Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D53D559A90AB11EC8C8FCDBC5A40D577.roa
File:                     D53D559A90AB11EC8C8FCDBC5A40D577.roa (raw, json)
Hash identifier:          y8Seg7Z6BOTayyg82QLRH7R6LpZROfvWMosybs/Q4AM=
Subject key identifier:   1C:E1:F8:8C:E9:F2:C5:99:79:0C:2A:A0:8F:96:4D:2F:9F:B1:5F:E4
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       14EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D53D559A90AB11EC8C8FCDBC5A40D577.roa
Signing time:             Fri 18 Feb 2022 11:13:43 +0000
ROA not before:           Fri 18 Feb 2022 11:13:40 +0000
ROA not after:            Fri 30 Dec 2022 11:13:40 +0000
asID:                     137951
IP address blocks:        154.210.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5356 (0x14ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Feb 18 11:13:40 2022 GMT
            Not After : Dec 30 11:13:40 2022 GMT
        Subject: CN=620f7f67-ae7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3e:df:4a:20:37:69:6e:5c:91:f4:43:b9:16:
                    bd:98:f6:49:db:5e:12:c0:bb:29:b2:1e:b2:ee:08:
                    b6:15:77:6c:41:4f:09:a2:f3:22:d7:a3:41:14:ed:
                    f7:b5:0f:2b:ee:75:20:82:25:82:00:d0:c8:10:35:
                    ed:d9:bf:16:f3:76:80:5d:a2:6d:e0:4c:cf:ec:ba:
                    7f:a6:7b:7a:42:7c:00:6e:fa:4d:43:be:17:fe:db:
                    54:ee:9c:63:b1:e0:0c:7d:39:e4:39:bb:1a:b4:81:
                    6b:bc:ff:b9:36:c6:e8:10:56:34:de:01:bb:8f:56:
                    ea:d7:e1:26:0a:cc:76:28:99:be:a1:ec:7e:e9:10:
                    d2:77:f1:41:13:06:c0:4b:71:7b:ef:97:39:11:f8:
                    42:9f:53:89:4e:df:cf:ed:2a:0f:e1:10:ce:f8:11:
                    1b:82:fe:c6:34:5a:8f:18:9e:8a:80:2f:0f:63:83:
                    e0:7d:42:11:7f:67:ec:f2:8f:15:5b:b6:6c:ce:ef:
                    81:cf:42:3c:28:57:69:02:a0:88:69:85:54:41:8f:
                    67:e7:b2:9f:51:63:58:b2:c9:c6:30:27:81:df:37:
                    90:34:1b:69:dd:de:70:bc:04:a3:be:1b:a5:df:ac:
                    c9:89:57:56:02:2f:c7:5e:5b:12:31:68:4c:92:2c:
                    6a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:E1:F8:8C:E9:F2:C5:99:79:0C:2A:A0:8F:96:4D:2F:9F:B1:5F:E4
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D53D559A90AB11EC8C8FCDBC5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.210.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:86:34:33:b9:d2:13:d3:f6:50:04:5a:d5:b6:f5:9f:da:8f:
         22:af:93:37:c6:b1:48:e2:cd:59:81:8b:b0:27:ea:14:50:05:
         03:1e:32:3c:43:07:fb:90:49:19:0b:70:0f:e5:b4:14:15:2c:
         c1:6e:4e:55:9d:1d:60:bf:30:49:f7:21:36:80:07:54:fc:1a:
         2e:40:b5:13:9e:86:4f:2a:f5:76:04:23:9a:89:73:8c:80:a2:
         80:7b:5e:c6:d8:d2:80:cb:87:fd:6e:3f:f5:15:bc:29:74:2c:
         03:1f:6d:d5:e6:81:b0:e7:62:11:5d:a6:e9:1f:c3:1d:5e:94:
         9b:44:d5:2d:63:36:e5:52:e4:28:4c:9e:57:d6:89:fd:97:16:
         fd:33:1f:d4:ad:27:e3:a0:6d:f4:92:a3:d3:c0:fe:6b:81:0c:
         2d:9f:bb:b7:71:1f:43:cd:5b:ff:e7:ea:fd:35:e1:c6:1f:6f:
         0a:9a:6c:3f:65:c2:57:f2:23:63:42:c9:39:94:6a:b1:db:81:
         c1:39:23:a6:fc:2f:3a:40:ba:d9:11:95:61:2b:ce:5b:28:2d:
         b3:3d:2c:5b:9b:a4:2b:44:a7:a3:d7:83:69:c2:7c:cf:a9:d7:
         96:c8:48:f2:ab:eb:75:2b:c5:6a:76:9d:00:11:82:f4:8b:10:
         b2:db:da:e3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjAyMTgxMTEzNDBaFw0yMjEyMzAxMTEzNDBaMBgxFjAU
BgNVBAMMDTYyMGY3ZjY3LWFlN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVPt9KIDdpblyR9EO5Fr2Y9knbXhLAuymyHrLuCLYVd2xBTwmi8yLXo0EU
7fe1DyvudSCCJYIA0MgQNe3ZvxbzdoBdom3gTM/sun+me3pCfABu+k1Dvhf+21Tu
nGOx4Ax9OeQ5uxq0gWu8/7k2xugQVjTeAbuPVurX4SYKzHYomb6h7H7pENJ38UET
BsBLcXvvlzkR+EKfU4lO38/tKg/hEM74ERuC/sY0Wo8YnoqALw9jg+B9QhF/Z+zy
jxVbtmzO74HPQjwoV2kCoIhphVRBj2fnsp9RY1iyycYwJ4HfN5A0G2nd3nC8BKO+
G6XfrMmJV1YCL8deWxIxaEySLGrzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHOH4
jOnyxZl5DCqgj5ZNL5+xX+QwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0Q1M0Q1NTlBOTBBQjExRUM4QzhGQ0RCQzVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0lAwDQYJKoZIhvcNAQEL
BQADggEBAKuGNDO50hPT9lAEWtW29Z/ajyKvkzfGsUjizVmBi7An6hRQBQMeMjxD
B/uQSRkLcA/ltBQVLMFuTlWdHWC/MEn3ITaAB1T8Gi5AtROehk8q9XYEI5qJc4yA
ooB7XsbY0oDLh/1uP/UVvCl0LAMfbdXmgbDnYhFdpukfwx1elJtE1S1jNuVS5ChM
nlfWif2XFv0zH9StJ+OgbfSSo9PA/muBDC2fu7dxH0PNW//n6v014cYfbwqabD9l
wlfyI2NCyTmUarHbgcE5I6b8LzpAutkRlWErzlsoLbM9LFubpCtEp6PXg2nCfM+p
15bISPKr63UrxWp2nQARgvSLELLb2uM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:14 2023 by rpki-client on console-fra.rpki-client.org