Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/87CCDF7C4E3911EE86293C2A4AD9E6FC.roa
File:                     87CCDF7C4E3911EE86293C2A4AD9E6FC.roa (raw, json)
Hash identifier:          CgaFDdJ+xXvr0oaiL7YycEQ3cS4/GCMSfd56Rr7yZco=
Subject key identifier:   7E:8F:56:E2:54:51:16:06:A6:95:C2:45:EA:84:A9:8A:17:5E:DC:9F
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       015F
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/87CCDF7C4E3911EE86293C2A4AD9E6FC.roa
Signing time:             Fri 08 Sep 2023 11:19:09 +0000
ROA not before:           Fri 08 Sep 2023 11:19:06 +0000
ROA not after:            Sat 07 Sep 2024 11:19:06 +0000
asID:                     53356
IP address blocks:        66.251.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 351 (0x15f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Sep  8 11:19:06 2023 GMT
            Not After : Sep  7 11:19:06 2024 GMT
        Subject: CN=64fb032d-243a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:43:ce:7e:c2:09:5a:d3:bd:8b:4c:9a:16:
                    73:3a:97:f4:1c:5c:db:5c:1c:f1:1e:94:83:ef:8d:
                    d2:57:5e:7d:f4:4f:eb:4e:bd:95:ce:21:72:b0:46:
                    27:f5:f1:2f:31:3e:b4:73:11:10:9d:92:fb:fa:da:
                    f0:98:a5:64:cc:1b:95:c8:0b:cd:9d:e2:14:b4:25:
                    76:30:63:f3:3d:f1:09:60:04:a8:f6:0a:d5:b4:83:
                    28:89:86:dd:7b:9a:05:c8:30:f6:12:7b:b3:a3:14:
                    8d:cb:e7:69:9b:02:84:fc:35:7c:73:01:70:66:14:
                    96:67:a0:1d:a7:92:8e:e5:ef:aa:40:0b:51:96:e0:
                    af:36:33:54:5f:58:9e:30:35:e5:de:e2:1d:e1:dd:
                    52:1d:68:1b:b2:65:2b:1f:b0:90:0b:09:21:81:b3:
                    b8:c4:53:54:fe:1e:3d:82:38:c5:dd:b6:fa:b9:3f:
                    10:82:90:f3:ac:5d:20:f2:cc:6f:54:83:d2:ce:cb:
                    29:f9:4f:18:91:90:3c:14:08:1e:92:88:da:0e:43:
                    31:f9:6a:d7:7f:3b:5e:a0:ff:ac:db:d8:4b:4d:14:
                    08:02:e7:5a:ba:99:92:f9:ae:16:41:ae:14:fc:74:
                    4c:d5:ca:76:74:d6:e4:a8:bd:ef:51:74:82:da:87:
                    5e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:8F:56:E2:54:51:16:06:A6:95:C2:45:EA:84:A9:8A:17:5E:DC:9F
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/87CCDF7C4E3911EE86293C2A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e2:40:86:f7:d1:46:18:10:d7:9c:0c:a4:d8:84:e4:66:7e:75:
         61:36:ed:48:a4:0a:9b:79:70:ac:33:da:c7:7e:59:61:de:7a:
         b1:4e:66:4a:cf:04:c0:c5:fd:1d:23:fc:d8:f6:ee:1b:c0:60:
         03:ab:17:de:af:27:78:7c:30:7a:2d:22:25:0a:6c:63:26:58:
         20:a2:1d:b2:f6:54:01:bc:eb:9a:92:57:9e:13:d1:af:b4:a0:
         32:3b:c7:97:93:dd:0f:3d:d0:da:ae:9f:1a:54:f5:7c:f9:a1:
         55:e3:40:93:92:48:9a:30:95:0a:90:35:4a:b2:22:ed:3a:02:
         7d:0d:92:4b:e4:d7:20:29:20:3e:96:80:b0:8e:4d:f2:f7:2b:
         a1:4e:36:13:b3:bc:84:bf:43:73:5e:6c:89:6c:be:e0:33:ed:
         f6:6a:81:df:5a:90:3b:96:66:05:59:36:d3:23:ef:04:9d:0c:
         b1:a8:ae:03:32:a9:63:06:26:f9:e9:c3:37:de:0a:f9:0a:82:
         ed:14:d3:f9:b0:bd:b4:de:98:1c:d1:51:e6:50:4d:f9:ae:0d:
         81:ec:eb:69:ab:bc:4e:04:db:03:e2:2f:16:28:fc:4e:7e:27:
         59:c7:67:70:9e:d2:24:f2:de:57:c9:c7:74:eb:1d:fc:b9:91:
         a9:74:19:2e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAV8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzA5MDgxMTE5MDZaFw0yNDA5MDcxMTE5MDZaMBgxFjAU
BgNVBAMTDTY0ZmIwMzJkLTI0M2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5ZkPOfsIJWtO9i0yaFnM6l/QcXNtcHPEelIPvjdJXXn30T+tOvZXOIXKw
Rif18S8xPrRzERCdkvv62vCYpWTMG5XIC82d4hS0JXYwY/M98QlgBKj2CtW0gyiJ
ht17mgXIMPYSe7OjFI3L52mbAoT8NXxzAXBmFJZnoB2nko7l76pAC1GW4K82M1Rf
WJ4wNeXe4h3h3VIdaBuyZSsfsJALCSGBs7jEU1T+Hj2COMXdtvq5PxCCkPOsXSDy
zG9Ug9LOyyn5TxiRkDwUCB6SiNoOQzH5atd/O16g/6zb2EtNFAgC51q6mZL5rhZB
rhT8dEzVynZ01uSove9RdILah14TAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUfo9W
4lRRFgamlcJF6oSpihde3J8wHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4Lzg3Q0NERjdDNEUzOTExRUU4NjI5M0MyQTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+4IwDQYJKoZIhvcNAQELBQAD
ggEBAOJAhvfRRhgQ15wMpNiE5GZ+dWE27UikCpt5cKwz2sd+WWHeerFOZkrPBMDF
/R0j/Nj27hvAYAOrF96vJ3h8MHotIiUKbGMmWCCiHbL2VAG865qSV54T0a+0oDI7
x5eT3Q890NqunxpU9Xz5oVXjQJOSSJowlQqQNUqyIu06An0Nkkvk1yApID6WgLCO
TfL3K6FONhOzvIS/Q3NebIlsvuAz7fZqgd9akDuWZgVZNtMj7wSdDLGorgMyqWMG
JvnpwzfeCvkKgu0U0/mwvbTemBzRUeZQTfmuDYHs62mrvE4E2wPiLxYo/E5+J1nH
Z3Ce0iTy3lfJx3TrHfy5kal0GS4=
-----END CERTIFICATE-----
Generated at Sun Sep 8 03:52:16 2024 by rpki-client on console-ams.rpki-client.org