Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C573D380EAA11EF93BBE567017001B1.roa
File:                     0C573D380EAA11EF93BBE567017001B1.roa (raw, json)
Hash identifier:          4HhnSfVbs7x9VTbFjoNHMkuL9fD3pVdoOPzh/uTe8FM=
Subject key identifier:   8A:86:03:49:5D:06:D1:28:8B:0B:BB:E4:9D:BC:24:F9:05:F0:9F:DB
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B66A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C573D380EAA11EF93BBE567017001B1.roa
Signing time:             Fri 10 May 2024 08:48:19 +0000
ROA not before:           Fri 10 May 2024 08:48:15 +0000
ROA not after:            Mon 20 May 2024 08:48:15 +0000
asID:                     142062
IP address blocks:        154.206.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46698 (0xb66a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 10 08:48:15 2024 GMT
            Not After : May 20 08:48:15 2024 GMT
        Subject: CN=663ddf53-a6df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:70:a8:7c:a9:99:95:60:bd:52:20:7d:f9:0e:
                    8b:91:d9:ac:a7:48:48:57:89:20:11:8a:2d:f0:e1:
                    7c:b6:1b:91:21:94:56:aa:4f:e2:06:a9:28:08:9a:
                    04:07:e7:ff:20:b9:ea:33:30:00:d8:9d:d6:f2:e2:
                    c3:2e:bd:42:e8:b9:ff:88:66:8a:bb:6b:39:d1:6b:
                    ba:68:53:b0:7d:a1:e8:0c:b6:af:86:d7:b0:cd:e3:
                    94:81:85:76:93:a0:5f:55:43:d9:fb:40:db:30:a7:
                    f4:12:23:70:58:08:e7:fd:f0:db:ed:95:9e:9f:3e:
                    d3:30:1a:52:90:cd:bb:6d:fb:1d:aa:5c:b2:b3:6e:
                    b6:ed:1e:9c:0a:fb:59:64:80:94:ea:1b:15:e3:06:
                    06:0d:c2:2f:5c:2e:da:fe:d4:01:40:bc:82:06:34:
                    82:3a:3d:37:15:03:32:31:5e:ec:eb:e6:ec:fc:7b:
                    9e:c8:86:16:fc:4f:d0:7c:cd:19:da:28:a1:b7:2f:
                    04:9f:2b:0d:94:91:cd:4a:8e:bf:47:f6:26:66:19:
                    7a:34:18:f2:21:a4:5f:a8:95:2a:9e:87:51:8b:45:
                    7b:5a:cf:06:f7:79:88:01:73:f4:55:64:a9:13:b7:
                    73:74:6b:1c:8a:32:b4:88:8e:61:3f:8f:38:7b:01:
                    5e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:86:03:49:5D:06:D1:28:8B:0B:BB:E4:9D:BC:24:F9:05:F0:9F:DB
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C573D380EAA11EF93BBE567017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.206.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:5c:86:a4:cc:33:ff:3b:96:ed:30:d2:dd:20:0b:f6:a4:16:
         1a:b1:bb:a2:fe:df:61:03:25:57:8f:ff:f5:dc:e8:d4:1c:0d:
         7f:8f:46:27:89:c6:80:41:3a:6a:ee:8f:43:60:05:1c:83:4f:
         02:da:15:18:b8:76:14:19:14:a1:dc:36:d3:85:d5:39:a7:f7:
         1d:c4:dc:a3:aa:b9:fe:79:e2:b2:8c:52:5e:21:cd:3f:ad:a6:
         41:b2:c4:96:ce:84:f8:64:8e:24:e2:ae:89:5d:a3:55:2a:8c:
         44:e5:d9:41:64:6c:bb:02:b1:55:d6:bb:47:31:92:e2:05:17:
         a5:b7:71:92:81:3f:7d:05:d4:9c:64:38:f9:cd:47:3d:6d:ca:
         f4:5e:8d:4c:75:e2:0b:e1:0d:9e:38:ef:18:23:8e:83:48:f7:
         04:3b:92:c1:df:f2:c6:9a:2e:29:49:dd:7a:84:ff:f4:b4:17:
         2f:2d:5b:8e:7f:dd:23:19:db:c3:e7:a4:08:83:1f:8c:a9:85:
         20:0e:c2:9c:c5:3f:d9:c0:22:91:d9:f1:c7:d5:a5:6e:4c:5a:
         68:c5:74:39:a0:db:53:d9:5f:c6:66:c6:25:50:51:56:af:df:
         e6:bd:aa:53:7d:ba:96:f8:6e:7b:83:9b:43:01:eb:79:6a:fd:
         0f:b8:31:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALZqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDg0ODE1WhcNMjQwNTIwMDg0ODE1WjAYMRYw
FAYDVQQDEw02NjNkZGY1My1hNmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHCofKmZlWC9UiB9+Q6Lkdmsp0hIV4kgEYot8OF8thuRIZRWqk/iBqko
CJoEB+f/ILnqMzAA2J3W8uLDLr1C6Ln/iGaKu2s50Wu6aFOwfaHoDLavhtewzeOU
gYV2k6BfVUPZ+0DbMKf0EiNwWAjn/fDb7ZWenz7TMBpSkM27bfsdqlyys2627R6c
CvtZZICU6hsV4wYGDcIvXC7a/tQBQLyCBjSCOj03FQMyMV7s6+bs/HueyIYW/E/Q
fM0Z2iihty8EnysNlJHNSo6/R/YmZhl6NBjyIaRfqJUqnodRi0V7Ws8G93mIAXP0
VWSpE7dzdGscijK0iI5hP484ewFeRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIqG
A0ldBtEoiwu75J28JPkF8J/bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQzU3M0QzODBFQUExMUVGOTNCQkU1NjcwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7PMA0GCSqGSIb3DQEB
CwUAA4IBAQADXIakzDP/O5btMNLdIAv2pBYasbui/t9hAyVXj//13OjUHA1/j0Yn
icaAQTpq7o9DYAUcg08C2hUYuHYUGRSh3DbThdU5p/cdxNyjqrn+eeKyjFJeIc0/
raZBssSWzoT4ZI4k4q6JXaNVKoxE5dlBZGy7ArFV1rtHMZLiBRelt3GSgT99BdSc
ZDj5zUc9bcr0Xo1MdeIL4Q2eOO8YI46DSPcEO5LB3/LGmi4pSd16hP/0tBcvLVuO
f90jGdvD56QIgx+MqYUgDsKcxT/ZwCKR2fHH1aVuTFpoxXQ5oNtT2V/GZsYlUFFW
r9/mvapTfbqW+G57g5tDAet5av0PuDHd
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:33 2024 by rpki-client on console-fra.rpki-client.org