Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79DC970ADBD911EC8DB76F89F1222468.roa
File:                     79DC970ADBD911EC8DB76F89F1222468.roa (raw, json)
Hash identifier:          bazKP0o2TyBCD+MZYa47Q8HaL8rhav3K1DmwBsFaUu4=
Subject key identifier:   75:38:72:2C:7A:2F:D9:AF:9E:21:ED:D0:53:80:C9:FC:51:B3:EC:99
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       166D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79DC970ADBD911EC8DB76F89F1222468.roa
Signing time:             Wed 25 May 2022 03:19:24 +0000
ROA not before:           Wed 25 May 2022 03:19:20 +0000
ROA not after:            Fri 30 Dec 2022 03:19:20 +0000
asID:                     35916
IP address blocks:        154.196.162.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5741 (0x166d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 25 03:19:20 2022 GMT
            Not After : Dec 30 03:19:20 2022 GMT
        Subject: CN=628da03c-98dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:54:37:14:02:fc:fa:93:08:6f:9d:c3:d1:17:
                    0f:38:e5:05:67:97:ed:2a:14:71:96:98:8b:b8:1b:
                    4a:c9:04:05:57:d1:b8:91:d1:07:cd:34:8c:c1:e7:
                    6e:df:f3:d5:63:71:e8:74:d7:b5:db:df:82:23:de:
                    72:bf:b0:5d:53:e9:83:51:57:67:70:5f:53:8a:20:
                    1d:0c:3a:5a:7e:69:e2:22:77:a5:16:c4:77:9a:b8:
                    cf:38:15:80:af:7d:13:10:cb:b0:24:fb:a0:0e:a7:
                    df:10:90:e3:c1:5a:55:5e:86:24:5d:09:b4:d1:03:
                    e9:8c:4b:f5:29:1c:c1:da:81:d7:ab:1b:87:77:ff:
                    bd:01:1d:bd:d8:1e:8d:2e:6b:1e:6c:de:eb:ee:76:
                    0c:e1:54:2a:cb:e3:f7:27:56:d6:ba:fb:6b:34:0c:
                    b0:7f:f1:1a:5b:38:5a:83:f1:19:69:60:99:b5:81:
                    e0:bd:a0:b0:d5:84:f4:a9:d8:d8:e0:5f:16:ff:f6:
                    5a:45:c9:f5:81:63:d2:20:4c:1a:bd:f1:b7:6a:37:
                    bd:6c:95:05:92:cc:67:73:d3:18:6f:f0:35:dc:ac:
                    30:a2:7d:8b:d3:39:48:6d:0e:73:ab:92:ba:53:43:
                    c6:29:dc:20:cc:74:f6:5f:83:fd:51:dc:2c:70:81:
                    5f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:38:72:2C:7A:2F:D9:AF:9E:21:ED:D0:53:80:C9:FC:51:B3:EC:99
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79DC970ADBD911EC8DB76F89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.196.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:a0:dd:44:39:d5:f2:92:3d:23:7e:72:ad:51:be:08:ff:dd:
         9f:ed:25:bf:f5:a7:b0:75:0a:76:9a:2f:1e:e1:d9:fe:13:35:
         31:e7:b3:33:04:2a:a7:11:cf:77:d4:a4:cb:a2:47:d6:10:1d:
         10:69:41:90:35:52:36:a5:80:0f:61:a6:cd:a1:b8:00:6b:32:
         40:19:c7:fb:e7:09:ab:c5:21:c4:d0:b6:00:b2:96:79:ba:cc:
         74:60:a5:82:c2:25:45:66:15:20:27:3a:95:03:1e:61:f3:a3:
         22:0c:39:a7:a6:7e:f9:fc:0d:fa:47:29:74:f8:df:54:4c:6e:
         0f:49:da:9b:62:b7:e6:15:26:ab:5b:95:88:99:fd:f7:05:68:
         3a:83:fe:e8:14:47:83:b5:bd:24:18:f2:ae:68:69:1d:fd:28:
         a5:da:61:75:e5:4b:25:9f:a0:c4:a7:2f:d3:45:9e:3d:d7:e4:
         94:d4:33:8d:37:c1:c8:d0:ec:7c:fd:f8:b2:18:a9:bf:96:ae:
         8d:ac:72:f2:bd:d8:59:00:08:92:b2:18:43:3c:28:9f:0c:b2:
         43:93:a1:a2:30:97:1b:6d:37:0b:e3:28:20:23:df:e4:81:d7:
         62:40:d0:7d:d3:51:6b:4b:b1:51:83:dc:55:5f:db:19:4a:a8:
         ae:e7:8e:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFm0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA1MjUwMzE5MjBaFw0yMjEyMzAwMzE5MjBaMBgxFjAU
BgNVBAMMDTYyOGRhMDNjLTk4ZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhVDcUAvz6kwhvncPRFw845QVnl+0qFHGWmIu4G0rJBAVX0biR0QfNNIzB
527f89Vjceh017Xb34Ij3nK/sF1T6YNRV2dwX1OKIB0MOlp+aeIid6UWxHeauM84
FYCvfRMQy7Ak+6AOp98QkOPBWlVehiRdCbTRA+mMS/UpHMHagderG4d3/70BHb3Y
Ho0uax5s3uvudgzhVCrL4/cnVta6+2s0DLB/8RpbOFqD8RlpYJm1geC9oLDVhPSp
2NjgXxb/9lpFyfWBY9IgTBq98bdqN71slQWSzGdz0xhv8DXcrDCifYvTOUhtDnOr
krpTQ8Yp3CDMdPZfg/1R3CxwgV9tAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdThy
LHov2a+eIe3QU4DJ/FGz7JkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzc5REM5NzBBREJEOTExRUM4REI3NkY4OUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaxKIwDQYJKoZIhvcNAQEL
BQADggEBAKeg3UQ51fKSPSN+cq1Rvgj/3Z/tJb/1p7B1CnaaLx7h2f4TNTHnszME
KqcRz3fUpMuiR9YQHRBpQZA1UjalgA9hps2huABrMkAZx/vnCavFIcTQtgCylnm6
zHRgpYLCJUVmFSAnOpUDHmHzoyIMOaemfvn8DfpHKXT431RMbg9J2ptit+YVJqtb
lYiZ/fcFaDqD/ugUR4O1vSQY8q5oaR39KKXaYXXlSyWfoMSnL9NFnj3X5JTUM403
wcjQ7Hz9+LIYqb+Wro2scvK92FkACJKyGEM8KJ8MskOToaIwlxttNwvjKCAj3+SB
12JA0H3TUWtLsVGD3FVf2xlKqK7njgM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:08 2023 by rpki-client on console-ams.rpki-client.org