Route Origin Authorization 

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/58A1CDEAACB811EB8399C716F8AEA228.roa
File:                     58A1CDEAACB811EB8399C716F8AEA228.roa (raw, json)
Hash identifier:          ihlMEiuXz8B1NQpsVG3/QVzjcimocYoI1X5K1bhRUG0=
Subject key identifier:   5C:49:03:58:45:C1:97:62:DE:37:1A:54:D0:F3:6C:2D:CB:F1:36:5D
Certificate issuer:       /CN=F3668DF0AF/serialNumber=7A85C90EA0A36626DB76D0818419717F5052A974
Certificate serial:       04
Authority key identifier: 7A:85:C9:0E:A0:A3:66:26:DB:76:D0:81:84:19:71:7F:50:52:A9:74
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/eoXJDqCjZibbdtCBhBlxf1BSqXQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/58A1CDEAACB811EB8399C716F8AEA228.roa
Signing time:             Tue 04 May 2021 09:08:53 +0000
ROA not before:           Tue 04 May 2021 09:08:47 +0000
ROA not after:            Wed 03 May 2023 09:08:47 +0000
asID:                     36939
IP address blocks:        197.255.224.0/20 maxlen: 20
                          197.255.224.0/24 maxlen: 24
                          197.255.225.0/24 maxlen: 24
                          197.255.226.0/24 maxlen: 24
                          197.255.227.0/24 maxlen: 24
                          197.255.228.0/24 maxlen: 24
                          197.255.229.0/24 maxlen: 24
                          197.255.230.0/24 maxlen: 24
                          197.255.231.0/24 maxlen: 24
                          197.255.232.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3668DF0AF/serialNumber=7A85C90EA0A36626DB76D0818419717F5052A974
        Validity
            Not Before: May  4 09:08:47 2021 GMT
            Not After : May  3 09:08:47 2023 GMT
        Subject: CN=60910f24-cec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ff:ba:28:f3:12:55:90:19:c0:67:f9:ac:81:
                    fd:e3:ce:29:18:24:1e:2a:20:f9:67:94:95:88:44:
                    78:0b:d2:b6:78:42:b4:eb:43:25:f3:b7:22:3d:f8:
                    b4:7a:c1:e0:a8:ae:f9:cd:f9:f7:de:95:7b:eb:99:
                    2a:28:d3:f1:a5:3f:9d:aa:23:a0:90:9d:ca:3e:6c:
                    d4:7f:54:ea:d9:b2:eb:a6:b5:47:fa:9f:f6:da:cf:
                    64:ea:1f:91:d1:99:f5:7e:b1:7b:35:43:b6:96:22:
                    45:da:da:c2:f2:e0:aa:82:a9:ca:3f:29:09:1d:ce:
                    be:ef:e8:a6:5f:a7:9c:ee:70:28:76:d1:ce:b1:59:
                    8a:19:ff:10:ea:ab:a0:8b:e8:59:43:e6:30:39:f0:
                    1d:26:18:e6:b9:9e:9f:c1:6c:9b:93:b8:b1:9d:ce:
                    03:ae:f7:ac:8b:8f:fa:c8:b8:5c:d9:b5:3f:6e:11:
                    6b:78:fe:72:d4:d8:90:aa:ed:32:8a:b7:9d:e4:78:
                    c9:d9:13:e1:24:86:60:99:14:63:59:d1:b7:b7:4d:
                    51:ca:ec:66:d4:da:6c:9d:b7:e9:f9:f0:43:fe:b0:
                    06:ca:b0:1b:c2:84:86:23:e3:b4:3e:e7:77:d1:d8:
                    c0:f2:e0:03:f1:1a:27:23:90:b5:01:32:4e:e3:d9:
                    8b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:49:03:58:45:C1:97:62:DE:37:1A:54:D0:F3:6C:2D:CB:F1:36:5D
            X509v3 Authority Key Identifier:
                keyid:7A:85:C9:0E:A0:A3:66:26:DB:76:D0:81:84:19:71:7F:50:52:A9:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/eoXJDqCjZibbdtCBhBlxf1BSqXQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eoXJDqCjZibbdtCBhBlxf1BSqXQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668DF0/0DCD0F2AACB611EB999DC013F8AEA228/58A1CDEAACB811EB8399C716F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.255.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a8:5a:4b:01:05:43:c4:b6:8a:f0:63:2f:09:dc:e6:75:5c:71:
         b7:70:03:d7:b9:80:52:ab:80:50:be:99:b4:d1:2e:05:e6:d5:
         f2:77:38:b2:dd:aa:1e:ca:77:58:6f:0a:7c:e0:b9:c5:fc:6a:
         d7:d3:65:59:00:52:03:e8:5b:80:e4:1a:cc:2d:52:a4:23:39:
         b2:ca:d1:a4:98:f3:92:7c:c0:59:63:48:d8:13:64:1e:e8:9a:
         59:8c:07:42:a2:09:f9:51:52:79:51:a3:ab:3a:80:91:4d:e3:
         4d:c6:5c:0a:b1:85:fa:fe:fa:a8:3c:11:1c:8c:90:5b:1e:e8:
         b9:43:51:1f:b0:4d:15:32:97:86:33:6e:32:09:b0:a8:60:a5:
         75:93:09:db:07:90:91:52:05:d1:bd:b9:e3:d0:23:aa:68:e6:
         6f:4b:85:d8:e7:83:3f:bf:6a:75:88:6e:f4:38:d4:24:6a:5d:
         b9:fd:a5:c5:ed:03:15:c6:bf:27:c6:4d:94:87:7b:93:ae:be:
         76:f3:61:31:d3:e1:23:c4:8a:05:5c:d5:ad:da:13:a2:7e:7a:
         88:44:8a:c7:1c:28:32:9d:b1:bb:43:c2:2b:91:e2:94:93:21:
         c7:7c:85:f8:7b:0f:8b:01:56:d4:95:e3:75:50:87:97:f6:bb:
         27:8f:13:23
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OERGMEFGMTEwLwYDVQQFEyg3QTg1QzkwRUEwQTM2NjI2REI3NkQwODE4NDE5NzE3
RjUwNTJBOTc0MB4XDTIxMDUwNDA5MDg0N1oXDTIzMDUwMzA5MDg0N1owGDEWMBQG
A1UEAxMNNjA5MTBmMjQtY2VjMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX/uijzElWQGcBn+ayB/ePOKRgkHiog+WeUlYhEeAvStnhCtOtDJfO3Ij34
tHrB4Kiu+c35996Ve+uZKijT8aU/naojoJCdyj5s1H9U6tmy66a1R/qf9trPZOof
kdGZ9X6xezVDtpYiRdrawvLgqoKpyj8pCR3Ovu/opl+nnO5wKHbRzrFZihn/EOqr
oIvoWUPmMDnwHSYY5rmen8Fsm5O4sZ3OA673rIuP+si4XNm1P24Ra3j+ctTYkKrt
Moq3neR4ydkT4SSGYJkUY1nRt7dNUcrsZtTabJ236fnwQ/6wBsqwG8KEhiPjtD7n
d9HYwPLgA/EaJyOQtQEyTuPZizECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRcSQNY
RcGXYt43GlTQ82wty/E2XTAfBgNVHSMEGDAWgBR6hckOoKNmJtt20IGEGXF/UFKp
dDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhERjAvMERDRDBGMkFBQ0I2MTFFQjk5OURDMDEzRjhBRUEyMjgvZW9YSkRx
Q2paaWJiZHRDQmhCbHhmMUJTcVhRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZW9YSkRxQ2paaWJiZHRDQmhCbHhmMUJTcVhRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhERjAvMERDRDBGMkFBQ0I2MTFFQjk5OURDMDEzRjhB
RUEyMjgvNThBMUNERUFBQ0I4MTFFQjgzOTlDNzE2RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMX/4DANBgkqhkiG9w0BAQsF
AAOCAQEAqFpLAQVDxLaK8GMvCdzmdVxxt3AD17mAUquAUL6ZtNEuBebV8nc4st2q
Hsp3WG8KfOC5xfxq19NlWQBSA+hbgOQazC1SpCM5ssrRpJjzknzAWWNI2BNkHuia
WYwHQqIJ+VFSeVGjqzqAkU3jTcZcCrGF+v76qDwRHIyQWx7ouUNRH7BNFTKXhjNu
MgmwqGCldZMJ2weQkVIF0b2549Ajqmjmb0uF2OeDP79qdYhu9DjUJGpduf2lxe0D
Fca/J8ZNlId7k66+dvNhMdPhI8SKBVzVrdoTon56iESKxxwoMp2xu0PCK5HilJMh
x3yF+HsPiwFW1JXjdVCHl/a7J48TIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org