Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7DDB08488511ECA9F76335D8A014CE.roa
File:                     BF7DDB08488511ECA9F76335D8A014CE.roa (raw, json)
Hash identifier:          2UUYq7Ov1w7Y5drirZyAPVh4mKA+4enTmpPS+RuTD2w=
Subject key identifier:   36:23:73:E3:AE:A1:F1:07:D8:B3:9D:9B:B3:B2:A0:4B:D4:D8:5E:A9
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0D42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7DDB08488511ECA9F76335D8A014CE.roa
Signing time:             Thu 18 Nov 2021 15:39:42 +0000
ROA not before:           Fri 19 Nov 2021 15:39:39 +0000
ROA not after:            Sat 19 Nov 2022 15:39:39 +0000
asID:                     139879
IP address blocks:        154.80.27.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3394 (0xd42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 19 15:39:39 2021 GMT
            Not After : Nov 19 15:39:39 2022 GMT
        Subject: CN=619673be-e9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:1b:d3:6d:47:a6:f3:10:7b:ba:a5:76:18:5e:
                    f0:52:9e:72:ab:4c:78:4e:41:65:74:e2:8f:fc:3a:
                    76:e8:bf:c1:0b:94:e9:29:b4:b1:d2:32:0a:3c:03:
                    6e:a5:bb:71:67:f1:b8:5c:64:93:88:c6:6d:6a:ca:
                    b7:81:15:e9:b8:e2:c7:f9:e9:8d:db:33:cb:b8:01:
                    b9:60:dd:53:8a:05:dd:47:da:0d:98:80:08:d1:bd:
                    7f:b8:25:19:40:d8:b7:7c:94:19:9f:6a:80:a9:86:
                    cd:40:44:4e:88:63:20:8f:3c:20:4b:ad:56:b4:80:
                    1e:ef:54:39:09:16:4b:63:88:d1:4f:12:39:ec:a8:
                    73:73:1e:ab:4a:dd:8c:be:fe:c4:ea:0d:07:24:85:
                    16:af:85:dc:f8:a6:1b:71:7d:66:2b:b4:75:85:e5:
                    02:9a:a9:2d:23:fa:79:a7:4f:29:ca:70:a4:92:cd:
                    b0:dc:73:d5:0c:c7:83:51:45:9f:57:a1:7b:24:0e:
                    20:6b:9a:5d:ea:91:ff:6c:5c:a0:b4:f5:31:d9:46:
                    51:9e:a3:31:c3:77:3d:d7:49:ba:f7:ac:a4:bd:50:
                    1b:22:42:4f:5e:58:a5:f3:f2:2e:f4:8c:af:97:f4:
                    7b:df:97:bb:19:d1:6b:de:b4:7d:4f:83:9e:44:c0:
                    90:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:23:73:E3:AE:A1:F1:07:D8:B3:9D:9B:B3:B2:A0:4B:D4:D8:5E:A9
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7DDB08488511ECA9F76335D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.80.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:df:c2:31:66:eb:e2:89:f4:db:94:9a:b9:41:22:da:26:53:
         ff:31:97:e3:af:4d:8a:c9:50:54:a5:ee:d8:5f:0e:e3:1d:db:
         00:ac:d3:63:de:ab:b1:f6:a4:de:f3:c1:f1:c0:77:bd:e3:fb:
         53:b6:06:ef:a8:65:3a:f3:59:c4:f5:a4:cc:0a:d1:5b:aa:f8:
         00:37:95:ee:05:a1:e2:16:46:5c:b7:15:28:e2:a5:a8:85:bf:
         34:28:96:02:f5:e6:37:b9:de:2b:e7:6b:35:d8:a2:cd:3b:6c:
         83:0e:82:9f:9c:98:d0:8b:4d:f0:56:d8:f5:4f:9d:af:41:56:
         80:5d:90:2d:15:5d:be:58:29:8a:25:f7:00:26:7f:42:f5:61:
         0d:77:c4:8e:90:7b:c7:73:d4:51:fd:7b:7b:85:f5:49:b0:7e:
         f0:a2:84:10:86:d3:4b:69:5f:5e:7e:37:66:56:55:96:b2:9e:
         9c:0f:f0:99:cf:4c:5f:6e:38:d5:ac:71:6e:96:e7:45:e3:5a:
         4a:b3:48:65:99:12:07:82:17:c6:4b:ab:24:49:c9:98:a2:a8:
         e1:6c:24:73:67:0d:d4:57:d0:64:be:6d:0a:48:e0:bb:8e:23:
         e8:3e:2d:22:52:e0:cc:aa:10:4f:58:15:8d:ab:a6:f9:ae:4a:
         e6:33:85:9c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDUIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMTExMTkxNTM5MzlaFw0yMjExMTkxNTM5MzlaMBgxFjAU
BgNVBAMMDTYxOTY3M2JlLWU5YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcG9NtR6bzEHu6pXYYXvBSnnKrTHhOQWV04o/8Onbov8ELlOkptLHSMgo8
A26lu3Fn8bhcZJOIxm1qyreBFem44sf56Y3bM8u4Ablg3VOKBd1H2g2YgAjRvX+4
JRlA2Ld8lBmfaoCphs1ARE6IYyCPPCBLrVa0gB7vVDkJFktjiNFPEjnsqHNzHqtK
3Yy+/sTqDQckhRavhdz4phtxfWYrtHWF5QKaqS0j+nmnTynKcKSSzbDcc9UMx4NR
RZ9XoXskDiBrml3qkf9sXKC09THZRlGeozHDdz3XSbr3rKS9UBsiQk9eWKXz8i70
jK+X9Hvfl7sZ0WvetH1Pg55EwJCBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNiNz
466h8QfYs52bs7KgS9TYXqkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JGN0REQjA4NDg4NTExRUNBOUY3NjMzNUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaUBswDQYJKoZIhvcNAQEL
BQADggEBAK3fwjFm6+KJ9NuUmrlBItomU/8xl+OvTYrJUFSl7thfDuMd2wCs02Pe
q7H2pN7zwfHAd73j+1O2Bu+oZTrzWcT1pMwK0Vuq+AA3le4FoeIWRly3FSjipaiF
vzQolgL15je53ivnazXYos07bIMOgp+cmNCLTfBW2PVPna9BVoBdkC0VXb5YKYol
9wAmf0L1YQ13xI6Qe8dz1FH9e3uF9UmwfvCihBCG00tpX15+N2ZWVZaynpwP8JnP
TF9uONWscW6W50XjWkqzSGWZEgeCF8ZLqyRJyZiiqOFsJHNnDdRX0GS+bQpI4LuO
I+g+LSJS4MyqEE9YFY2rpvmuSuYzhZw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:11 2023 by rpki-client on console-ams.rpki-client.org