Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/397B2EE6E58111EBBF003630F8AEA228.roa
File:                     397B2EE6E58111EBBF003630F8AEA228.roa (raw, json)
Hash identifier:          wAZWEGtseiW8Ok/8y7R6FDOJBv4M9Mf3esMnglpXCeg=
Subject key identifier:   F0:6C:E3:84:5B:99:92:9F:E8:2A:3A:AF:05:D5:42:95:8C:B2:D8:2D
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0818
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/397B2EE6E58111EBBF003630F8AEA228.roa
Signing time:             Thu 15 Jul 2021 15:27:54 +0000
ROA not before:           Thu 15 Jul 2021 15:27:50 +0000
ROA not after:            Sat 09 Jul 2022 15:27:50 +0000
asID:                     397630
IP address blocks:        154.84.142.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2072 (0x818)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 15 15:27:50 2021 GMT
            Not After : Jul  9 15:27:50 2022 GMT
        Subject: CN=60f053fa-493a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:31:7f:bf:59:c3:8d:20:8b:65:57:b0:d9:37:
                    f6:39:7f:31:77:7c:75:ca:83:5e:da:a6:61:72:66:
                    7a:93:8a:65:bb:38:cb:e0:5b:7f:13:ab:97:b2:aa:
                    d7:ed:7e:52:02:18:2d:b7:84:93:9e:90:e2:6e:a9:
                    a2:31:33:25:a0:c3:ba:bd:c2:cd:0d:10:d0:7a:f7:
                    6d:fd:11:c4:fd:2a:f5:4d:14:35:bf:a6:72:8a:e6:
                    49:7a:a8:a5:68:7f:cf:a2:60:7d:33:b6:8b:68:76:
                    b4:11:3a:4b:d5:0f:e7:7d:bc:0c:eb:ce:b8:4e:a3:
                    fb:49:31:58:05:38:c2:ad:16:25:4e:96:7d:75:dc:
                    e5:82:96:8f:a6:68:4a:09:57:ec:8b:ea:82:05:21:
                    2c:e5:27:ed:22:03:13:4e:02:66:62:49:23:3a:1a:
                    1c:72:25:15:21:f8:ea:8d:54:ef:9d:b3:86:24:c1:
                    e7:fa:95:c0:b3:fe:0f:34:ed:94:24:66:59:06:9b:
                    08:f1:54:1b:5f:e8:ef:d6:5c:fd:98:48:f5:d1:9f:
                    7c:5c:2c:cf:72:ea:ab:06:27:f4:19:4b:b3:6b:37:
                    45:75:3a:30:fe:99:c4:60:25:4a:b5:ef:03:ad:96:
                    aa:25:44:02:28:f8:c2:c6:7d:b2:bf:be:e9:00:c1:
                    3a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:6C:E3:84:5B:99:92:9F:E8:2A:3A:AF:05:D5:42:95:8C:B2:D8:2D
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/397B2EE6E58111EBBF003630F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.84.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:b4:c9:f0:ef:16:e3:b5:c9:0e:e8:e0:fd:83:73:b8:fd:af:
         07:ff:30:41:b0:ac:5b:62:db:08:32:d4:71:a6:a2:b5:b1:b2:
         6c:1a:c7:cb:aa:5f:e9:f0:e5:27:22:f6:1c:b3:f4:db:ae:aa:
         88:b6:65:3c:f3:06:94:2f:8e:e1:68:dc:93:b1:c8:22:24:da:
         9c:51:53:d6:f1:ff:09:b1:b4:63:da:2d:d0:66:31:de:d1:e8:
         f4:a6:1f:c2:1e:94:56:b1:d1:d9:d1:f5:8f:d8:ea:e9:be:bd:
         d6:67:6f:99:e2:a9:3b:ce:22:fb:8a:69:fc:97:ad:79:a5:39:
         c8:f3:a4:20:f0:f5:64:c4:9d:88:3b:69:56:76:03:5a:82:d7:
         af:7c:4e:ff:3c:39:86:51:26:ee:44:a7:ff:e2:95:e7:b5:5c:
         30:59:91:ec:21:85:5a:00:80:d2:14:69:8f:21:a9:7b:44:df:
         68:6a:34:16:42:f8:67:bb:f8:8c:13:50:1e:f3:9e:f0:91:5f:
         bc:2b:78:52:ce:d3:fd:71:00:1d:cc:c1:1d:b6:8e:d6:be:f2:
         c6:30:2a:65:be:32:fc:aa:97:b6:88:86:56:a1:c1:b2:ad:cf:
         e3:5b:ec:49:33:93:da:6d:7c:8f:8c:70:3a:c8:85:e7:08:93:
         f2:1b:63:73
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCBgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMTA3MTUxNTI3NTBaFw0yMjA3MDkxNTI3NTBaMBgxFjAU
BgNVBAMTDTYwZjA1M2ZhLTQ5M2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDkMX+/WcONIItlV7DZN/Y5fzF3fHXKg17apmFyZnqTimW7OMvgW38Tq5ey
qtftflICGC23hJOekOJuqaIxMyWgw7q9ws0NENB69239EcT9KvVNFDW/pnKK5kl6
qKVof8+iYH0ztotodrQROkvVD+d9vAzrzrhOo/tJMVgFOMKtFiVOln113OWClo+m
aEoJV+yL6oIFISzlJ+0iAxNOAmZiSSM6GhxyJRUh+OqNVO+ds4Ykwef6lcCz/g80
7ZQkZlkGmwjxVBtf6O/WXP2YSPXRn3xcLM9y6qsGJ/QZS7NrN0V1OjD+mcRgJUq1
7wOtlqolRAIo+MLGfbK/vukAwTq5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8Gzj
hFuZkp/oKjqvBdVClYyy2C0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzM5N0IyRUU2RTU4MTExRUJCRjAwMzYzMEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVI4wDQYJKoZIhvcNAQEL
BQADggEBAHm0yfDvFuO1yQ7o4P2Dc7j9rwf/MEGwrFti2wgy1HGmorWxsmwax8uq
X+nw5Sci9hyz9Nuuqoi2ZTzzBpQvjuFo3JOxyCIk2pxRU9bx/wmxtGPaLdBmMd7R
6PSmH8IelFax0dnR9Y/Y6um+vdZnb5niqTvOIvuKafyXrXmlOcjzpCDw9WTEnYg7
aVZ2A1qC1698Tv88OYZRJu5Ep//ilee1XDBZkewhhVoAgNIUaY8hqXtE32hqNBZC
+Ge7+IwTUB7znvCRX7wreFLO0/1xAB3MwR22jta+8sYwKmW+Mvyql7aIhlahwbKt
z+Nb7Ekzk9ptfI+McDrIhecIk/IbY3M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:08 2023 by rpki-client on console-fra.rpki-client.org