Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7B59DAE57C11EBAD13F928F8AEA228.roa
File:                     BA7B59DAE57C11EBAD13F928F8AEA228.roa (raw, json)
Hash identifier:          J4I0RJY54cpGNgRSDnZIkQisyUU1pk9WCc1erzIsWYA=
Subject key identifier:   58:36:FD:18:BA:5B:0F:9E:71:8C:E4:08:0A:FA:81:37:7A:FE:8B:39
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       07B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7B59DAE57C11EBAD13F928F8AEA228.roa
Signing time:             Thu 15 Jul 2021 14:55:43 +0000
ROA not before:           Thu 15 Jul 2021 14:55:37 +0000
ROA not after:            Sat 09 Jul 2022 14:55:37 +0000
asID:                     397630
IP address blocks:        154.201.47.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1970 (0x7b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 15 14:55:37 2021 GMT
            Not After : Jul  9 14:55:37 2022 GMT
        Subject: CN=60f04c6f-7ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:71:65:cb:c7:6e:2a:8b:c9:39:7a:d9:0c:37:
                    a6:8a:7c:46:d3:0a:33:3a:e6:a2:31:1b:29:ff:eb:
                    4e:e4:60:99:bf:8d:e8:d0:aa:ac:8c:3f:bb:33:73:
                    e6:26:a3:57:2f:86:2c:27:71:d1:12:9c:98:c9:69:
                    1f:96:51:f9:da:ec:b6:2e:df:84:cb:07:52:24:1e:
                    ab:8c:d9:84:87:17:fd:f8:e0:40:98:aa:b6:57:a1:
                    08:59:64:0e:e0:b9:98:4e:00:e8:e8:d8:c0:aa:35:
                    b3:e7:0e:8a:4e:82:d4:63:25:71:8f:60:82:27:9c:
                    c6:59:71:31:27:ef:d1:a3:2b:d5:81:b0:31:46:77:
                    ce:3a:3c:83:b3:98:d6:e1:b4:02:47:0d:77:6b:14:
                    8e:50:93:f8:b9:b7:dc:20:77:87:9b:2a:ee:1c:d0:
                    a9:98:12:f8:0a:57:ca:4f:b9:38:39:ef:7c:a5:85:
                    45:5c:91:a7:b7:85:3c:2a:14:2d:08:77:c0:e5:54:
                    26:26:c5:7c:c8:05:17:d2:84:04:a8:bf:a6:4c:22:
                    91:e6:53:9e:a4:01:c6:c4:4f:7f:3a:d5:17:b8:ce:
                    e4:8a:e9:14:d2:60:68:03:fd:67:ff:f8:60:17:c0:
                    ab:94:a4:ed:33:44:af:89:e1:d1:f3:b7:0d:9f:b4:
                    a8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:36:FD:18:BA:5B:0F:9E:71:8C:E4:08:0A:FA:81:37:7A:FE:8B:39
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7B59DAE57C11EBAD13F928F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:16:bd:7f:99:c0:f5:9e:63:71:96:55:73:76:aa:83:82:3f:
         5c:c5:aa:41:d6:37:b0:8e:f2:dd:11:82:1d:7b:f0:b8:4d:26:
         2c:31:4c:75:8c:ac:f5:bc:5b:86:6b:8c:c9:c3:2e:c9:0c:a4:
         d0:a2:14:8a:80:67:b2:0e:20:6b:c0:ec:f2:72:d3:2d:62:12:
         0d:3b:b5:15:a7:6b:9d:49:6c:41:ca:92:2e:94:a4:16:6f:15:
         8e:e2:bd:c4:ac:95:8d:07:c3:f1:b9:00:fb:63:52:07:5f:14:
         77:aa:19:98:67:86:6f:e3:c2:dd:ca:12:b6:06:f9:0e:65:1a:
         e5:ff:34:f2:f6:f4:b6:9b:b1:9e:03:38:5c:aa:60:85:ba:42:
         c8:19:69:fe:5e:0b:c5:10:9d:98:25:a7:a8:e6:36:9d:84:7e:
         58:b9:5b:21:3c:87:1e:b4:aa:b2:1e:d0:6d:83:ef:ca:2d:35:
         34:20:50:df:ff:eb:59:ed:81:d0:8c:6b:a1:a1:d6:b4:7f:b1:
         52:a2:7a:b5:00:dd:88:55:fc:02:39:08:aa:ba:16:1b:0f:0c:
         da:dc:df:f7:83:ed:7a:16:b0:7c:41:a9:15:58:b3:9c:72:cc:
         41:2d:83:11:6f:78:0c:fe:af:c6:b9:b7:e8:be:0c:64:c3:7a:
         71:23:0f:a6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB7IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMTA3MTUxNDU1MzdaFw0yMjA3MDkxNDU1MzdaMBgxFjAU
BgNVBAMTDTYwZjA0YzZmLTdjYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxcWXLx24qi8k5etkMN6aKfEbTCjM65qIxGyn/607kYJm/jejQqqyMP7sz
c+Ymo1cvhiwncdESnJjJaR+WUfna7LYu34TLB1IkHquM2YSHF/344ECYqrZXoQhZ
ZA7guZhOAOjo2MCqNbPnDopOgtRjJXGPYIInnMZZcTEn79GjK9WBsDFGd846PIOz
mNbhtAJHDXdrFI5Qk/i5t9wgd4ebKu4c0KmYEvgKV8pPuTg573ylhUVckae3hTwq
FC0Id8DlVCYmxXzIBRfShASov6ZMIpHmU56kAcbET3861Re4zuSK6RTSYGgD/Wf/
+GAXwKuUpO0zRK+J4dHztw2ftKgvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWDb9
GLpbD55xjOQICvqBN3r+izkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JBN0I1OURBRTU3QzExRUJBRDEzRjkyOEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACayS8wDQYJKoZIhvcNAQEL
BQADggEBAAIWvX+ZwPWeY3GWVXN2qoOCP1zFqkHWN7CO8t0Rgh178LhNJiwxTHWM
rPW8W4ZrjMnDLskMpNCiFIqAZ7IOIGvA7PJy0y1iEg07tRWna51JbEHKki6UpBZv
FY7ivcSslY0Hw/G5APtjUgdfFHeqGZhnhm/jwt3KErYG+Q5lGuX/NPL29LabsZ4D
OFyqYIW6QsgZaf5eC8UQnZglp6jmNp2Efli5WyE8hx60qrIe0G2D78otNTQgUN//
61ntgdCMa6Gh1rR/sVKierUA3YhV/AI5CKq6FhsPDNrc3/eD7XoWsHxBqRVYs5xy
zEEtgxFveAz+r8a5t+i+DGTDenEjD6Y=
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:44:36 2025 by rpki-client