Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A2764DCC7CE11EEBB249D6B775412E6.roa
File:                     7A2764DCC7CE11EEBB249D6B775412E6.roa (raw, json)
Hash identifier:          +ewHyBUle0JIJSiO2zS1MuJP8yu9eQCahlTKZwowXkY=
Subject key identifier:   CE:A7:61:CE:16:F0:12:61:F2:9D:34:DD:E5:CA:DF:E3:12:7B:47:F9
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       8928
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A2764DCC7CE11EEBB249D6B775412E6.roa
Signing time:             Sat 10 Feb 2024 04:40:12 +0000
ROA not before:           Sat 10 Feb 2024 04:40:09 +0000
ROA not after:            Wed 14 Aug 2024 04:40:09 +0000
asID:                     216039
IP address blocks:        154.194.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35112 (0x8928)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Feb 10 04:40:09 2024 GMT
            Not After : Aug 14 04:40:09 2024 GMT
        Subject: CN=65c6fe2c-4505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:69:f5:7a:ef:f3:82:f9:1d:09:3b:1e:f4:59:
                    58:35:ef:be:b2:76:06:17:d0:ed:bb:69:b2:bd:06:
                    e7:db:d3:5a:b3:e7:09:72:f0:8d:1f:81:b6:f4:89:
                    d3:6d:b9:d4:ce:dc:fa:f0:f6:1d:b5:b2:b2:43:e9:
                    c4:6a:0d:66:78:c0:d9:b3:ec:a8:53:3e:48:81:5e:
                    ed:b2:67:d4:4b:8d:47:42:c1:c2:f9:4c:f6:7a:68:
                    c6:c5:b6:2f:8c:83:cd:56:4b:c7:27:8b:3d:ad:93:
                    2c:d0:b7:7c:81:5d:6a:81:4b:a8:c3:82:d5:5d:fd:
                    89:29:52:d9:fb:80:54:0e:f2:7e:ce:7b:9d:e9:72:
                    af:a4:25:3e:7a:4a:e4:af:58:9c:83:1d:8a:ed:01:
                    55:09:27:3c:d5:a0:17:4c:0a:4b:46:7a:72:39:60:
                    d5:ff:7e:6b:af:ea:4f:e2:8f:df:4f:6f:db:ac:5b:
                    06:f9:b6:73:6e:0b:9e:ce:27:63:31:71:d0:14:3d:
                    ee:c8:9d:f8:85:0b:6b:6d:d6:b6:12:2c:51:36:26:
                    40:6c:18:e4:97:86:fc:d2:d6:e9:6f:cf:83:02:5c:
                    bc:35:c1:25:34:dd:9f:bf:d2:69:ec:e9:3e:e7:0d:
                    71:4e:af:61:39:c6:eb:51:10:6a:50:26:93:1a:3c:
                    c3:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A7:61:CE:16:F0:12:61:F2:9D:34:DD:E5:CA:DF:E3:12:7B:47:F9
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A2764DCC7CE11EEBB249D6B775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.194.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:fa:0a:33:1a:2c:bc:30:1e:59:be:54:24:5d:52:dc:cc:c3:
         ef:9c:50:b6:a9:18:4d:f3:02:8e:ca:8f:5c:26:99:f6:df:81:
         e1:53:17:05:04:35:a6:43:d0:8b:6a:4b:fd:55:4c:05:fe:66:
         14:4a:5f:b5:04:d6:93:ab:fe:24:4a:62:3d:76:50:fe:52:5e:
         6e:c0:56:35:ee:d8:0b:9f:99:d0:cf:87:a7:41:4b:4c:0e:97:
         7c:18:8e:a4:27:61:ad:d0:5b:ff:19:ca:55:f4:90:75:ee:d7:
         6f:8e:b1:0e:13:65:fe:65:ec:77:ba:f6:db:9a:58:11:6a:fe:
         fe:2f:d2:c3:d7:c7:5a:da:68:3d:65:6b:28:6d:7b:80:0a:b9:
         66:4a:81:ca:7b:b5:0a:2c:fd:e2:23:c4:46:69:d0:8c:6a:5b:
         62:4d:99:b5:5a:81:11:1f:ba:86:e4:45:b0:55:c1:e9:5b:a0:
         7a:0d:66:c2:f8:21:99:61:56:68:a5:98:e8:46:3c:5a:2b:13:
         f0:cb:e6:ff:98:21:c1:26:47:b1:6d:c4:6f:f1:a4:c7:fa:a8:
         a7:f3:b5:43:6a:b1:82:87:c9:a8:f4:dd:60:e1:c5:4f:ba:16:
         c1:2b:e1:d1:18:45:14:77:40:55:42:0b:a0:bf:1a:e4:63:3b:
         5e:1f:e0:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIkoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjEwMDQ0MDA5WhcNMjQwODE0MDQ0MDA5WjAYMRYw
FAYDVQQDEw02NWM2ZmUyYy00NTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw2n1eu/zgvkdCTse9FlYNe++snYGF9Dtu2myvQbn29Nas+cJcvCNH4G2
9InTbbnUztz68PYdtbKyQ+nEag1meMDZs+yoUz5IgV7tsmfUS41HQsHC+Uz2emjG
xbYvjIPNVkvHJ4s9rZMs0Ld8gV1qgUuow4LVXf2JKVLZ+4BUDvJ+znud6XKvpCU+
ekrkr1icgx2K7QFVCSc81aAXTApLRnpyOWDV/35rr+pP4o/fT2/brFsG+bZzbgue
zidjMXHQFD3uyJ34hQtrbda2EixRNiZAbBjkl4b80tbpb8+DAly8NcElNN2fv9Jp
7Ok+5w1xTq9hOcbrURBqUCaTGjzDbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM6n
Yc4W8BJh8p003eXK3+MSe0f5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QTI3NjREQ0M3Q0UxMUVFQkIyNDlENkI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI8MA0GCSqGSIb3DQEB
CwUAA4IBAQBd+gozGiy8MB5ZvlQkXVLczMPvnFC2qRhN8wKOyo9cJpn234HhUxcF
BDWmQ9CLakv9VUwF/mYUSl+1BNaTq/4kSmI9dlD+Ul5uwFY17tgLn5nQz4enQUtM
Dpd8GI6kJ2Gt0Fv/GcpV9JB17tdvjrEOE2X+Zex3uvbbmlgRav7+L9LD18da2mg9
ZWsobXuACrlmSoHKe7UKLP3iI8RGadCMaltiTZm1WoERH7qG5EWwVcHpW6B6DWbC
+CGZYVZopZjoRjxaKxPwy+b/mCHBJkexbcRv8aTH+qin87VDarGCh8mo9N1g4cVP
uhbBK+HRGEUUd0BVQgugvxrkYzteH+A4
-----END CERTIFICATE-----
Generated at Wed Aug 14 08:58:51 2024 by rpki-client on console-fra.rpki-client.org