Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4019285AC1EC11ECA83565F7F1222468.roa
File:                     4019285AC1EC11ECA83565F7F1222468.roa (raw, json)
Hash identifier:          fdUEWVBmsnQ4mVZpC8H5NaDh6cmVIW6QUFpHazLiQiI=
Subject key identifier:   58:9A:C8:B8:94:A7:A0:EB:C9:D8:26:C6:F7:31:F5:0A:B1:D0:AA:AE
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       15ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4019285AC1EC11ECA83565F7F1222468.roa
Signing time:             Fri 22 Apr 2022 03:28:17 +0000
ROA not before:           Fri 22 Apr 2022 03:28:14 +0000
ROA not after:            Fri 30 Dec 2022 03:28:14 +0000
asID:                     135097
IP address blocks:        154.205.38.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5613 (0x15ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 22 03:28:14 2022 GMT
            Not After : Dec 30 03:28:14 2022 GMT
        Subject: CN=626220d1-44ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:65:1b:58:51:93:74:17:4c:ea:bd:b4:e8:df:
                    75:5a:30:a5:77:ce:a2:8d:82:72:f0:72:05:79:ff:
                    7b:2e:1b:82:62:82:d0:54:6d:41:73:79:1a:6e:71:
                    51:9d:30:c5:f2:3d:58:9c:d1:62:a9:67:07:73:f6:
                    ee:9d:af:38:bc:5f:31:c3:b5:c8:83:a2:2f:93:11:
                    31:1e:29:e3:75:3e:e9:87:45:2b:12:52:0b:6e:e3:
                    3a:34:3b:3e:3f:94:22:5e:7b:e4:48:f7:8a:aa:1d:
                    f0:6b:c8:78:80:3f:45:96:17:71:29:55:d0:d6:e8:
                    1a:37:ff:4e:3d:ef:95:99:40:ad:dd:08:17:dc:40:
                    fb:81:02:c6:5f:af:1b:d2:a1:db:b8:21:b1:e9:f3:
                    fc:ef:7c:42:60:2e:0e:6e:de:4a:89:f4:86:94:92:
                    ba:6d:59:a9:c2:48:5b:c4:46:a4:02:a4:fe:f8:50:
                    f4:74:a2:82:93:d1:52:d8:df:e9:32:1d:f1:8f:6a:
                    93:e1:8e:bd:93:47:5b:04:88:de:da:7f:ee:df:a3:
                    0a:16:14:c1:28:46:7b:37:55:4a:a8:10:3e:e2:da:
                    5f:19:e1:50:e9:4f:9d:d9:20:8d:33:15:4a:d0:ea:
                    c8:6b:3d:05:2f:26:5d:98:9d:c6:14:6e:39:97:25:
                    d3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:9A:C8:B8:94:A7:A0:EB:C9:D8:26:C6:F7:31:F5:0A:B1:D0:AA:AE
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4019285AC1EC11ECA83565F7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:86:1e:c2:c4:38:18:21:92:dc:73:b0:37:34:b2:4a:9c:2c:
         9b:0a:96:60:63:af:54:27:1c:d4:7b:55:59:13:d4:28:76:0d:
         b6:e1:e0:18:24:6a:e0:55:6f:c8:d5:d3:df:3f:ff:33:bb:74:
         f2:e7:05:78:7e:d5:72:44:03:e5:5b:cd:ad:4d:c8:5d:ae:47:
         82:d0:23:b0:69:c4:39:bb:67:d8:27:9a:f4:81:09:ea:31:f3:
         f7:ab:d0:65:00:3a:1c:4e:f3:78:a2:62:44:ed:54:27:05:c8:
         78:b4:0e:db:c2:60:ac:d3:9e:1b:24:ca:dd:1a:d6:e1:95:da:
         3c:69:6f:f9:83:d3:72:a5:6e:37:2e:56:e0:30:0f:53:11:c1:
         7b:c2:46:46:3e:82:ac:61:31:82:82:4e:26:e6:2c:8f:31:3b:
         6e:aa:d2:6a:43:f5:74:6e:4b:ed:46:f8:51:27:c0:98:6a:ed:
         09:31:70:f4:6a:f1:5f:03:44:f7:65:7d:6a:0b:01:f8:88:fd:
         70:7b:a5:f1:38:c8:d9:a2:ea:a7:be:9e:21:f4:22:46:51:c4:
         cf:e7:1e:a7:fb:a7:bb:9b:1b:61:ae:fc:5b:e6:dd:fc:91:2f:
         cf:27:4c:ed:d4:92:c6:f3:ba:27:cd:ca:8e:7c:e2:d2:f0:d3:
         12:0c:d6:b8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFe0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA0MjIwMzI4MTRaFw0yMjEyMzAwMzI4MTRaMBgxFjAU
BgNVBAMMDTYyNjIyMGQxLTQ0ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpZRtYUZN0F0zqvbTo33VaMKV3zqKNgnLwcgV5/3suG4JigtBUbUFzeRpu
cVGdMMXyPVic0WKpZwdz9u6drzi8XzHDtciDoi+TETEeKeN1PumHRSsSUgtu4zo0
Oz4/lCJee+RI94qqHfBryHiAP0WWF3EpVdDW6Bo3/04975WZQK3dCBfcQPuBAsZf
rxvSodu4IbHp8/zvfEJgLg5u3kqJ9IaUkrptWanCSFvERqQCpP74UPR0ooKT0VLY
3+kyHfGPapPhjr2TR1sEiN7af+7fowoWFMEoRns3VUqoED7i2l8Z4VDpT53ZII0z
FUrQ6shrPQUvJl2YncYUbjmXJdNnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWJrI
uJSnoOvJ2CbG9zH1CrHQqq4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzQwMTkyODVBQzFFQzExRUNBODM1NjVGN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGazSYwDQYJKoZIhvcNAQEL
BQADggEBAAmGHsLEOBghktxzsDc0skqcLJsKlmBjr1QnHNR7VVkT1Ch2Dbbh4Bgk
auBVb8jV098//zO7dPLnBXh+1XJEA+Vbza1NyF2uR4LQI7BpxDm7Z9gnmvSBCeox
8/er0GUAOhxO83iiYkTtVCcFyHi0DtvCYKzTnhskyt0a1uGV2jxpb/mD03Klbjcu
VuAwD1MRwXvCRkY+gqxhMYKCTibmLI8xO26q0mpD9XRuS+1G+FEnwJhq7QkxcPRq
8V8DRPdlfWoLAfiI/XB7pfE4yNmi6qe+niH0IkZRxM/nHqf7p7ubG2Gu/Fvm3fyR
L88nTO3UksbzuifNyo584tLw0xIM1rg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:06 2023 by rpki-client on console-ams.rpki-client.org