Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
File:                     AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa (raw, json)
Hash identifier:          a9sZaU4UYFu74qVIxvz8I1IJ/RwCkj14T1fdzl0Nto4=
Subject key identifier:   B8:61:66:D1:AD:E4:79:11:3F:3F:AB:89:E1:0C:A9:24:AD:0C:31:FE
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01838A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
Signing time:             Wed 28 May 2025 15:23:11 +0000
ROA not before:           Wed 28 May 2025 15:23:06 +0000
ROA not after:            Sat 07 Jun 2025 15:23:06 +0000
asID:                     139646
IP address blocks:        154.214.32.0/19 maxlen: 24
                          154.216.128.0/18 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99210 (0x1838a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 28 15:23:06 2025 GMT
            Not After : Jun  7 15:23:06 2025 GMT
        Subject: CN=68372a5f-0498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:75:94:d2:f6:6d:ce:92:9f:91:18:3f:1e:33:
                    f6:c7:e0:2d:25:32:6c:59:9f:d6:37:60:4c:a7:dc:
                    28:76:d2:27:e5:d2:dc:27:14:7a:04:89:96:95:0d:
                    be:77:fe:77:c5:17:ef:4e:3d:23:c1:ff:b4:4d:8a:
                    28:7d:03:24:cb:82:e6:79:4a:b6:c1:12:a1:f0:ff:
                    37:7a:9b:f0:13:95:ad:1e:62:36:8b:90:24:73:df:
                    dc:91:e6:d7:08:ea:c3:03:2e:ae:d9:9d:8e:5a:42:
                    0b:7d:b7:45:73:34:0d:8d:92:32:07:fb:a5:9a:9e:
                    cf:4f:72:45:66:2b:f5:f5:e0:86:fa:5d:0f:bf:a2:
                    b2:12:be:27:ff:fc:e0:83:5a:b8:c6:ec:68:dc:bf:
                    05:2e:f0:b7:f1:d3:f7:b9:f5:29:7d:e8:30:f7:af:
                    dc:0f:d0:52:65:c6:fd:28:91:9a:1f:e1:8b:d7:0f:
                    80:e9:c4:a9:99:dd:1e:e5:b9:f4:6e:01:f0:eb:79:
                    ca:a2:95:48:32:34:e2:b4:9f:77:22:09:88:77:0a:
                    aa:2b:cf:64:75:86:e0:e4:04:4e:40:1f:4b:fb:08:
                    62:e1:24:45:33:e6:3e:5e:0e:44:9e:b1:a7:1c:cb:
                    ca:05:09:d0:7d:49:95:00:00:51:6a:72:1c:34:23:
                    fc:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:61:66:D1:AD:E4:79:11:3F:3F:AB:89:E1:0C:A9:24:AD:0C:31:FE
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.214.32.0/19
                  154.216.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         01:2d:c4:4d:7f:42:f2:79:e7:23:38:58:fe:85:f4:d5:e5:89:
         cf:03:55:9a:17:5f:53:53:da:4e:ba:5d:99:5f:2f:af:b0:20:
         25:8b:7e:b2:d2:23:32:46:9c:1e:0b:c8:9b:30:2a:1a:bb:cc:
         7c:40:44:66:9f:0d:a4:91:1e:63:26:f9:19:8d:29:0f:99:de:
         d5:c1:90:85:c2:9b:e2:8d:13:75:68:a5:23:eb:6b:c9:db:f9:
         2f:0e:57:8f:c1:6c:37:68:6c:54:9d:c5:13:0a:f3:ef:1b:4b:
         c3:97:d7:bb:b7:dd:4d:1b:6a:8b:2e:a4:48:b0:63:a0:a8:4f:
         14:12:ca:82:c1:c1:11:89:bd:a8:e3:d3:7c:18:38:67:e2:ae:
         1f:26:a0:fa:3c:98:c3:38:62:2c:6a:c2:d1:b5:02:b4:64:66:
         26:43:94:6b:2b:fb:50:5a:44:4e:1a:60:5d:1a:62:2a:27:07:
         2f:fa:bd:7b:4a:f9:9c:c2:ce:c3:66:8d:97:d6:62:c2:ea:ac:
         64:8c:49:f2:f3:a7:8f:67:47:8b:a3:ea:52:f6:cf:e5:8e:a7:
         9e:06:94:03:e5:82:b5:35:93:d7:84:8b:56:19:47:78:d4:8f:
         32:78:9a:c2:dd:80:d5:e7:61:c9:c0:18:1c:f3:6a:68:6e:b9:
         7e:06:cd:9d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYOKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTUyMzA2WhcNMjUwNjA3MTUyMzA2WjAYMRYw
FAYDVQQDEw02ODM3MmE1Zi0wNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq3WU0vZtzpKfkRg/HjP2x+AtJTJsWZ/WN2BMp9wodtIn5dLcJxR6BImW
lQ2+d/53xRfvTj0jwf+0TYoofQMky4LmeUq2wRKh8P83epvwE5WtHmI2i5Akc9/c
kebXCOrDAy6u2Z2OWkILfbdFczQNjZIyB/ulmp7PT3JFZiv19eCG+l0Pv6KyEr4n
//zgg1q4xuxo3L8FLvC38dP3ufUpfegw96/cD9BSZcb9KJGaH+GL1w+A6cSpmd0e
5bn0bgHw63nKopVIMjTitJ93IgmIdwqqK89kdYbg5AROQB9L+whi4SRFM+Y+Xg5E
nrGnHMvKBQnQfUmVAABRanIcNCP85QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLhh
ZtGt5HkRPz+rieEMqSStDDH+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTRBM0RFNjNCRDcxMUYwQTVDMjZCRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQABLcRNf0LyeecjOFj+hfTV5YnPA1WaF19TU9pOul2ZXy+v
sCAli36y0iMyRpweC8ibMCoau8x8QERmnw2kkR5jJvkZjSkPmd7VwZCFwpvijRN1
aKUj62vJ2/kvDlePwWw3aGxUncUTCvPvG0vDl9e7t91NG2qLLqRIsGOgqE8UEsqC
wcERib2o49N8GDhn4q4fJqD6PJjDOGIsasLRtQK0ZGYmQ5RrK/tQWkROGmBdGmIq
Jwcv+r17Svmcws7DZo2X1mLC6qxkjEny86ePZ0eLo+pS9s/ljqeeBpQD5YK1NZPX
hItWGUd41I8yeJrC3YDV52HJwBgc82pobrl+Bs2d
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:41:29 2025 by rpki-client