Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DDB0D92C20F11ECA85FC2E6F1222468.roa
File:                     8DDB0D92C20F11ECA85FC2E6F1222468.roa (raw, json)
Hash identifier:          MJLjlSdqAZggFtPC0oqxCCWz3PCBRTD8TuKmP2WbDrk=
Subject key identifier:   C4:1C:F8:45:9D:65:54:DF:B6:36:C9:EB:10:7D:66:49:E2:60:5F:1E
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       133B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DDB0D92C20F11ECA85FC2E6F1222468.roa
Signing time:             Fri 22 Apr 2022 07:41:00 +0000
ROA not before:           Fri 22 Apr 2022 07:40:56 +0000
ROA not after:            Fri 30 Dec 2022 07:40:56 +0000
asID:                     328608
IP address blocks:        156.249.2.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4923 (0x133b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 22 07:40:56 2022 GMT
            Not After : Dec 30 07:40:56 2022 GMT
        Subject: CN=62625c0c-4551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d8:b2:1e:9f:28:7f:c4:e6:4d:ea:6c:04:0c:
                    44:ff:7f:ac:4f:1d:2e:9b:6e:fe:57:f2:2a:e5:1d:
                    70:a5:92:f5:30:f8:36:30:6f:a6:83:21:c7:49:84:
                    1e:ba:38:54:dc:f2:50:c8:ee:7d:85:5a:18:fb:ce:
                    a9:c1:5a:25:1a:46:25:00:39:8c:d7:d8:78:c0:9b:
                    e1:1e:c6:30:3d:ad:29:60:73:9d:d4:93:74:3f:1a:
                    b6:fe:b6:7b:e1:de:8c:54:7e:be:b0:20:39:06:09:
                    db:cb:9b:1f:db:b8:33:77:a5:d3:62:ab:62:b2:24:
                    a8:36:dd:51:4f:3a:ba:c0:96:e8:49:80:56:f7:21:
                    f2:0f:f0:4a:4a:73:9c:7c:44:a7:b8:75:78:da:54:
                    4e:a2:25:b9:43:f6:71:4a:99:0b:65:9b:97:d7:8f:
                    39:68:b0:f2:f9:a8:0e:ed:69:29:da:03:d5:94:27:
                    1b:81:86:4f:4c:5a:c6:be:14:1a:06:8c:13:5e:72:
                    89:81:86:6a:ce:fd:b1:ec:80:cc:7e:7b:6e:38:32:
                    9b:d5:d4:6b:37:fb:c8:de:f3:d3:db:e4:fc:e7:81:
                    22:74:c6:ec:ec:0b:21:be:c9:91:c9:e1:1f:79:4f:
                    10:e3:2f:6a:5f:23:df:21:c1:3c:0f:68:9c:6c:1a:
                    03:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:1C:F8:45:9D:65:54:DF:B6:36:C9:EB:10:7D:66:49:E2:60:5F:1E
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DDB0D92C20F11ECA85FC2E6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.249.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:4a:5a:02:db:63:78:ec:bf:4b:b3:00:52:88:06:7d:ee:f0:
         fd:c6:53:3e:a2:f1:97:d2:c6:ed:30:b6:3e:51:46:9c:be:a0:
         5c:a7:b1:67:fd:7f:b7:89:d4:81:23:2e:5b:91:63:11:ed:15:
         40:99:be:3f:ad:d6:dd:cf:2b:a0:9d:6f:73:14:cf:81:ea:b6:
         36:ec:8f:0a:31:2f:e9:61:a5:9a:98:3b:d4:5b:7b:10:7c:13:
         54:e9:0f:50:01:6e:b1:62:63:05:79:ca:a8:e4:1d:67:48:09:
         ee:d0:34:d9:b3:90:9a:f5:ee:bb:c0:60:45:d4:d3:d2:63:a0:
         ff:02:b5:11:14:b9:f9:f5:39:31:bc:0d:1e:fe:8e:69:fb:63:
         ff:e8:92:27:83:94:d9:d2:07:ac:68:0d:9a:38:19:1d:57:cf:
         20:7e:6c:e8:7b:56:2c:15:94:42:d3:ec:1b:53:2b:74:01:20:
         f0:20:97:1f:a8:1e:ee:d6:2a:29:94:9b:7b:57:1a:ec:ea:03:
         10:22:28:e5:a0:b2:fa:d3:0f:51:16:60:02:10:25:87:36:97:
         30:f5:17:15:57:cc:df:6b:09:2a:f5:19:6d:8f:47:09:59:42:
         94:9c:0a:36:82:9b:81:b6:76:70:bf:79:f4:90:a7:2b:da:ae:
         8f:fc:c4:33
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEzswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjIwNzQwNTZaFw0yMjEyMzAwNzQwNTZaMBgxFjAU
BgNVBAMMDTYyNjI1YzBjLTQ1NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq2LIenyh/xOZN6mwEDET/f6xPHS6bbv5X8irlHXClkvUw+DYwb6aDIcdJ
hB66OFTc8lDI7n2FWhj7zqnBWiUaRiUAOYzX2HjAm+EexjA9rSlgc53Uk3Q/Grb+
tnvh3oxUfr6wIDkGCdvLmx/buDN3pdNiq2KyJKg23VFPOrrAluhJgFb3IfIP8EpK
c5x8RKe4dXjaVE6iJblD9nFKmQtlm5fXjzlosPL5qA7taSnaA9WUJxuBhk9MWsa+
FBoGjBNecomBhmrO/bHsgMx+e244MpvV1Gs3+8je89Pb5PzngSJ0xuzsCyG+yZHJ
4R95TxDjL2pfI98hwTwPaJxsGgOXAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUxBz4
RZ1lVN+2NsnrEH1mSeJgXx4wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzhEREIwRDkyQzIwRjExRUNBODVGQzJFNkYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGc+QIwDQYJKoZIhvcNAQELBQAD
ggEBAE1KWgLbY3jsv0uzAFKIBn3u8P3GUz6i8ZfSxu0wtj5RRpy+oFynsWf9f7eJ
1IEjLluRYxHtFUCZvj+t1t3PK6Cdb3MUz4HqtjbsjwoxL+lhpZqYO9RbexB8E1Tp
D1ABbrFiYwV5yqjkHWdICe7QNNmzkJr17rvAYEXU09JjoP8CtREUufn1OTG8DR7+
jmn7Y//okieDlNnSB6xoDZo4GR1XzyB+bOh7ViwVlELT7BtTK3QBIPAglx+oHu7W
KimUm3tXGuzqAxAiKOWgsvrTD1EWYAIQJYc2lzD1FxVXzN9rCSr1GW2PRwlZQpSc
CjaCm4G2dnC/efSQpyvaro/8xDM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:24 2023 by rpki-client on console-fra.rpki-client.org