Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3BD600541911ECAFFD7F4FD8A014CE.roa
File:                     CE3BD600541911ECAFFD7F4FD8A014CE.roa (raw, json)
Hash identifier:          UawX7vs+QkLZb8JOjKGFJwbCDiEowWVbXhOgdZKmaws=
Subject key identifier:   28:25:95:AF:85:49:8B:E6:16:09:45:9B:72:DE:46:F4:8A:C7:25:FB
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       12EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3BD600541911ECAFFD7F4FD8A014CE.roa
Signing time:             Fri 03 Dec 2021 09:17:15 +0000
ROA not before:           Fri 03 Dec 2021 09:17:11 +0000
ROA not after:            Fri 30 Dec 2022 09:17:11 +0000
asID:                     135391
IP address blocks:        154.91.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4844 (0x12ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec  3 09:17:11 2021 GMT
            Not After : Dec 30 09:17:11 2022 GMT
        Subject: CN=61a9e09b-6e2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:86:42:4e:5c:9e:57:02:1b:5f:20:82:99:a2:
                    49:95:89:f7:90:26:f3:dc:21:78:26:62:22:b2:e3:
                    39:7f:57:5e:bb:2f:2a:7a:06:f8:33:cc:f0:36:eb:
                    49:35:5a:b5:c0:83:45:14:54:b1:6d:e2:3c:11:3a:
                    71:12:3f:82:c6:fc:85:27:26:5f:0a:18:3e:87:64:
                    74:6b:b1:29:cc:13:b9:60:5b:ce:c9:99:47:fe:9a:
                    c8:2d:0b:c7:60:a8:31:b5:7b:c7:35:d2:dd:07:17:
                    af:41:1b:45:7c:2b:37:5a:4d:4b:75:e1:a6:e8:df:
                    75:0f:03:bf:5b:6e:f7:9a:aa:65:07:4e:26:ae:34:
                    07:a2:f6:34:c4:e5:0c:f9:42:ed:59:47:42:fe:05:
                    0d:2f:b5:89:21:68:81:ea:71:5d:5d:63:ad:f2:18:
                    3b:0c:05:27:81:4a:cb:71:89:ae:df:df:74:75:fe:
                    29:56:c3:f9:63:90:ed:77:a1:2f:58:34:62:5f:50:
                    94:7f:5e:5a:ac:5a:8b:4b:03:55:59:58:bb:a2:7b:
                    7a:95:b0:a7:b5:80:d2:4b:e3:15:82:75:81:3c:27:
                    92:69:c1:f3:a5:c4:d0:65:7c:f7:7c:96:fe:20:eb:
                    f0:ef:5b:57:5b:08:f3:d0:f3:02:c1:18:c1:d1:48:
                    b6:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:25:95:AF:85:49:8B:E6:16:09:45:9B:72:DE:46:F4:8A:C7:25:FB
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3BD600541911ECAFFD7F4FD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.91.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:dc:28:12:cd:a2:25:7f:b1:83:71:e0:ad:bf:dc:9c:4e:c3:
         87:2c:47:ed:73:52:e2:ad:b8:0f:d8:c4:40:7c:74:36:24:18:
         8d:76:1a:ec:dc:2b:71:c7:bb:4b:56:95:17:51:fa:64:26:42:
         3c:7d:f6:1b:a1:93:4d:26:39:d4:64:e8:f9:7d:a2:1a:50:fb:
         53:71:f8:2d:9b:6d:ca:ce:b7:05:0f:9d:63:17:8c:f3:ad:9d:
         74:45:95:6d:ef:81:12:42:30:90:cc:af:6a:f7:39:83:a8:e9:
         52:f1:28:0b:fa:d6:fa:92:75:d2:47:0a:37:92:fd:a8:aa:e0:
         f3:4d:ae:f3:8d:ff:b5:39:eb:ec:a3:dd:38:47:2c:6c:11:4f:
         ae:51:df:e3:9d:d4:df:2f:c1:3f:05:f4:32:00:0b:06:28:19:
         45:df:8a:27:89:b6:46:09:67:b2:3c:91:b1:c6:48:4c:58:7c:
         dd:77:76:d2:55:a4:ff:2a:b2:14:89:c6:b6:6b:41:13:72:be:
         a3:c9:bc:f3:94:26:bd:fe:cb:7c:a0:de:de:92:f6:11:fe:f6:
         70:ea:9c:5f:3c:2c:11:14:c9:85:10:cf:90:86:90:45:6e:93:
         b6:59:e9:fb:7d:85:cf:82:b5:a1:c9:f7:cc:91:0d:16:04:a7:
         f2:58:02:3b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEuwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMTEyMDMwOTE3MTFaFw0yMjEyMzAwOTE3MTFaMBgxFjAU
BgNVBAMMDTYxYTllMDliLTZlMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxhkJOXJ5XAhtfIIKZokmVifeQJvPcIXgmYiKy4zl/V167Lyp6BvgzzPA2
60k1WrXAg0UUVLFt4jwROnESP4LG/IUnJl8KGD6HZHRrsSnME7lgW87JmUf+msgt
C8dgqDG1e8c10t0HF69BG0V8KzdaTUt14abo33UPA79bbveaqmUHTiauNAei9jTE
5Qz5Qu1ZR0L+BQ0vtYkhaIHqcV1dY63yGDsMBSeBSstxia7f33R1/ilWw/ljkO13
oS9YNGJfUJR/XlqsWotLA1VZWLuie3qVsKe1gNJL4xWCdYE8J5JpwfOlxNBlfPd8
lv4g6/DvW1dbCPPQ8wLBGMHRSLbHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKCWV
r4VJi+YWCUWbct5G9IrHJfswHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0NFM0JENjAwNTQxOTExRUNBRkZEN0Y0RkQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaWyQwDQYJKoZIhvcNAQEL
BQADggEBAEPcKBLNoiV/sYNx4K2/3JxOw4csR+1zUuKtuA/YxEB8dDYkGI12Guzc
K3HHu0tWlRdR+mQmQjx99huhk00mOdRk6Pl9ohpQ+1Nx+C2bbcrOtwUPnWMXjPOt
nXRFlW3vgRJCMJDMr2r3OYOo6VLxKAv61vqSddJHCjeS/aiq4PNNrvON/7U56+yj
3ThHLGwRT65R3+Od1N8vwT8F9DIACwYoGUXfiieJtkYJZ7I8kbHGSExYfN13dtJV
pP8qshSJxrZrQRNyvqPJvPOUJr3+y3yg3t6S9hH+9nDqnF88LBEUyYUQz5CGkEVu
k7ZZ6ft9hc+CtaHJ98yRDRYEp/JYAjs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:14 2023 by rpki-client on console-fra.rpki-client.org