Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C28B71521EDB11ED9F1C36BAF1222468.roa
File:                     C28B71521EDB11ED9F1C36BAF1222468.roa (raw, json)
Hash identifier:          SvSpPhxz5fFmlXH3DBvE1L6fLwRA8Mj2rmvC8hR2N70=
Subject key identifier:   69:9E:02:2C:4E:CE:4E:D2:2A:B7:2D:5E:AD:EF:AB:0A:2E:0D:8A:8C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       1849
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C28B71521EDB11ED9F1C36BAF1222468.roa
Signing time:             Thu 18 Aug 2022 09:54:33 +0000
ROA not before:           Thu 18 Aug 2022 09:54:27 +0000
ROA not after:            Fri 25 Aug 2023 09:54:27 +0000
asID:                     136785
IP address blocks:        154.86.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6217 (0x1849)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 18 09:54:27 2022 GMT
            Not After : Aug 25 09:54:27 2023 GMT
        Subject: CN=62fe0c59-81f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:02:00:01:96:66:7c:68:9c:fa:bd:df:c8:67:
                    6e:cd:25:cf:f7:d9:31:e8:3e:40:46:88:ad:f1:20:
                    e3:db:a0:b3:b1:1f:20:ad:c3:ca:d3:fb:1b:07:a3:
                    66:d3:39:d7:5a:1f:5d:90:e1:c9:b1:ab:d9:e1:09:
                    86:58:02:a3:93:ae:fa:2c:76:dd:5e:f7:b0:b7:42:
                    c0:4e:f6:70:df:c5:d0:56:28:f0:a1:97:dc:cb:0f:
                    8d:ec:01:6e:04:42:ac:ad:1d:04:2e:88:7b:1e:31:
                    85:bc:84:88:f4:04:74:51:a6:57:50:b9:f0:c4:e6:
                    be:0b:76:ff:d8:14:a7:bb:08:0f:b9:31:74:92:0d:
                    47:b9:95:58:23:63:3c:0d:33:cf:29:ed:c0:b2:2b:
                    42:02:8d:0b:c2:91:ec:d4:20:bb:64:96:cd:03:8a:
                    1f:89:85:22:db:ed:fb:1f:10:d1:3b:b6:41:59:21:
                    19:1e:ea:8f:0d:35:e6:bc:d7:c2:bb:38:64:b2:d2:
                    66:a7:96:13:d4:3e:12:12:bc:9d:10:d5:db:1b:48:
                    73:fc:10:9b:69:1b:44:46:62:6a:c7:1b:56:f5:9b:
                    21:86:94:78:a0:f6:d5:05:3d:8d:a0:2e:36:b1:bd:
                    e7:7e:2f:27:10:85:f8:a4:12:3c:11:f0:e7:3c:dc:
                    93:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:9E:02:2C:4E:CE:4E:D2:2A:B7:2D:5E:AD:EF:AB:0A:2E:0D:8A:8C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C28B71521EDB11ED9F1C36BAF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.86.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:77:24:cb:46:0b:bf:b3:63:34:b3:67:dd:4f:09:fc:cd:5d:
         05:14:b0:fd:de:89:82:da:85:33:cc:71:9e:31:e7:8b:d1:a0:
         28:46:c9:de:6c:a7:a8:e7:c7:18:d5:1c:31:1c:cb:3e:90:14:
         4e:4c:ff:f0:65:e6:f0:c9:8d:6d:d1:3a:c5:bc:aa:d9:bb:b8:
         cc:fa:0a:54:64:ed:81:0a:a2:41:0e:f0:17:8d:f7:ad:b4:5b:
         23:68:4b:55:88:5d:be:1b:8e:ad:85:6d:27:8c:2b:91:4f:fd:
         b8:61:0c:4c:de:15:90:3b:ad:f4:a4:fb:e8:e4:4d:28:6c:61:
         7d:cb:9c:4c:b0:19:9e:b8:ff:c8:7b:9b:13:d3:1b:1e:87:b5:
         a2:da:a4:60:4c:9d:17:b3:fc:12:db:62:b5:ec:f2:85:a8:65:
         fb:94:7d:64:c3:49:b1:0d:b7:20:11:9d:35:21:19:b9:fc:59:
         17:4c:92:54:ac:5a:e1:a5:5b:7d:69:73:07:a9:e5:b2:68:d3:
         c7:e3:78:b2:cd:0c:86:bf:01:81:32:85:28:e9:52:5c:a5:06:
         86:89:43:f2:d7:3a:d3:7b:a5:c9:61:22:91:e1:8b:a6:3d:04:
         e0:da:41:d1:90:17:4b:77:f1:ab:a4:54:23:73:11:04:a0:53:
         07:6e:3f:b7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGEkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA4MTgwOTU0MjdaFw0yMzA4MjUwOTU0MjdaMBgxFjAU
BgNVBAMMDTYyZmUwYzU5LTgxZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1AgABlmZ8aJz6vd/IZ27NJc/32THoPkBGiK3xIOPboLOxHyCtw8rT+xsH
o2bTOddaH12Q4cmxq9nhCYZYAqOTrvosdt1e97C3QsBO9nDfxdBWKPChl9zLD43s
AW4EQqytHQQuiHseMYW8hIj0BHRRpldQufDE5r4Ldv/YFKe7CA+5MXSSDUe5lVgj
YzwNM88p7cCyK0ICjQvCkezUILtkls0Dih+JhSLb7fsfENE7tkFZIRke6o8NNea8
18K7OGSy0manlhPUPhISvJ0Q1dsbSHP8EJtpG0RGYmrHG1b1myGGlHig9tUFPY2g
Ljaxved+LycQhfikEjwR8Oc83JPVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUaZ4C
LE7OTtIqty1ere+rCi4NiowwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0MyOEI3MTUyMUVEQjExRUQ5RjFDMzZCQUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVgEwDQYJKoZIhvcNAQEL
BQADggEBAHV3JMtGC7+zYzSzZ91PCfzNXQUUsP3eiYLahTPMcZ4x54vRoChGyd5s
p6jnxxjVHDEcyz6QFE5M//Bl5vDJjW3ROsW8qtm7uMz6ClRk7YEKokEO8BeN9620
WyNoS1WIXb4bjq2FbSeMK5FP/bhhDEzeFZA7rfSk++jkTShsYX3LnEywGZ64/8h7
mxPTGx6HtaLapGBMnRez/BLbYrXs8oWoZfuUfWTDSbENtyARnTUhGbn8WRdMklSs
WuGlW31pcwep5bJo08fjeLLNDIa/AYEyhSjpUlylBoaJQ/LXOtN7pclhIpHhi6Y9
BODaQdGQF0t38aukVCNzEQSgUwduP7c=
-----END CERTIFICATE-----
Generated at Fri Aug 25 16:23:49 2023 by rpki-client on console-ams.rpki-client.org