Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0588E6DE0EAD11EFAABBA601017001B1.roa
File:                     0588E6DE0EAD11EFAABBA601017001B1.roa (raw, json)
Hash identifier:          FCidTueCWxzY0WmYvs0ofmB5WdnbSebXdohWn/wrqjo=
Subject key identifier:   FF:14:87:15:3E:F9:5B:BD:AA:80:B2:DC:F5:13:A8:37:5B:AA:A2:91
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B692
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0588E6DE0EAD11EFAABBA601017001B1.roa
Signing time:             Fri 10 May 2024 09:09:36 +0000
ROA not before:           Fri 10 May 2024 09:09:32 +0000
ROA not after:            Mon 20 May 2024 09:09:32 +0000
asID:                     142062
IP address blocks:        154.206.223.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46738 (0xb692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 10 09:09:32 2024 GMT
            Not After : May 20 09:09:32 2024 GMT
        Subject: CN=663de450-1cd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:29:7c:49:ed:af:be:b7:d5:1a:7d:43:6b:20:
                    60:14:72:df:78:5c:28:35:77:14:f0:24:af:cf:2b:
                    fc:12:bb:a6:2b:23:3e:11:d0:58:29:07:00:89:d4:
                    12:97:c9:9f:8b:54:f1:b9:fa:76:94:ff:d2:84:77:
                    3d:95:c4:40:d7:79:47:9d:0b:1f:78:56:d6:f1:6f:
                    5e:79:5d:e1:ff:67:be:44:6b:13:c6:8c:b2:cc:33:
                    99:ee:89:62:02:b2:1a:78:42:58:95:11:cf:d5:9f:
                    35:08:e9:06:45:55:80:64:1b:9f:f9:09:4b:82:51:
                    38:a9:81:2d:b5:b6:c5:84:9f:8d:57:b8:4c:70:ac:
                    f7:0d:b2:ba:77:2a:bc:93:53:8b:e1:af:5f:e8:4a:
                    82:28:90:65:8f:ce:bd:aa:1b:ef:79:76:1a:5c:62:
                    4c:5a:4c:34:df:d3:83:11:c0:d4:ab:4f:8f:87:6e:
                    63:a1:58:90:01:4a:fc:3a:72:e3:90:ae:5d:e6:1a:
                    d5:bd:42:44:6e:51:99:a5:bd:15:1f:87:81:fc:85:
                    3c:b7:0c:16:7d:b0:46:57:45:c2:50:d1:34:a2:46:
                    c8:a7:ed:3d:8a:9f:c7:ee:6b:f9:74:af:84:33:57:
                    1b:97:03:f6:3f:97:a8:2d:35:0e:63:82:9e:85:4a:
                    89:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:14:87:15:3E:F9:5B:BD:AA:80:B2:DC:F5:13:A8:37:5B:AA:A2:91
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0588E6DE0EAD11EFAABBA601017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.206.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:f6:04:76:69:d5:65:7d:43:62:e3:c8:f0:a0:62:60:c4:4f:
         a3:ac:10:88:61:04:71:2e:37:33:80:7b:67:8d:1a:b4:bd:aa:
         4d:bc:a4:fa:9d:67:6a:b2:44:e4:c8:39:e3:d6:1e:3f:d9:03:
         1d:94:42:1b:10:7f:2f:71:08:d3:d7:57:71:81:b3:fb:e6:54:
         53:ce:85:d1:97:62:1a:57:27:50:b2:87:ac:56:3f:d9:7e:a6:
         01:66:fa:4e:1a:6e:47:c0:26:2c:6e:34:af:58:70:c6:76:05:
         83:5b:0a:65:0b:ba:0b:e3:be:25:2c:a4:1e:a7:64:2d:11:51:
         1d:39:a8:34:76:09:d8:65:94:79:16:21:5b:08:85:0c:46:ed:
         6f:7e:69:a8:de:49:0b:5d:24:4f:f5:ef:ff:b8:4d:74:37:72:
         d5:89:72:7e:7e:14:b2:c4:dc:1e:78:ff:c6:21:e4:fd:9d:2c:
         92:1c:a1:bb:ba:f7:99:c3:83:36:66:56:16:9d:53:34:41:04:
         74:82:3d:0e:9c:c4:13:57:f0:70:e7:4c:37:f5:f3:b2:ae:98:
         7f:5d:18:d5:ce:6a:59:ad:0b:ff:b9:5b:dd:2d:b9:5d:55:5e:
         af:a6:d2:f7:8a:4e:6d:8b:5a:a9:84:c3:88:10:57:36:b1:c8:
         1b:fa:38:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALaSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDkwOTMyWhcNMjQwNTIwMDkwOTMyWjAYMRYw
FAYDVQQDEw02NjNkZTQ1MC0xY2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCl8Se2vvrfVGn1DayBgFHLfeFwoNXcU8CSvzyv8ErumKyM+EdBYKQcA
idQSl8mfi1Txufp2lP/ShHc9lcRA13lHnQsfeFbW8W9eeV3h/2e+RGsTxoyyzDOZ
7oliArIaeEJYlRHP1Z81COkGRVWAZBuf+QlLglE4qYEttbbFhJ+NV7hMcKz3DbK6
dyq8k1OL4a9f6EqCKJBlj869qhvveXYaXGJMWkw039ODEcDUq0+Ph25joViQAUr8
OnLjkK5d5hrVvUJEblGZpb0VH4eB/IU8twwWfbBGV0XCUNE0okbIp+09ip/H7mv5
dK+EM1cblwP2P5eoLTUOY4KehUqJ/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP8U
hxU++Vu9qoCy3PUTqDdbqqKRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNTg4RTZERTBFQUQxMUVGQUFCQkE2MDEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7fMA0GCSqGSIb3DQEB
CwUAA4IBAQDD9gR2adVlfUNi48jwoGJgxE+jrBCIYQRxLjczgHtnjRq0vapNvKT6
nWdqskTkyDnj1h4/2QMdlEIbEH8vcQjT11dxgbP75lRTzoXRl2IaVydQsoesVj/Z
fqYBZvpOGm5HwCYsbjSvWHDGdgWDWwplC7oL474lLKQep2QtEVEdOag0dgnYZZR5
FiFbCIUMRu1vfmmo3kkLXSRP9e//uE10N3LViXJ+fhSyxNweeP/GIeT9nSySHKG7
uveZw4M2ZlYWnVM0QQR0gj0OnMQTV/Bw50w39fOyrph/XRjVzmpZrQv/uVvdLbld
VV6vptL3ik5ti1qphMOIEFc2scgb+jgO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:30 2024 by rpki-client on console-fra.rpki-client.org