Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/3B5432F093D911EDB21BBA8CF1222468.roa
File:                     3B5432F093D911EDB21BBA8CF1222468.roa (raw, json)
Hash identifier:          NT9hVtUfzVmiaapbdckDxRsG5rz0mCisDsMm0P62onI=
Subject key identifier:   52:19:9B:6E:E0:40:3C:D7:0A:88:22:4B:70:B5:FD:05:BD:D4:5E:5A
Certificate issuer:       /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial:       0C03
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/3B5432F093D911EDB21BBA8CF1222468.roa
Signing time:             Sat 14 Jan 2023 07:01:13 +0000
ROA not before:           Sat 14 Jan 2023 07:01:09 +0000
ROA not after:            Tue 31 Jan 2023 07:01:09 +0000
asID:                     37708
IP address blocks:        196.1.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3075 (0xc03)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
        Validity
            Not Before: Jan 14 07:01:09 2023 GMT
            Not After : Jan 31 07:01:09 2023 GMT
        Subject: CN=63c25339-cd8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:19:d0:7e:da:60:c9:cb:89:be:61:f5:20:45:
                    21:fb:52:17:36:bf:44:81:2c:83:d9:ef:5a:ab:7f:
                    3f:93:32:6f:52:68:66:d4:28:17:44:a6:5e:ab:89:
                    d7:52:8a:9e:aa:90:8f:58:ad:e4:c5:39:13:7c:e8:
                    bd:ff:da:93:49:8e:e7:59:55:a9:3d:fd:fc:6f:ac:
                    68:bf:05:5b:a3:c5:a8:05:f7:f6:c9:de:78:b5:ea:
                    ef:d8:cc:a5:a3:ef:f0:2d:6e:61:34:18:c5:8a:cf:
                    0e:71:e1:18:b5:92:e1:2f:5d:23:cc:fa:94:ff:ca:
                    1d:fa:9b:e4:32:c1:10:d4:d7:0e:b4:b6:7e:83:bf:
                    4b:f6:8e:24:35:79:31:76:04:40:3d:d7:7c:65:f5:
                    e3:13:a4:45:71:78:a1:ad:b5:6c:0f:9a:07:a2:d6:
                    96:40:ee:dd:5b:80:0b:df:f7:b3:01:0a:3e:5a:13:
                    78:bd:bc:8b:ee:0d:e7:5b:58:00:ef:13:0a:88:f1:
                    7f:ab:da:b8:dc:1b:7b:62:f4:b6:62:bb:a2:14:69:
                    dc:bf:ff:b4:6c:08:04:1b:82:8a:aa:27:07:c7:c5:
                    9d:74:2f:fe:4b:bc:32:8f:4e:42:20:1b:30:e9:fb:
                    b6:36:15:5e:39:51:d1:af:cf:ba:77:a8:5e:2b:d0:
                    44:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:19:9B:6E:E0:40:3C:D7:0A:88:22:4B:70:B5:FD:05:BD:D4:5E:5A
            X509v3 Authority Key Identifier:
                keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/3B5432F093D911EDB21BBA8CF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:88:9f:5a:00:70:57:b8:e5:11:c5:22:15:cb:d5:2c:c8:11:
         b0:52:9b:37:20:b6:e2:38:17:16:ee:55:07:a7:24:c4:16:8b:
         50:6a:91:89:d7:24:28:54:3b:79:f2:04:bf:b0:b9:c8:4b:bb:
         af:12:8b:e6:45:c9:a3:af:60:c1:64:12:20:f4:a7:8e:1e:b9:
         0c:fc:b9:70:53:ee:ac:ee:46:a0:63:34:6b:4c:73:97:a0:2e:
         76:7e:e9:c2:bb:13:fe:de:37:48:95:8b:3a:e0:44:53:85:66:
         75:e6:7d:14:d0:52:b5:fd:58:33:e4:40:0c:fe:e8:20:db:48:
         11:b8:86:ab:73:08:e1:45:8a:81:f8:7e:90:df:ca:c7:5b:8d:
         47:2a:69:4f:2c:1b:ce:d7:21:89:dd:fb:f8:9f:c4:53:ac:5c:
         ac:2d:36:8a:ee:40:d4:45:61:8e:48:e3:d5:c2:c6:ce:85:3a:
         4a:f9:88:b7:d2:60:84:93:fe:b1:64:ba:66:d4:62:a1:47:97:
         34:1a:ad:cf:b2:5e:87:8e:0d:bd:f9:42:27:78:7a:59:61:eb:
         4c:1f:eb:44:34:0b:10:fe:77:72:ab:b8:fe:9e:39:8b:30:72:
         36:a7:ee:7a:65:ec:b7:66:f5:60:5e:95:51:d2:e0:b9:4d:05:
         9d:6d:c6:c9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDAMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMzAxMTQwNzAxMDlaFw0yMzAxMzEwNzAxMDlaMBgxFjAU
BgNVBAMMDTYzYzI1MzM5LWNkOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEGdB+2mDJy4m+YfUgRSH7Uhc2v0SBLIPZ71qrfz+TMm9SaGbUKBdEpl6r
iddSip6qkI9YreTFORN86L3/2pNJjudZVak9/fxvrGi/BVujxagF9/bJ3ni16u/Y
zKWj7/AtbmE0GMWKzw5x4Ri1kuEvXSPM+pT/yh36m+QywRDU1w60tn6Dv0v2jiQ1
eTF2BEA913xl9eMTpEVxeKGttWwPmgei1pZA7t1bgAvf97MBCj5aE3i9vIvuDedb
WADvEwqI8X+r2rjcG3ti9LZiu6IUady//7RsCAQbgoqqJwfHxZ10L/5LvDKPTkIg
GzDp+7Y2FV45UdGvz7p3qF4r0EQfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUhmb
buBAPNcKiCJLcLX9Bb3UXlowHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4LzNCNTQzMkYwOTNEOTExRURCMjFCQkE4Q0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEAQAwDQYJKoZIhvcNAQEL
BQADggEBABmIn1oAcFe45RHFIhXL1SzIEbBSmzcgtuI4FxbuVQenJMQWi1BqkYnX
JChUO3nyBL+wuchLu68Si+ZFyaOvYMFkEiD0p44euQz8uXBT7qzuRqBjNGtMc5eg
LnZ+6cK7E/7eN0iVizrgRFOFZnXmfRTQUrX9WDPkQAz+6CDbSBG4hqtzCOFFioH4
fpDfysdbjUcqaU8sG87XIYnd+/ifxFOsXKwtNoruQNRFYY5I49XCxs6FOkr5iLfS
YIST/rFkumbUYqFHlzQarc+yXoeODb35Qid4ellh60wf60Q0CxD+d3KruP6eOYsw
cjan7npl7Ldm9WBelVHS4LlNBZ1txsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org