f5:90:53:cb:b8:a2:4c:01:ff:fb:1a:
         80:63:c9:49:fb:28:dd:c6:be:58:e7:6d:ad:0a:10:12:7b:28:
         41:35:3a:c1:b8:9e:fb:ca:19:52:51:21:0f:b4:96:fb:a7:10:
         a9:fc:36:82:65:c7:13:b9:f4:b1:f3:e5:da:e1:16:db:fc:82:
         de:92:64:c9:f6:f5:fa:9c:c6:57:d7:ad:3e:c8:25:64:90:3a:
         81:a9:08:05:50:89:2f:a6:3a:3a:66:36:0d:04:5a:5d:2b:02:
         49:66:33:af:43:3c:17:4a:7e:3e:86:d0:b5:65:8c:c3:7c:0d:
         0e:45:8d:38:34:ce:21:29:ba:49:9a:29:d0:62:f0:91:c5:69:
         84:e9:45:4b:5a:80:59:13:e7:c9:5a:07:24:9a:53:dc:7b:fe:
         68:c8:f0:0f:9a:1d:f3:cb:04:c4:56:93:08:5c:8d:22:ca:d5:
         c1:ac:f5:78:c9:62:5e:c0:db:0e:09:62:fb:01:65:93:80:bd:
         2e:26:99:5e:11:bf:f8:9f:48:fc:76:ed:97:e8:c2:a4:a2:36:
         b4:1a:1b:d9:bc:54:48:11:ba:7d:5d:e4:9b:66:16:62:4a:0e:
         e7:0e:fc:b0
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MEY5NkFGMTEwLwYDVQQFEygzOTQxNjM0RjdEOTU2NUI1NkIxOTdBMTBFQzM0QzUw
QUE5NDczNTU5MB4XDTIzMDYyNTExMTcwNVoXDTI0MDYyNTExMTcwNVowGDEWMBQG
A1UEAxMNNjQ5ODIyMzUtMTg5ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQrEG6T/EXX7NwuG28nE6Gb8U6j7PIZRwHNosKFI0e9WBj1ZQjQVDf7aI3m
cdpNgMYefVuatBH4182pFeTkLLj/vx8F/DxAeoZ+/2lSitcGIky3VapqxVf8M5GC
FpjX1NAReSz0vfrSfIw6enrLgjzCwkjMFsbn8ttJ1a7kdm4CAUjAogrXd+bhVgcj
1yhthkl3A1mrJSNVGGftJ4tdNSl1VOb5msKes6eUJZMqdJAwnal6Bfg1exeYGGFE
dUodsOmk8Vc4a3w0Gsh6P+m+4CO0PG+bbUw5MNBpJ/iHCUDpOWO5m6EtZvH/urEk
sQMtA7psLf2Qkn91dWZhbzLuTnsCAwEAAaOCArMwggKvMB0GA1UdDgQWBBSBr2ko
k9A4+9uj0CnEaceYJh5QCDAfBgNVHSMEGDAWgBQ5QWNPfZVltWsZehDsNMUKqUc1
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFEOUU2RkMvT1VGalQz
MlZaYlZyR1hvUTdEVEZDcWxITlZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT1VGalQzMlZaYlZyR1hvUTdEVEZDcWxITlZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFE
OUU2RkMvRDJFRDg3QUMxMzQ5MTFFRUFCQ0U3NjgwNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAylNWDAMAwQEaevwAwQAaevy
MA0GCSqGSIb3DQEBCwUAA4IBAQCt59R+uFSO5XHVTuNJgt+5GQcS00IshgCE9ZBT
y7iiTAH/+xqAY8lJ+yjdxr5Y522tChASeyhBNTrBuJ77yhlSUSEPtJb7pxCp/DaC
ZccTufSx8+Xa4Rbb/ILekmTJ9vX6nMZX160+yCVkkDqBqQgFUIkvpjo6ZjYNBFpd
KwJJZjOvQzwXSn4+htC1ZYzDfA0ORY04NM4hKbpJminQYvCRxWmE6UVLWoBZE+fJ
WgckmlPce/5oyPAPmh3zywTEVpMIXI0iytXBrPV4yWJewNsOCWL7AWWTgL0uJple
Eb/4n0j8du2X6MKkoja0GhvZvFRIEbp9XeSbZhZiSg7nDvyw
-----END CERTIFICATE-----