Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72D0AF6690AA11EC934B9DB85A40D577.roa
File:                     72D0AF6690AA11EC934B9DB85A40D577.roa (raw, json)
Hash identifier:          KkImWy7sVKUzIe62KVPmID0rEsZDMMi07fY1Zu2uvss=
Subject key identifier:   74:31:19:50:AD:40:A2:40:96:7D:90:7F:FB:70:1E:11:F2:DA:98:D1
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       14CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72D0AF6690AA11EC934B9DB85A40D577.roa
Signing time:             Fri 18 Feb 2022 11:03:49 +0000
ROA not before:           Fri 18 Feb 2022 11:03:45 +0000
ROA not after:            Fri 30 Dec 2022 11:03:45 +0000
asID:                     137951
IP address blocks:        154.209.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5326 (0x14ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Feb 18 11:03:45 2022 GMT
            Not After : Dec 30 11:03:45 2022 GMT
        Subject: CN=620f7d15-cc68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:09:60:ea:f6:47:66:26:e9:ad:64:c7:9f:14:
                    fc:28:5a:24:af:56:2b:a0:79:08:df:60:4b:88:79:
                    b3:42:f2:98:29:f8:1d:aa:70:da:d2:62:ef:54:38:
                    17:c7:28:85:5c:ff:74:ba:56:ff:47:a4:26:b0:aa:
                    be:1c:5c:f9:eb:d6:a0:11:ef:d8:46:1b:e1:9e:e8:
                    7c:c6:26:a0:29:ae:48:a4:98:84:80:ae:7a:b3:59:
                    4c:9f:86:d7:d3:16:76:62:2e:ad:ef:7e:68:74:4d:
                    84:cf:56:d4:0c:04:77:e0:62:27:f2:0b:ed:9d:15:
                    09:ba:89:d1:34:8c:bd:56:79:fa:7e:86:f4:96:c1:
                    37:02:c1:08:60:a4:04:4c:ff:0f:99:d2:c0:b2:29:
                    07:c6:37:e3:78:89:7c:ad:88:6e:6d:19:71:16:31:
                    6e:36:87:66:f1:93:0f:6c:4f:95:d7:23:de:61:33:
                    7d:bf:c4:e2:d8:fe:21:b3:8a:d9:65:6c:bd:cb:11:
                    4f:50:e2:ee:76:fa:64:c0:ec:be:68:39:88:21:fe:
                    b0:a1:9d:c1:20:a0:3c:22:3b:8c:e7:fc:8e:f5:44:
                    14:8a:2d:b0:b8:68:6a:f7:d4:87:df:ef:21:5f:5e:
                    88:04:7f:0e:c5:31:1f:61:ce:46:5b:04:77:eb:3a:
                    2a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:31:19:50:AD:40:A2:40:96:7D:90:7F:FB:70:1E:11:F2:DA:98:D1
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72D0AF6690AA11EC934B9DB85A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.209.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:fb:bc:05:a6:64:a6:d6:f2:97:86:ee:98:b5:cb:c7:8b:c9:
         6a:da:e0:7d:5e:df:b8:e1:6f:96:88:22:4f:15:9e:1b:c2:6e:
         c6:8e:b2:75:55:6a:f0:a0:ba:ff:cb:24:79:68:fa:7a:02:45:
         f0:53:8a:73:d4:c1:c7:03:2d:72:db:8a:b2:fa:20:d8:92:ec:
         67:b6:2f:fa:65:0f:12:3c:af:01:59:9e:96:a0:d1:cc:be:5b:
         65:a5:d4:ff:5b:a0:97:0a:38:3c:5b:4d:24:43:85:24:a1:27:
         ff:e6:55:3d:13:d1:24:e3:b2:37:96:85:1a:77:a8:ae:cd:c5:
         74:59:b4:20:f6:28:dd:b5:e6:86:5f:df:6c:a6:43:98:77:3a:
         f5:bb:95:eb:91:90:54:2f:ce:80:69:68:c7:5e:02:96:55:be:
         23:cb:d9:3d:49:28:83:5f:d7:7b:34:d5:94:b1:65:43:f6:2e:
         43:36:c7:e8:9b:d4:40:df:c0:a2:9e:2d:d1:74:98:80:37:5d:
         43:e0:93:ee:16:c7:dc:a5:a9:35:e7:ee:61:71:ed:5b:fe:7f:
         44:9c:9a:f2:d3:ab:85:6b:4e:95:c0:f9:5d:83:88:0c:1c:59:
         a5:03:61:71:4d:92:50:22:37:db:83:c7:27:1d:15:98:b6:69:
         4c:1f:0f:16
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFM4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjAyMTgxMTAzNDVaFw0yMjEyMzAxMTAzNDVaMBgxFjAU
BgNVBAMMDTYyMGY3ZDE1LWNjNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHCWDq9kdmJumtZMefFPwoWiSvViugeQjfYEuIebNC8pgp+B2qcNrSYu9U
OBfHKIVc/3S6Vv9HpCawqr4cXPnr1qAR79hGG+Ge6HzGJqAprkikmISArnqzWUyf
htfTFnZiLq3vfmh0TYTPVtQMBHfgYifyC+2dFQm6idE0jL1Wefp+hvSWwTcCwQhg
pARM/w+Z0sCyKQfGN+N4iXytiG5tGXEWMW42h2bxkw9sT5XXI95hM32/xOLY/iGz
itllbL3LEU9Q4u52+mTA7L5oOYgh/rChncEgoDwiO4zn/I71RBSKLbC4aGr31Iff
7yFfXogEfw7FMR9hzkZbBHfrOio7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdDEZ
UK1AokCWfZB/+3AeEfLamNEwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzcyRDBBRjY2OTBBQTExRUM5MzRCOURCODVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0YcwDQYJKoZIhvcNAQEL
BQADggEBAIH7vAWmZKbW8peG7pi1y8eLyWra4H1e37jhb5aIIk8VnhvCbsaOsnVV
avCguv/LJHlo+noCRfBTinPUwccDLXLbirL6INiS7Ge2L/plDxI8rwFZnpag0cy+
W2Wl1P9boJcKODxbTSRDhSShJ//mVT0T0STjsjeWhRp3qK7NxXRZtCD2KN215oZf
32ymQ5h3OvW7leuRkFQvzoBpaMdeApZVviPL2T1JKINf13s01ZSxZUP2LkM2x+ib
1EDfwKKeLdF0mIA3XUPgk+4Wx9ylqTXn7mFx7Vv+f0ScmvLTq4VrTpXA+V2DiAwc
WaUDYXFNklAiN9uDxycdFZi2aUwfDxY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:08 2023 by rpki-client on console-ams.rpki-client.org