Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A3CA128011EFB0B6EE34017001B1.roa
File:                     BDB4A3CA128011EFB0B6EE34017001B1.roa (raw, json)
Hash identifier:          I5kR01V2V7KhQiBKASeWY0lVLtSU0nrcGyPJrTvfVvg=
Subject key identifier:   D5:61:5F:FD:90:C3:DB:22:40:1B:54:96:C5:F8:B5:BF:8C:DF:56:E0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B77B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A3CA128011EFB0B6EE34017001B1.roa
Signing time:             Wed 15 May 2024 06:02:42 +0000
ROA not before:           Wed 15 May 2024 06:02:39 +0000
ROA not after:            Sun 09 Jun 2024 06:02:39 +0000
asID:                     141883
IP address blocks:        154.214.32.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46971 (0xb77b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 15 06:02:39 2024 GMT
            Not After : Jun  9 06:02:39 2024 GMT
        Subject: CN=66445002-9858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d5:73:4b:3d:dc:7c:a3:a8:b9:62:9f:29:cc:
                    f5:0d:d1:0f:01:01:f1:27:d5:b2:29:8e:ea:75:e2:
                    96:36:dc:68:04:b4:32:f5:a5:a0:85:e0:a9:09:e3:
                    9f:eb:69:d2:c6:19:55:c6:43:eb:bd:d5:45:7a:5a:
                    f2:73:b4:c1:31:10:77:f2:51:12:1c:07:69:09:63:
                    b0:29:0e:7f:81:52:c0:af:95:d1:2f:a0:9f:e7:65:
                    5f:3d:58:76:00:63:80:f8:f9:6d:b7:20:28:75:ad:
                    1e:ea:04:95:eb:00:89:7e:c3:52:dc:1f:47:66:ab:
                    9b:56:08:60:78:20:03:1b:aa:7e:2f:58:49:63:5f:
                    8e:d5:3d:fc:55:54:70:9e:71:90:97:ff:3c:3c:9d:
                    5c:61:36:ce:2c:be:37:d2:61:be:86:8b:01:ff:27:
                    f4:fc:fe:24:c7:aa:7c:5d:86:94:3b:2a:eb:8d:15:
                    bc:36:d2:75:97:72:8f:b6:ef:9a:21:bc:7b:68:51:
                    e5:4b:cc:3f:a8:0a:d1:88:e1:40:54:c2:95:ea:10:
                    c6:a3:e5:57:6d:38:5b:54:e8:ad:b5:f8:52:1f:72:
                    c0:32:bf:fe:63:5c:e4:07:cd:c3:9b:97:d9:f7:d5:
                    94:bc:70:82:d1:94:eb:fb:e0:19:31:35:55:40:08:
                    1c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:61:5F:FD:90:C3:DB:22:40:1B:54:96:C5:F8:B5:BF:8C:DF:56:E0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A3CA128011EFB0B6EE34017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.214.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         46:e7:20:c5:11:2a:de:64:cb:47:0b:fe:18:42:01:6a:e3:1d:
         ee:f1:66:d0:0a:5b:a5:cf:c0:52:ad:16:4b:60:09:80:b9:a1:
         73:81:15:f7:6e:1d:6d:a6:ae:d0:12:56:05:b0:90:72:bf:fd:
         0b:ce:08:0b:45:57:be:e9:03:22:63:5e:9c:cf:b8:43:f1:fa:
         6f:ef:c2:03:6e:fa:2c:ae:99:b2:73:90:99:55:24:c3:fe:7d:
         cf:5d:0f:dd:bc:f0:b2:fb:ea:f8:1a:df:0e:92:08:5b:69:a2:
         27:30:eb:13:03:91:67:37:cf:94:25:63:f7:c1:b1:4f:0b:b0:
         85:c5:dc:4d:71:ae:1f:f4:28:85:da:06:ae:6f:a5:f4:c6:7c:
         39:89:31:f5:af:b4:6d:ad:1d:16:ee:b2:2d:3d:53:e9:48:47:
         0c:86:f4:58:12:91:85:2a:a1:f3:8e:46:45:cb:15:3f:64:71:
         55:64:10:41:d1:41:d2:ef:97:6b:3b:da:01:06:38:ca:d2:9c:
         5d:1b:8d:0b:b2:a3:b7:0c:6a:93:01:a9:c0:d4:1e:c2:f9:d9:
         29:e7:ba:bd:48:4c:f8:c3:a7:d8:8a:46:f0:3f:eb:02:0f:87:
         1b:67:cd:e5:61:19:cb:4e:6d:b1:e7:65:2c:80:80:80:83:41:
         11:2e:9d:9c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALd7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE1MDYwMjM5WhcNMjQwNjA5MDYwMjM5WjAYMRYw
FAYDVQQDEw02NjQ0NTAwMi05ODU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAutVzSz3cfKOouWKfKcz1DdEPAQHxJ9WyKY7qdeKWNtxoBLQy9aWgheCp
CeOf62nSxhlVxkPrvdVFelryc7TBMRB38lESHAdpCWOwKQ5/gVLAr5XRL6Cf52Vf
PVh2AGOA+PlttyAoda0e6gSV6wCJfsNS3B9HZqubVghgeCADG6p+L1hJY1+O1T38
VVRwnnGQl/88PJ1cYTbOLL430mG+hosB/yf0/P4kx6p8XYaUOyrrjRW8NtJ1l3KP
tu+aIbx7aFHlS8w/qArRiOFAVMKV6hDGo+VXbThbVOittfhSH3LAMr/+Y1zkB83D
m5fZ99WUvHCC0ZTr++AZMTVVQAgcyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNVh
X/2Qw9siQBtUlsX4tb+M31bgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREI0QTNDQTEyODAxMUVGQjBCNkVFMzQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtYgMA0GCSqGSIb3DQEB
CwUAA4IBAQBG5yDFESreZMtHC/4YQgFq4x3u8WbQClulz8BSrRZLYAmAuaFzgRX3
bh1tpq7QElYFsJByv/0LzggLRVe+6QMiY16cz7hD8fpv78IDbvosrpmyc5CZVSTD
/n3PXQ/dvPCy++r4Gt8OkghbaaInMOsTA5FnN8+UJWP3wbFPC7CFxdxNca4f9CiF
2gaub6X0xnw5iTH1r7RtrR0W7rItPVPpSEcMhvRYEpGFKqHzjkZFyxU/ZHFVZBBB
0UHS75drO9oBBjjK0pxdG40LsqO3DGqTAanA1B7C+dkp57q9SEz4w6fYikbwP+sC
D4cbZ83lYRnLTm2x52UsgICAg0ERLp2c
-----END CERTIFICATE-----
Generated at Sun Jun 9 16:18:50 2024 by rpki-client on console-fra.rpki-client.org