Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FE42552250F11EDA047ECF4F1222468.roa
File:                     8FE42552250F11EDA047ECF4F1222468.roa (raw, json)
Hash identifier:          AtgStpQ28lIVl9NMzDQGdlutp0isOiJk5wDgOXagJd4=
Subject key identifier:   27:E8:C1:EA:31:FD:C2:D7:AB:2E:FB:59:82:6C:8E:89:22:98:99:EA
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       1861
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FE42552250F11EDA047ECF4F1222468.roa
Signing time:             Fri 26 Aug 2022 07:20:29 +0000
ROA not before:           Fri 26 Aug 2022 07:20:25 +0000
ROA not after:            Thu 31 Aug 2023 07:20:25 +0000
asID:                     140224
IP address blocks:        154.197.16.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6241 (0x1861)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 26 07:20:25 2022 GMT
            Not After : Aug 31 07:20:25 2023 GMT
        Subject: CN=6308743d-b753
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:42:14:22:ab:35:c8:8d:3e:56:4e:01:82:0f:
                    b2:b8:c2:78:e4:36:c8:98:94:f7:0e:7c:51:6c:a6:
                    b4:57:08:d8:70:bc:7a:22:ef:28:f2:17:94:32:83:
                    36:3b:34:3d:fc:37:94:29:a3:8a:62:79:f1:5f:56:
                    19:7d:f4:27:d4:02:e0:a0:8e:ff:75:4b:e3:05:a9:
                    8f:9c:eb:5f:20:c9:44:cc:a3:8c:62:75:7c:a8:70:
                    da:ea:bd:db:65:a9:8f:23:6f:4a:1b:a4:6d:e7:74:
                    9a:a9:d2:f5:0a:45:50:7c:71:bf:59:cc:b3:54:68:
                    74:6e:f2:be:da:a6:e7:46:0c:f7:b0:a0:8a:5d:b5:
                    3f:d0:09:bf:92:19:79:1c:96:5c:2b:67:3a:d5:ff:
                    ed:4e:8f:ba:a1:44:0d:a5:79:c7:e2:4a:a2:1b:3f:
                    e2:17:70:10:cf:78:e0:13:b1:41:26:be:a8:ef:d4:
                    e3:e9:6c:9f:f1:e1:f5:8d:c6:ce:2a:1a:51:32:d2:
                    ee:01:ae:ed:a3:90:47:7e:a7:cf:e6:c9:d9:1c:cb:
                    c9:1b:1a:be:f4:8c:aa:ad:38:25:6d:5f:b4:7a:34:
                    24:42:d9:b7:e5:47:fe:20:62:33:d6:71:e4:ed:f4:
                    12:8f:ee:87:da:ce:b0:ee:e5:a5:6a:ab:2e:f6:fd:
                    fe:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E8:C1:EA:31:FD:C2:D7:AB:2E:FB:59:82:6C:8E:89:22:98:99:EA
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FE42552250F11EDA047ECF4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         06:e5:6f:dc:20:82:de:9a:18:e1:90:17:2b:e9:3a:17:52:8a:
         89:c5:4f:e1:16:fd:b0:10:02:3c:34:ef:4f:11:d3:e4:09:d5:
         0e:93:3b:c1:16:00:c2:1d:57:cb:88:65:bc:12:5a:39:71:e2:
         49:b3:18:9b:0c:68:af:e6:11:12:5b:b4:e1:bc:02:d2:69:b9:
         a5:f1:e6:f8:37:0b:d1:5d:a6:5e:d4:41:04:7a:9a:ad:23:44:
         9a:42:64:f1:b7:f6:4c:12:74:7c:74:ad:17:13:74:9e:a3:ae:
         f7:4d:42:5d:45:ce:55:9b:19:8e:e5:f1:16:e1:13:e5:1d:a1:
         fb:45:79:dd:36:89:6b:68:7b:84:77:0f:fe:bc:76:bc:27:e1:
         d8:82:57:6f:b2:37:1f:01:a0:c3:16:7d:18:63:3b:a3:e9:83:
         c8:ba:16:54:2f:f3:c2:e6:cf:c1:0f:10:c9:20:9d:0b:06:29:
         2d:fb:9b:a1:84:59:5a:c8:6c:8d:29:c0:5b:a2:2b:f5:35:43:
         3c:d6:34:7f:bb:39:d0:9f:c1:66:d2:6b:e9:00:b6:f9:5f:e0:
         db:ae:2e:2d:6f:1a:4f:e0:e8:6b:6e:dd:3d:2d:8e:5a:7f:08:
         02:3c:af:c8:fe:19:d0:6c:84:f9:61:6f:23:94:e2:8f:b8:7f:
         46:f8:b5:6e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGGEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA4MjYwNzIwMjVaFw0yMzA4MzEwNzIwMjVaMBgxFjAU
BgNVBAMMDTYzMDg3NDNkLWI3NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnQhQiqzXIjT5WTgGCD7K4wnjkNsiYlPcOfFFsprRXCNhwvHoi7yjyF5Qy
gzY7ND38N5Qpo4piefFfVhl99CfUAuCgjv91S+MFqY+c618gyUTMo4xidXyocNrq
vdtlqY8jb0obpG3ndJqp0vUKRVB8cb9ZzLNUaHRu8r7apudGDPewoIpdtT/QCb+S
GXkcllwrZzrV/+1Oj7qhRA2lecfiSqIbP+IXcBDPeOATsUEmvqjv1OPpbJ/x4fWN
xs4qGlEy0u4Bru2jkEd+p8/mydkcy8kbGr70jKqtOCVtX7R6NCRC2bflR/4gYjPW
ceTt9BKP7ofazrDu5aVqqy72/f6pAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJ+jB
6jH9wterLvtZgmyOiSKYmeowHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzhGRTQyNTUyMjUwRjExRURBMDQ3RUNGNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOaxRAwDQYJKoZIhvcNAQEL
BQADggEBAAblb9wggt6aGOGQFyvpOhdSionFT+EW/bAQAjw0708R0+QJ1Q6TO8EW
AMIdV8uIZbwSWjlx4kmzGJsMaK/mERJbtOG8AtJpuaXx5vg3C9Fdpl7UQQR6mq0j
RJpCZPG39kwSdHx0rRcTdJ6jrvdNQl1FzlWbGY7l8RbhE+UdoftFed02iWtoe4R3
D/68drwn4diCV2+yNx8BoMMWfRhjO6Ppg8i6FlQv88Lmz8EPEMkgnQsGKS37m6GE
WVrIbI0pwFuiK/U1QzzWNH+7OdCfwWbSa+kAtvlf4NuuLi1vGk/g6Gtu3T0tjlp/
CAI8r8j+GdBshPlhbyOU4o+4f0b4tW4=
-----END CERTIFICATE-----
Generated at Fri Sep 1 01:18:05 2023 by rpki-client on console-ams.rpki-client.org