Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/204A5F6EBA5111EC962A62935A40D577.roa
File:                     204A5F6EBA5111EC962A62935A40D577.roa (raw, json)
Hash identifier:          L7yTLGjHO2/XPBlbeQjJ1CTiG6khH4cMXGDltSrzhco=
Subject key identifier:   E4:BE:E8:87:B4:83:2E:50:40:AF:11:3C:84:E6:80:E8:00:F5:50:52
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       15BB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/204A5F6EBA5111EC962A62935A40D577.roa
Signing time:             Tue 12 Apr 2022 11:10:14 +0000
ROA not before:           Tue 12 Apr 2022 11:10:09 +0000
ROA not after:            Wed 31 May 2023 11:10:09 +0000
asID:                     132513
IP address blocks:        154.91.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5563 (0x15bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 12 11:10:09 2022 GMT
            Not After : May 31 11:10:09 2023 GMT
        Subject: CN=62555e16-e169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:47:02:de:7e:0e:9b:c1:18:04:92:6c:89:55:
                    06:20:05:51:c6:db:d0:e3:dd:10:68:4f:43:9b:64:
                    36:6a:4a:cf:61:33:fd:bd:60:bb:6e:3b:73:09:6f:
                    7f:41:0c:e2:a7:87:ce:42:82:33:c2:0d:1d:b3:c8:
                    62:2e:b8:d6:3b:19:18:5c:82:8b:6e:34:06:30:43:
                    1d:89:c0:33:f7:51:58:0c:ab:c9:97:91:17:1a:b6:
                    48:c2:cc:4d:ba:fc:14:0d:d5:36:40:a1:63:51:8a:
                    2a:f2:8c:7f:a5:48:80:24:6d:82:c0:d5:15:61:50:
                    de:a6:37:11:f9:40:5e:64:e4:f4:09:a0:91:b9:ee:
                    92:16:ab:d9:6d:b1:22:5d:2d:7e:7d:aa:f0:22:56:
                    48:7f:a7:87:42:77:1f:86:81:43:77:95:f8:c6:d6:
                    72:57:95:8e:a8:93:5a:c2:80:9d:9f:d6:d7:13:1d:
                    60:60:ec:d7:84:12:45:46:79:a4:c4:a7:b1:2a:d8:
                    19:19:85:7a:7d:53:b0:bb:3e:82:c8:85:8d:ff:ce:
                    07:f3:e0:67:60:21:7d:f2:4c:68:b5:73:39:df:80:
                    c8:be:6e:8e:31:c9:4f:b6:e3:72:45:1b:75:97:4f:
                    a2:6f:e7:6d:1d:97:c2:78:24:b6:48:52:33:fb:d6:
                    34:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:BE:E8:87:B4:83:2E:50:40:AF:11:3C:84:E6:80:E8:00:F5:50:52
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/204A5F6EBA5111EC962A62935A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.91.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:ca:db:f2:1c:50:15:86:9c:4d:6c:43:73:c3:4c:2a:7c:fc:
         17:c4:d0:f4:c6:bb:91:0c:aa:ca:26:d9:7a:da:fc:ba:82:4c:
         8c:9f:c8:be:2b:59:17:7c:2f:5c:86:9c:c1:39:e0:f3:f1:c4:
         cb:a1:43:2a:38:8e:df:4e:ec:60:63:fd:6b:78:96:75:5d:b5:
         48:19:93:b6:72:60:b2:c4:0f:d5:e3:e2:2a:9b:1e:1e:9b:71:
         7e:f2:39:a1:d5:7b:c4:6f:3a:cd:f0:1b:bd:30:7e:a6:4d:90:
         3d:62:2a:80:4b:be:f1:78:4e:a1:dd:29:f4:ff:d5:c7:d2:71:
         36:9e:67:c3:8c:c4:60:e3:f9:40:cc:54:39:22:74:50:03:d2:
         83:a8:8e:46:e7:a5:2a:59:b1:fb:ba:13:d8:58:4a:a9:53:98:
         3d:2f:be:cf:32:c7:ec:04:f6:87:ff:4b:ac:81:4d:e5:43:c3:
         9d:bc:d1:8c:68:c0:30:73:ba:37:9d:31:06:34:40:5f:18:2e:
         92:7c:bb:99:35:63:ea:2c:84:3e:d1:45:fc:12:95:a5:05:e3:
         5f:0c:8d:4c:d2:18:bd:0e:61:e9:18:81:00:e0:0d:d6:84:bc:
         37:27:5e:c5:59:92:99:7c:44:b5:f9:9e:3f:3e:3a:bf:2d:8a:
         f4:21:f9:4a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFbswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA0MTIxMTEwMDlaFw0yMzA1MzExMTEwMDlaMBgxFjAU
BgNVBAMMDTYyNTU1ZTE2LWUxNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDkRwLefg6bwRgEkmyJVQYgBVHG29Dj3RBoT0ObZDZqSs9hM/29YLtuO3MJ
b39BDOKnh85CgjPCDR2zyGIuuNY7GRhcgotuNAYwQx2JwDP3UVgMq8mXkRcatkjC
zE26/BQN1TZAoWNRiiryjH+lSIAkbYLA1RVhUN6mNxH5QF5k5PQJoJG57pIWq9lt
sSJdLX59qvAiVkh/p4dCdx+GgUN3lfjG1nJXlY6ok1rCgJ2f1tcTHWBg7NeEEkVG
eaTEp7Eq2BkZhXp9U7C7PoLIhY3/zgfz4GdgIX3yTGi1cznfgMi+bo4xyU+243JF
G3WXT6Jv520dl8J4JLZIUjP71jRDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5L7o
h7SDLlBArxE8hOaA6AD1UFIwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzIwNEE1RjZFQkE1MTExRUM5NjJBNjI5MzVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaW4swDQYJKoZIhvcNAQEL
BQADggEBABXK2/IcUBWGnE1sQ3PDTCp8/BfE0PTGu5EMqsom2Xra/LqCTIyfyL4r
WRd8L1yGnME54PPxxMuhQyo4jt9O7GBj/Wt4lnVdtUgZk7ZyYLLED9Xj4iqbHh6b
cX7yOaHVe8RvOs3wG70wfqZNkD1iKoBLvvF4TqHdKfT/1cfScTaeZ8OMxGDj+UDM
VDkidFAD0oOojkbnpSpZsfu6E9hYSqlTmD0vvs8yx+wE9of/S6yBTeVDw5280Yxo
wDBzujedMQY0QF8YLpJ8u5k1Y+oshD7RRfwSlaUF418MjUzSGL0OYekYgQDgDdaE
vDcnXsVZkpl8RLX5nj8+Or8tivQh+Uo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:05 2023 by rpki-client on console-ams.rpki-client.org