Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6A3DD985BB611EC916A39C45A40D577.roa
File:                     D6A3DD985BB611EC916A39C45A40D577.roa (raw, json)
Hash identifier:          Nk0zSeM1hvTDsAXpeKbo/TByfI2M+kcTAF9EcC8brQM=
Subject key identifier:   45:C8:EB:18:DD:56:5D:C5:E4:54:62:27:10:0E:4D:0F:F9:9A:8D:26
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       13B9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6A3DD985BB611EC916A39C45A40D577.roa
Signing time:             Mon 13 Dec 2021 01:48:58 +0000
ROA not before:           Mon 13 Dec 2021 01:48:55 +0000
ROA not after:            Fri 30 Dec 2022 01:48:55 +0000
asID:                     135097
IP address blocks:        154.204.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5049 (0x13b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 13 01:48:55 2021 GMT
            Not After : Dec 30 01:48:55 2022 GMT
        Subject: CN=61b6a68a-8be9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a7:4b:25:e6:d2:9a:4d:75:16:a6:b0:91:8b:
                    e7:fe:45:e1:2c:37:76:c1:62:e6:3e:8e:24:f7:3d:
                    fe:41:e8:ba:e2:0d:b4:29:61:84:b2:34:f7:39:53:
                    4c:7e:1f:ee:d2:a6:c2:34:12:98:d1:c1:c5:e7:97:
                    07:0f:88:17:e6:9d:dc:84:e8:e4:62:5f:59:bc:ed:
                    cb:18:6c:31:07:10:c4:d7:8e:a8:7a:ba:3e:71:91:
                    d7:db:d2:e0:22:22:11:33:b4:de:18:03:6f:c3:72:
                    54:e8:8d:88:57:86:b8:93:c8:5e:7c:79:6a:f6:37:
                    26:d7:81:fd:23:29:84:79:78:a3:a7:55:64:32:f9:
                    f1:5a:93:81:eb:03:e5:68:64:04:45:db:64:98:a2:
                    e8:78:5a:4b:79:20:ed:31:db:96:ce:25:25:5f:9e:
                    2a:16:da:ac:20:21:14:06:6a:3a:7c:c1:f0:ba:e5:
                    25:e9:59:3b:30:c1:5b:61:9d:ca:d2:1b:cd:d3:a2:
                    b3:b8:25:bc:9b:ed:b4:fe:02:28:05:fc:70:09:6f:
                    ee:f3:6d:47:41:9f:b0:c5:a4:b2:bc:f7:d5:4f:c3:
                    3b:92:45:b1:73:07:6e:42:e3:c1:65:f3:6e:3f:56:
                    bd:3b:c3:31:35:41:a9:58:02:4d:3c:02:33:23:ac:
                    98:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:C8:EB:18:DD:56:5D:C5:E4:54:62:27:10:0E:4D:0F:F9:9A:8D:26
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6A3DD985BB611EC916A39C45A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.204.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:29:3d:e2:69:6a:7d:2b:14:8d:1a:23:19:0a:64:97:50:91:
         92:30:2b:d8:d7:ae:7f:b0:8f:8c:37:f9:10:ad:4d:fb:f3:e6:
         09:f2:3d:41:98:2f:2d:9a:04:d4:24:96:ae:77:13:03:60:61:
         df:dd:ee:6e:4d:74:ae:be:83:5d:d9:31:64:76:7e:17:f2:d9:
         48:4e:d1:d7:61:9a:13:d1:1a:dd:5d:27:20:7a:4b:e5:a1:c8:
         14:bd:c8:18:d8:e1:a8:d6:df:40:00:f5:c5:40:02:ae:a4:85:
         25:39:49:f3:a8:60:47:be:57:ba:9b:8f:39:01:81:98:46:56:
         65:03:cf:e7:49:d9:77:39:11:4c:82:62:38:2f:23:13:c6:13:
         3c:13:80:ab:06:35:ff:72:a2:bf:d3:81:f7:78:ec:b7:a7:5d:
         0d:81:e0:34:c6:a8:cf:7c:e3:c4:35:98:39:7e:0b:6a:ed:9e:
         62:5d:3a:1c:a4:3d:a8:44:9b:f7:ec:16:6b:ba:39:55:16:dd:
         ff:05:a7:87:e2:44:d5:33:a2:2d:3b:ad:91:00:28:68:b7:8c:
         4c:67:57:41:c2:21:bb:4f:7c:d1:68:a8:41:d6:9f:4b:10:3e:
         c3:e7:2f:a0:06:ca:a8:4e:73:0d:f8:db:11:b2:e8:8b:85:1f:
         54:1e:19:b9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE7kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMTEyMTMwMTQ4NTVaFw0yMjEyMzAwMTQ4NTVaMBgxFjAU
BgNVBAMMDTYxYjZhNjhhLThiZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJp0sl5tKaTXUWprCRi+f+ReEsN3bBYuY+jiT3Pf5B6LriDbQpYYSyNPc5
U0x+H+7SpsI0EpjRwcXnlwcPiBfmndyE6ORiX1m87csYbDEHEMTXjqh6uj5xkdfb
0uAiIhEztN4YA2/DclTojYhXhriTyF58eWr2NybXgf0jKYR5eKOnVWQy+fFak4Hr
A+VoZARF22SYouh4Wkt5IO0x25bOJSVfnioW2qwgIRQGajp8wfC65SXpWTswwVth
ncrSG83TorO4Jbyb7bT+AigF/HAJb+7zbUdBn7DFpLK899VPwzuSRbFzB25C48Fl
824/Vr07wzE1QalYAk08AjMjrJhpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURcjr
GN1WXcXkVGInEA5ND/majSYwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0Q2QTNERDk4NUJCNjExRUM5MTZBMzlDNDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazEkwDQYJKoZIhvcNAQEL
BQADggEBAEEpPeJpan0rFI0aIxkKZJdQkZIwK9jXrn+wj4w3+RCtTfvz5gnyPUGY
Ly2aBNQklq53EwNgYd/d7m5NdK6+g13ZMWR2fhfy2UhO0ddhmhPRGt1dJyB6S+Wh
yBS9yBjY4ajW30AA9cVAAq6khSU5SfOoYEe+V7qbjzkBgZhGVmUDz+dJ2Xc5EUyC
YjgvIxPGEzwTgKsGNf9yor/Tgfd47LenXQ2B4DTGqM9848Q1mDl+C2rtnmJdOhyk
PahEm/fsFmu6OVUW3f8Fp4fiRNUzoi07rZEAKGi3jExnV0HCIbtPfNFoqEHWn0sQ
PsPnL6AGyqhOcw342xGy6IuFH1QeGbk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:14 2023 by rpki-client on console-fra.rpki-client.org