Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E70F4/69568416F05911EBAF56F43BD8A014CE/0F70EB58F06311EBAA52534AD8A014CE.roa
File:                     0F70EB58F06311EBAA52534AD8A014CE.roa (raw, json)
Hash identifier:          0mMbiu7oIDFMqmH0d7+E+QEHb3bXWN9pDag7fKzmISw=
Subject key identifier:   0C:9A:73:E8:EC:DC:F6:FC:7C:1D:74:75:63:E1:FA:7D:2C:6A:77:E0
Certificate issuer:       /CN=F36E70F4AF/serialNumber=A9423FA4C0026D2E4DA8212D128D9D2707E81DC9
Certificate serial:       02
Authority key identifier: A9:42:3F:A4:C0:02:6D:2E:4D:A8:21:2D:12:8D:9D:27:07:E8:1D:C9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/qUI_pMACbS5NqCEtEo2dJwfoHck.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E70F4/69568416F05911EBAF56F43BD8A014CE/0F70EB58F06311EBAA52534AD8A014CE.roa
Signing time:             Thu 29 Jul 2021 11:50:03 +0000
ROA not before:           Fri 30 Jul 2021 11:49:59 +0000
ROA not after:            Mon 31 Jul 2023 11:49:59 +0000
asID:                     37219
IP address blocks:        41.76.168.0/21 maxlen: 21
                          41.76.168.0/24 maxlen: 24
                          41.76.169.0/24 maxlen: 24
                          41.76.170.0/24 maxlen: 24
                          41.76.171.0/24 maxlen: 24
                          41.76.172.0/24 maxlen: 24
                          41.76.173.0/24 maxlen: 24
                          41.76.174.0/24 maxlen: 24
                          41.76.175.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E70F4AF/serialNumber=A9423FA4C0026D2E4DA8212D128D9D2707E81DC9
        Validity
            Not Before: Jul 30 11:49:59 2021 GMT
            Not After : Jul 31 11:49:59 2023 GMT
        Subject: CN=610295eb-189c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f7:ce:2a:e9:24:6c:e7:0f:b3:75:75:ad:5e:
                    3b:e7:03:9e:ab:b9:db:ca:ac:88:a1:b3:12:f4:e9:
                    aa:6f:23:2a:35:79:a9:42:74:9d:41:41:7c:55:5e:
                    af:55:d1:a8:86:7f:36:68:c2:fb:0d:be:63:94:90:
                    1c:d3:d1:2b:74:06:31:a2:52:43:ab:8b:71:36:ea:
                    d6:10:a6:1d:5e:a7:5b:ca:f1:67:41:09:4e:d6:4b:
                    be:28:4f:c0:47:fb:7c:c7:9f:47:fe:a2:53:6e:49:
                    9b:4c:f8:b3:ab:ec:e3:27:e0:1c:dc:c2:2c:ee:13:
                    49:33:95:28:4f:9d:17:b7:0d:71:67:f7:c0:7a:a5:
                    4a:ff:60:35:50:9d:b9:b6:9c:c8:d8:90:e0:12:49:
                    8e:c2:9d:d3:f6:a2:99:1f:e2:9a:a5:bc:49:a8:53:
                    07:f3:7e:06:f1:ff:20:73:ab:22:9b:0c:8f:d8:e2:
                    97:ee:c3:62:e6:e0:0f:bb:c0:25:ba:04:40:bc:94:
                    15:a9:7a:85:4f:6e:c5:77:a7:bb:3f:55:67:c0:09:
                    dd:15:28:f5:4e:b4:60:60:7f:68:13:df:af:69:17:
                    b3:d0:af:e1:00:41:57:29:31:f8:d2:a7:4a:ce:5c:
                    71:f0:dd:c0:50:2b:f2:28:10:94:bf:be:c1:b3:dc:
                    56:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9A:73:E8:EC:DC:F6:FC:7C:1D:74:75:63:E1:FA:7D:2C:6A:77:E0
            X509v3 Authority Key Identifier:
                keyid:A9:42:3F:A4:C0:02:6D:2E:4D:A8:21:2D:12:8D:9D:27:07:E8:1D:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E70F4/69568416F05911EBAF56F43BD8A014CE/qUI_pMACbS5NqCEtEo2dJwfoHck.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qUI_pMACbS5NqCEtEo2dJwfoHck.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E70F4/69568416F05911EBAF56F43BD8A014CE/0F70EB58F06311EBAA52534AD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2b:84:cc:a2:70:b7:66:b3:23:ed:2c:29:99:7f:90:61:2c:71:
         6b:92:04:73:9b:ad:ec:d0:26:e7:3d:a3:b8:56:c2:a7:1b:0e:
         71:be:ec:8e:a9:5c:0f:35:93:ec:6c:a1:e3:ae:ff:58:c5:0d:
         45:6c:49:de:0e:dc:2a:33:38:98:21:a0:aa:cc:51:0c:a2:18:
         b3:ad:e2:21:b0:84:19:fe:9e:0d:1d:6d:9c:8a:03:27:ad:cd:
         77:a2:60:da:3a:c4:ac:67:79:e0:62:c9:2d:68:20:0d:fa:8c:
         5c:f3:70:97:2d:df:97:c9:40:af:3b:4c:d5:ab:ce:fb:e6:4e:
         13:37:af:c4:91:a3:35:26:c3:99:79:e2:02:d5:16:13:6d:c1:
         e4:2c:41:4e:06:17:07:4b:4f:b3:a0:1a:a2:e6:06:db:61:91:
         8d:e9:20:e0:7d:0c:fe:ae:f6:e8:e0:57:f3:91:cf:53:83:51:
         37:1e:10:ad:1d:e7:98:4e:ad:73:e2:15:bb:ea:67:b0:68:31:
         e3:ca:d2:51:b8:c4:cd:f3:13:86:5a:31:a8:9a:86:11:f5:ec:
         f6:1e:a8:5f:f9:ee:0f:54:d9:fc:37:97:51:52:c5:cc:f3:0e:
         3a:5f:5b:24:54:c3:d3:12:f1:fa:8b:66:1f:f3:a7:b0:80:d9:
         95:91:ba:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZF
NzBGNEFGMTEwLwYDVQQFEyhBOTQyM0ZBNEMwMDI2RDJFNERBODIxMkQxMjhEOUQy
NzA3RTgxREM5MB4XDTIxMDczMDExNDk1OVoXDTIzMDczMTExNDk1OVowGDEWMBQG
A1UEAwwNNjEwMjk1ZWItMTg5YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ33zirpJGznD7N1da1eO+cDnqu528qsiKGzEvTpqm8jKjV5qUJ0nUFBfFVe
r1XRqIZ/NmjC+w2+Y5SQHNPRK3QGMaJSQ6uLcTbq1hCmHV6nW8rxZ0EJTtZLvihP
wEf7fMefR/6iU25Jm0z4s6vs4yfgHNzCLO4TSTOVKE+dF7cNcWf3wHqlSv9gNVCd
ubacyNiQ4BJJjsKd0/aimR/imqW8SahTB/N+BvH/IHOrIpsMj9jil+7DYubgD7vA
JboEQLyUFal6hU9uxXenuz9VZ8AJ3RUo9U60YGB/aBPfr2kXs9Cv4QBBVykx+NKn
Ss5ccfDdwFAr8igQlL++wbPcVvcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQMmnPo
7Nz2/HwddHVj4fp9LGp34DAfBgNVHSMEGDAWgBSpQj+kwAJtLk2oIS0SjZ0nB+gd
yTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTcwRjQvNjk1Njg0MTZGMDU5MTFFQkFGNTZGNDNCRDhBMDE0Q0UvcVVJX3BN
QUNiUzVOcUNFdEVvMmRKd2ZvSGNrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcVVJX3BNQUNiUzVOcUNFdEVvMmRKd2ZvSGNrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTcwRjQvNjk1Njg0MTZGMDU5MTFFQkFGNTZGNDNCRDhB
MDE0Q0UvMEY3MEVCNThGMDYzMTFFQkFBNTI1MzRBRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAylMqDANBgkqhkiG9w0BAQsF
AAOCAQEAK4TMonC3ZrMj7SwpmX+QYSxxa5IEc5ut7NAm5z2juFbCpxsOcb7sjqlc
DzWT7Gyh467/WMUNRWxJ3g7cKjM4mCGgqsxRDKIYs63iIbCEGf6eDR1tnIoDJ63N
d6Jg2jrErGd54GLJLWggDfqMXPNwly3fl8lArztM1avO++ZOEzevxJGjNSbDmXni
AtUWE23B5CxBTgYXB0tPs6AaouYG22GRjekg4H0M/q726OBX85HPU4NRNx4QrR3n
mE6tc+IVu+pnsGgx48rSUbjEzfMThloxqJqGEfXs9h6oX/nuD1TZ/DeXUVLFzPMO
Ol9bJFTD0xLx+otmH/OnsIDZlZG63w==
-----END CERTIFICATE-----