Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A772F6C47C11EC97049188F1222468.roa
File:                     D8A772F6C47C11EC97049188F1222468.roa (raw, json)
Hash identifier:          h08eSxoztUxK7vjVZVRpBWUlx8E+V7GvEyOB+jktdfo=
Subject key identifier:   95:15:13:50:1A:E9:25:19:DD:1E:F6:E5:11:D6:38:12:84:59:3F:DC
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       1366
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A772F6C47C11EC97049188F1222468.roa
Signing time:             Mon 25 Apr 2022 09:48:23 +0000
ROA not before:           Mon 25 Apr 2022 09:48:20 +0000
ROA not after:            Mon 30 Jan 2023 09:48:20 +0000
asID:                     139057
IP address blocks:        156.251.64.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4966 (0x1366)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:48:20 2022 GMT
            Not After : Jan 30 09:48:20 2023 GMT
        Subject: CN=62666e67-7432
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a2:dc:6b:56:0c:43:1f:f4:4c:c7:7f:35:7b:
                    84:47:89:e9:b3:2a:4f:cb:55:7e:21:f5:b9:9b:f1:
                    7d:cb:d4:9b:12:2f:b4:4b:3c:cd:89:ed:0f:da:73:
                    5f:0d:6d:b9:68:24:9d:0a:26:d8:42:0e:f0:db:cf:
                    4f:f2:7b:a8:8e:58:77:fb:65:80:5b:32:45:d7:89:
                    69:7a:6c:5c:01:68:ab:12:8f:8b:91:a1:11:8c:55:
                    7b:af:70:27:d6:20:8f:9c:37:41:b3:ea:21:42:4e:
                    49:29:39:ed:14:b0:98:92:10:bc:34:0e:e4:87:5e:
                    c4:c9:d9:84:f7:b8:a8:ce:99:df:17:b3:0c:63:29:
                    e0:1f:82:48:0b:ed:7f:7a:c1:c6:1b:7e:aa:b9:9d:
                    98:bf:11:36:b3:12:34:0a:58:1e:26:3d:cd:22:b0:
                    73:e1:e9:9e:05:50:1b:38:98:1e:58:d6:4c:c6:59:
                    3a:2e:45:6d:d7:af:ab:f0:e4:5f:aa:f4:4f:8c:77:
                    1e:7d:c2:ec:66:05:86:c5:4e:8b:91:b9:f3:e5:0e:
                    8f:8d:1e:7b:8a:0c:29:7e:62:f9:fc:c3:70:15:4d:
                    f3:83:96:21:b9:47:7c:8c:16:15:7a:3f:19:eb:70:
                    25:22:58:44:72:5a:94:8b:59:ff:8e:ea:ef:5c:24:
                    5a:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:15:13:50:1A:E9:25:19:DD:1E:F6:E5:11:D6:38:12:84:59:3F:DC
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A772F6C47C11EC97049188F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:16:9e:b4:bf:80:9c:d0:b4:6b:25:26:f7:cb:45:29:06:2f:
         2d:2a:1b:b4:75:2d:8a:fb:ec:b9:32:a0:3d:2c:ed:21:6c:5e:
         89:3f:30:59:04:13:18:0d:6c:2b:3b:6e:f2:2d:55:ba:48:81:
         b2:70:46:d6:e8:13:01:8b:eb:64:bc:f8:41:bf:d3:86:ad:12:
         4a:e8:1d:eb:68:dd:bc:00:2a:3e:6f:e1:ee:c6:07:19:88:fe:
         56:f3:a8:af:4a:4a:75:bd:b0:0f:81:5c:02:e3:85:7a:a9:6b:
         7c:a6:74:91:a2:52:a1:ce:1d:5c:c1:fc:7e:b6:c9:83:6a:9e:
         30:5d:d3:de:63:8c:24:81:c1:9a:40:fc:04:ac:6a:6b:b0:2e:
         5f:d2:39:3c:eb:ae:e8:7e:a1:bb:27:b7:38:ff:ec:4a:79:6f:
         f1:90:56:4c:26:8b:20:8c:c5:fa:89:d5:ee:7d:9a:5d:fe:bb:
         40:7a:97:9f:ad:e2:f5:ef:ab:41:d6:01:2e:2e:5a:88:65:d7:
         46:60:a8:bd:6c:9d:8d:c2:f5:6e:2b:ea:c9:68:73:9d:9d:33:
         84:24:61:ea:d8:41:c4:5b:57:c2:4c:5d:d9:f2:61:98:fb:c0:
         63:8c:53:54:8b:7f:37:57:38:67:2a:e8:b6:ba:8a:72:d3:86:
         81:c0:43:5b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE2YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTQ4MjBaFw0yMzAxMzAwOTQ4MjBaMBgxFjAU
BgNVBAMMDTYyNjY2ZTY3LTc0MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8otxrVgxDH/RMx381e4RHiemzKk/LVX4h9bmb8X3L1JsSL7RLPM2J7Q/a
c18NbbloJJ0KJthCDvDbz0/ye6iOWHf7ZYBbMkXXiWl6bFwBaKsSj4uRoRGMVXuv
cCfWII+cN0Gz6iFCTkkpOe0UsJiSELw0DuSHXsTJ2YT3uKjOmd8XswxjKeAfgkgL
7X96wcYbfqq5nZi/ETazEjQKWB4mPc0isHPh6Z4FUBs4mB5Y1kzGWTouRW3Xr6vw
5F+q9E+Mdx59wuxmBYbFTouRufPlDo+NHnuKDCl+Yvn8w3AVTfODliG5R3yMFhV6
PxnrcCUiWERyWpSLWf+O6u9cJFr7AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUlRUT
UBrpJRndHvblEdY4EoRZP9wwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0Q4QTc3MkY2QzQ3QzExRUM5NzA0OTE4OEYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+0AwDQYJKoZIhvcNAQELBQAD
ggEBADAWnrS/gJzQtGslJvfLRSkGLy0qG7R1LYr77LkyoD0s7SFsXok/MFkEExgN
bCs7bvItVbpIgbJwRtboEwGL62S8+EG/04atEkroHeto3bwAKj5v4e7GBxmI/lbz
qK9KSnW9sA+BXALjhXqpa3ymdJGiUqHOHVzB/H62yYNqnjBd095jjCSBwZpA/ASs
amuwLl/SOTzrruh+obsntzj/7Ep5b/GQVkwmiyCMxfqJ1e59ml3+u0B6l5+t4vXv
q0HWAS4uWohl10ZgqL1snY3C9W4r6sloc52dM4QkYerYQcRbV8JMXdnyYZj7wGOM
U1SLfzdXOGcq6La6inLThoHAQ1s=
-----END CERTIFICATE-----
Generated at Wed Jul 2 02:07:00 2025 by rpki-client