Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B15689C81A9411F08E50ABF86DB8BCC6.roa
File:                     B15689C81A9411F08E50ABF86DB8BCC6.roa (raw, json)
Hash identifier:          LdRhwmtgm2epKz5bXz7daZxALjcXwq32h/hH+tz/Dk4=
Subject key identifier:   7F:C3:C5:06:91:F5:85:66:54:28:CB:D9:43:FF:E5:6B:78:D5:6E:07
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       014CA1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B15689C81A9411F08E50ABF86DB8BCC6.roa
Signing time:             Wed 16 Apr 2025 07:30:38 +0000
ROA not before:           Wed 16 Apr 2025 07:30:34 +0000
ROA not after:            Fri 25 Apr 2025 07:30:34 +0000
asID:                     131471
IP address blocks:        156.238.64.0/24 maxlen: 24
                          156.238.65.0/24 maxlen: 24
                          156.238.66.0/24 maxlen: 24
                          156.238.67.0/24 maxlen: 24
                          156.238.68.0/24 maxlen: 24
                          156.238.69.0/24 maxlen: 24
                          156.238.70.0/24 maxlen: 24
                          156.238.71.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85153 (0x14ca1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 16 07:30:34 2025 GMT
            Not After : Apr 25 07:30:34 2025 GMT
        Subject: CN=67ff5c9e-4429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:96:43:76:53:a3:4e:37:b5:97:ee:88:1d:5c:
                    0c:eb:c5:14:c7:d6:29:13:05:97:b5:17:6c:13:0c:
                    0c:cb:ac:8e:3d:5f:7a:a7:71:52:aa:8c:e2:7f:59:
                    6a:3f:4b:36:09:f4:c6:6c:84:a4:8d:15:5e:1a:36:
                    e8:78:26:e6:0a:ac:72:0b:1a:00:db:49:4c:d7:a5:
                    19:eb:29:1e:e5:66:c7:20:d8:66:d7:6e:bf:25:bd:
                    7d:a9:64:1f:67:90:41:9c:e2:1f:38:5c:75:d4:ac:
                    0e:f8:9a:5f:a3:60:c3:19:22:9a:30:27:25:46:aa:
                    6e:8f:6c:43:5b:29:66:ea:63:f3:ad:c7:39:44:77:
                    47:4f:01:55:fb:6d:04:8d:15:c9:81:5d:4b:98:f3:
                    1b:b8:e4:91:57:6e:a8:c3:d2:bd:a7:97:b4:cd:55:
                    0f:91:45:ba:4b:76:56:eb:ff:df:d5:3f:3b:5b:f3:
                    4b:68:2f:99:3a:97:2c:5f:69:7f:84:83:72:8c:89:
                    45:fe:11:bb:4e:15:80:ad:4b:58:dc:c5:90:4a:d1:
                    9f:e7:05:a2:17:d7:2f:88:3f:c8:72:af:ab:a6:e5:
                    ea:88:fa:07:41:af:85:09:8d:37:06:12:2e:69:55:
                    49:50:66:f1:86:13:0a:69:e2:86:b1:ce:51:ac:a3:
                    97:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C3:C5:06:91:F5:85:66:54:28:CB:D9:43:FF:E5:6B:78:D5:6E:07
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B15689C81A9411F08E50ABF86DB8BCC6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.238.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         89:b7:19:71:6a:c7:03:4f:0a:81:a5:29:2a:50:92:20:7b:e0:
         d3:a7:c1:6e:b1:86:8f:9b:58:f1:59:df:58:1c:b7:75:3a:2b:
         11:ab:b8:5c:1f:6c:38:f3:86:c7:ee:6a:40:70:c3:78:ca:d9:
         f3:37:27:cf:e2:c2:62:b6:e8:85:b2:e0:2d:d7:52:ba:49:e6:
         04:39:a1:70:c4:07:4b:95:f1:cf:57:46:80:15:d0:ca:95:c1:
         ad:65:e1:f1:1b:29:dd:f7:f3:20:77:8c:36:27:49:a3:50:fa:
         a0:86:b7:c0:d2:8d:73:62:1c:49:b3:fc:17:94:27:97:45:2e:
         e5:fb:60:4b:17:8c:dc:24:0a:23:84:8b:b0:d0:80:e2:c6:ce:
         08:21:11:37:71:df:b6:ce:e3:95:71:fb:2e:4f:bd:aa:02:05:
         4d:19:99:9b:84:4f:55:6e:88:55:ef:f4:b8:98:e1:e1:87:aa:
         01:a9:8a:c6:9d:da:5b:54:88:31:37:b7:31:1b:9c:11:fa:c9:
         0b:9e:d3:cc:2f:1c:5b:cb:5c:d9:c1:3a:ad:99:bd:1a:7b:88:
         fd:eb:5a:18:db:04:a1:44:21:0e:c2:36:8a:65:0e:74:23:57:
         66:c2:cc:ef:5c:9c:8a:d5:02:b5:ef:00:6b:88:e7:1d:53:17:
         90:2e:88:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUyhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE2MDczMDM0WhcNMjUwNDI1MDczMDM0WjAYMRYw
FAYDVQQDEw02N2ZmNWM5ZS00NDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1pZDdlOjTje1l+6IHVwM68UUx9YpEwWXtRdsEwwMy6yOPV96p3FSqozi
f1lqP0s2CfTGbISkjRVeGjboeCbmCqxyCxoA20lM16UZ6yke5WbHINhm126/Jb19
qWQfZ5BBnOIfOFx11KwO+Jpfo2DDGSKaMCclRqpuj2xDWylm6mPzrcc5RHdHTwFV
+20EjRXJgV1LmPMbuOSRV26ow9K9p5e0zVUPkUW6S3ZW6//f1T87W/NLaC+ZOpcs
X2l/hINyjIlF/hG7ThWArUtY3MWQStGf5wWiF9cviD/Icq+rpuXqiPoHQa+FCY03
BhIuaVVJUGbxhhMKaeKGsc5RrKOXsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH/D
xQaR9YVmVCjL2UP/5Wt41W4HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTU2ODlDODFBOTQxMUYwOEU1MEFCRjg2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO5AMA0GCSqGSIb3DQEBCwUA
A4IBAQCJtxlxascDTwqBpSkqUJIge+DTp8FusYaPm1jxWd9YHLd1OisRq7hcH2w4
84bH7mpAcMN4ytnzNyfP4sJituiFsuAt11K6SeYEOaFwxAdLlfHPV0aAFdDKlcGt
ZeHxGynd9/Mgd4w2J0mjUPqghrfA0o1zYhxJs/wXlCeXRS7l+2BLF4zcJAojhIuw
0IDixs4IIRE3cd+2zuOVcfsuT72qAgVNGZmbhE9VbohV7/S4mOHhh6oBqYrGndpb
VIgxN7cxG5wR+skLntPMLxxby1zZwTqtmb0ae4j961oY2wShRCEOwjaKZQ50I1dm
wszvXJyK1QK17wBriOcdUxeQLojh
-----END CERTIFICATE-----