Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA0F1C8411B411EFA1334A3B017001B1.roa
File:                     DA0F1C8411B411EFA1334A3B017001B1.roa (raw, json)
Hash identifier:          3+PXW4GjBULCV4T37CnNkvQ/eukRY5HYfeVxiksgioI=
Subject key identifier:   50:1A:D5:6E:A3:03:A6:2F:92:B5:05:3D:14:10:DA:30:FA:A1:19:4C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B750
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA0F1C8411B411EFA1334A3B017001B1.roa
Signing time:             Tue 14 May 2024 05:43:12 +0000
ROA not before:           Tue 14 May 2024 05:43:09 +0000
ROA not after:            Thu 23 May 2024 05:43:09 +0000
asID:                     141883
IP address blocks:        154.214.32.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46928 (0xb750)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 14 05:43:09 2024 GMT
            Not After : May 23 05:43:09 2024 GMT
        Subject: CN=6642f9f0-c0f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ab:94:66:d6:67:fa:03:d4:6d:73:0f:88:2e:
                    cb:06:ba:dc:07:0b:7d:65:0f:40:73:1a:4e:d2:9f:
                    c2:17:b4:e9:c8:30:d4:6f:25:d0:47:46:28:62:b8:
                    4d:7a:fc:51:3a:55:86:0c:00:eb:b0:67:e5:be:80:
                    97:dd:d1:5c:13:1a:31:3b:d3:e6:42:5d:99:43:d1:
                    1e:4c:fb:4f:1a:df:d1:99:bd:82:c5:6b:d9:09:18:
                    0a:bb:e5:84:a7:05:4f:4e:d5:0c:b3:64:5b:08:51:
                    a9:0d:d0:f6:b5:74:b2:0c:87:4a:f9:eb:72:fd:4c:
                    79:48:29:a0:44:3b:81:b3:c6:96:e4:db:2d:50:fa:
                    5c:e3:01:bc:3e:0f:14:ce:78:d1:dd:63:c4:26:56:
                    15:2c:a5:17:67:49:8f:d7:bb:0f:f2:10:e1:99:d1:
                    2c:bd:ec:65:64:bd:2a:c7:7c:a5:dc:6a:eb:4b:26:
                    17:e0:e0:c3:38:a0:4f:d5:9d:a6:f8:6e:e3:45:cd:
                    ef:50:d1:a2:fe:30:b5:12:d3:80:81:28:f8:4d:53:
                    0d:48:bc:ce:5c:7e:e0:ba:07:6b:0e:52:0d:ad:de:
                    2b:3d:c7:3f:72:59:39:c8:15:3e:2c:a5:2c:de:eb:
                    cf:2a:c6:81:c0:a0:48:9d:f2:a9:e7:cf:48:46:9d:
                    bf:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:1A:D5:6E:A3:03:A6:2F:92:B5:05:3D:14:10:DA:30:FA:A1:19:4C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA0F1C8411B411EFA1334A3B017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.214.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         31:07:b8:05:29:70:04:29:d8:6c:f2:1d:f2:7e:5c:c7:b8:b6:
         cf:f2:13:85:83:d0:21:d4:51:63:85:c4:16:ca:90:be:fc:09:
         db:9c:1e:70:9c:b2:c0:07:e0:6b:b2:c2:28:19:9a:1c:6a:22:
         65:54:71:06:b7:5b:1f:da:d4:a7:19:f6:de:56:cc:e5:66:42:
         86:28:0e:ac:ee:c9:1a:2e:e4:9e:3e:30:b3:e3:e0:d3:ee:d7:
         bb:50:c0:06:15:f2:e9:ce:e8:08:5e:73:a5:3b:30:38:32:39:
         10:86:e2:df:5c:26:1a:22:d0:19:c4:df:38:ef:ac:04:76:61:
         47:5f:b1:ad:e2:4e:4e:2b:95:f1:e0:8e:69:23:02:9f:36:ce:
         dd:cc:6f:a3:18:f1:de:43:14:49:49:90:3c:f8:3a:73:b6:cc:
         59:3b:7b:9a:bc:38:9b:2a:96:5f:4a:e6:71:cf:59:e9:df:9e:
         60:61:01:c9:a0:00:f4:38:7d:4d:05:7c:a8:68:04:2a:fc:c8:
         80:24:36:a4:d5:5b:85:91:4c:16:c6:11:a1:03:ba:f3:ba:00:
         4c:ce:74:b1:41:ce:41:4b:6b:77:bf:02:6a:49:74:02:65:6a:
         bf:ef:18:c1:5e:dd:5e:0d:a3:70:80:a7:68:84:60:f8:56:2f:
         64:be:24:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALdQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE0MDU0MzA5WhcNMjQwNTIzMDU0MzA5WjAYMRYw
FAYDVQQDEw02NjQyZjlmMC1jMGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo6uUZtZn+gPUbXMPiC7LBrrcBwt9ZQ9AcxpO0p/CF7TpyDDUbyXQR0Yo
YrhNevxROlWGDADrsGflvoCX3dFcExoxO9PmQl2ZQ9EeTPtPGt/Rmb2CxWvZCRgK
u+WEpwVPTtUMs2RbCFGpDdD2tXSyDIdK+ety/Ux5SCmgRDuBs8aW5NstUPpc4wG8
Pg8UznjR3WPEJlYVLKUXZ0mP17sP8hDhmdEsvexlZL0qx3yl3GrrSyYX4ODDOKBP
1Z2m+G7jRc3vUNGi/jC1EtOAgSj4TVMNSLzOXH7gugdrDlINrd4rPcc/clk5yBU+
LKUs3uvPKsaBwKBInfKp589IRp2/ZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFAa
1W6jA6YvkrUFPRQQ2jD6oRlMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQTBGMUM4NDExQjQxMUVGQTEzMzRBM0IwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtYgMA0GCSqGSIb3DQEB
CwUAA4IBAQAxB7gFKXAEKdhs8h3yflzHuLbP8hOFg9Ah1FFjhcQWypC+/AnbnB5w
nLLAB+BrssIoGZocaiJlVHEGt1sf2tSnGfbeVszlZkKGKA6s7skaLuSePjCz4+DT
7te7UMAGFfLpzugIXnOlOzA4MjkQhuLfXCYaItAZxN8476wEdmFHX7Gt4k5OK5Xx
4I5pIwKfNs7dzG+jGPHeQxRJSZA8+DpztsxZO3uavDibKpZfSuZxz1np355gYQHJ
oAD0OH1NBXyoaAQq/MiAJDak1VuFkUwWxhGhA7rzugBMznSxQc5BS2t3vwJqSXQC
ZWq/7xjBXt1eDaNwgKdohGD4Vi9kviSX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:02:03 2024 by rpki-client on console-ams.rpki-client.org