Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A01F5EB890AA11ECB3663BB95A40D577.roa
File:                     A01F5EB890AA11ECB3663BB95A40D577.roa (raw, json)
Hash identifier:          kmEuFuvx9CGfDUrxsgXRJIWZA5TK0nNyNJqoyHyhRbs=
Subject key identifier:   3A:8D:07:3F:39:D6:D9:2E:D1:A1:2A:C9:20:4C:41:B8:21:0C:7C:06
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       14D2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A01F5EB890AA11ECB3663BB95A40D577.roa
Signing time:             Fri 18 Feb 2022 11:05:05 +0000
ROA not before:           Fri 18 Feb 2022 11:05:01 +0000
ROA not after:            Fri 30 Dec 2022 11:05:01 +0000
asID:                     137951
IP address blocks:        154.209.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5330 (0x14d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Feb 18 11:05:01 2022 GMT
            Not After : Dec 30 11:05:01 2022 GMT
        Subject: CN=620f7d61-e3cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:82:29:3c:a2:f0:07:2d:43:5b:07:6f:45:2c:
                    d2:8b:bf:3b:c0:6f:12:02:80:47:f0:cb:05:f1:b4:
                    f5:b8:de:c9:bd:aa:b9:2e:9d:bd:b4:a5:e4:64:49:
                    0a:25:96:83:1b:cc:f1:00:54:f4:1c:65:3a:a2:2c:
                    38:03:ba:20:58:33:c2:55:5b:ee:5b:f0:0a:9f:e0:
                    58:af:38:f2:2c:dc:50:3a:b8:20:22:68:0d:7a:96:
                    43:0a:4e:70:2a:5a:d8:89:f1:8f:1c:bc:98:aa:f0:
                    48:b3:e6:b8:e7:28:d1:23:be:c8:23:7a:6a:23:3d:
                    d6:04:8a:77:0c:7e:6c:61:a5:37:90:8a:38:14:c9:
                    e5:95:42:62:dd:ea:12:84:90:78:1e:c4:3a:8d:4d:
                    af:b1:96:d3:bb:25:da:82:34:89:91:db:b8:a7:1c:
                    bf:1e:6c:33:17:c4:69:11:bb:c6:f6:78:ba:bd:67:
                    09:bb:6a:38:92:1c:91:f2:27:a2:56:14:d1:e4:fe:
                    cb:ec:b8:63:49:e9:21:29:53:3d:97:88:b2:af:05:
                    55:54:de:fd:a1:a3:85:58:be:0a:9a:21:ab:67:96:
                    e2:28:75:aa:0a:e6:60:61:25:97:50:41:07:37:e0:
                    fe:40:9b:22:2e:b6:ea:ee:bc:e8:85:fd:7b:65:ec:
                    36:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:8D:07:3F:39:D6:D9:2E:D1:A1:2A:C9:20:4C:41:B8:21:0C:7C:06
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A01F5EB890AA11ECB3663BB95A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.209.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:64:3e:55:c5:07:ab:e8:3f:fd:d7:0c:60:bc:29:bd:0f:b7:
         d2:88:4a:13:44:37:eb:44:cf:2a:b2:ee:cd:31:59:a7:97:5a:
         bc:25:9a:15:04:4b:1e:77:b9:d6:cd:d4:3f:90:b3:2f:b2:d8:
         b7:52:8f:e0:ca:9d:2b:e1:e2:88:f9:5f:a7:6a:87:04:92:6e:
         d3:7a:14:bd:5f:9f:45:45:6a:84:b2:f1:ac:35:71:a5:f6:36:
         8f:0d:87:b1:34:f9:33:1e:ed:68:68:d3:82:ba:81:75:eb:2a:
         b6:c4:68:e7:25:99:92:2e:56:46:5d:bb:db:2e:3c:4d:b3:24:
         1f:25:7e:8e:93:51:32:25:ff:c7:d9:a3:19:58:27:e3:56:07:
         74:65:7c:03:f3:be:42:04:76:bb:1a:c9:57:cf:a1:f9:be:77:
         c8:bd:96:39:f1:b5:b2:f0:f4:56:92:37:99:83:b9:49:66:c2:
         f6:17:e7:62:a0:fe:6b:a4:ae:d1:14:da:bf:4b:cf:c5:fc:d0:
         49:67:21:f7:55:14:5b:11:18:32:a4:61:54:3a:85:cd:a6:13:
         f8:db:69:f2:83:2d:7f:b5:b0:20:b0:ae:fe:34:da:78:01:9c:
         d3:16:28:47:99:08:db:9f:e8:a0:9e:18:18:28:48:48:48:ef:
         dd:55:b3:86
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFNIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjAyMTgxMTA1MDFaFw0yMjEyMzAxMTA1MDFaMBgxFjAU
BgNVBAMMDTYyMGY3ZDYxLWUzY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkgik8ovAHLUNbB29FLNKLvzvAbxICgEfwywXxtPW43sm9qrkunb20peRk
SQolloMbzPEAVPQcZTqiLDgDuiBYM8JVW+5b8Aqf4FivOPIs3FA6uCAiaA16lkMK
TnAqWtiJ8Y8cvJiq8Eiz5rjnKNEjvsgjemojPdYEincMfmxhpTeQijgUyeWVQmLd
6hKEkHgexDqNTa+xltO7JdqCNImR27inHL8ebDMXxGkRu8b2eLq9Zwm7ajiSHJHy
J6JWFNHk/svsuGNJ6SEpUz2XiLKvBVVU3v2ho4VYvgqaIatnluIodaoK5mBhJZdQ
QQc34P5AmyIuturuvOiF/Xtl7DbvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOo0H
PznW2S7RoSrJIExBuCEMfAYwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0EwMUY1RUI4OTBBQTExRUNCMzY2M0JCOTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0ZMwDQYJKoZIhvcNAQEL
BQADggEBAD1kPlXFB6voP/3XDGC8Kb0Pt9KIShNEN+tEzyqy7s0xWaeXWrwlmhUE
Sx53udbN1D+Qsy+y2LdSj+DKnSvh4oj5X6dqhwSSbtN6FL1fn0VFaoSy8aw1caX2
No8Nh7E0+TMe7Who04K6gXXrKrbEaOclmZIuVkZdu9suPE2zJB8lfo6TUTIl/8fZ
oxlYJ+NWB3RlfAPzvkIEdrsayVfPofm+d8i9ljnxtbLw9FaSN5mDuUlmwvYX52Kg
/mukrtEU2r9Lz8X80ElnIfdVFFsRGDKkYVQ6hc2mE/jbafKDLX+1sCCwrv402ngB
nNMWKEeZCNuf6KCeGBgoSEhI791Vs4Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:09 2023 by rpki-client on console-ams.rpki-client.org