Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/996E2FF44E3B11EEBFBC81304AD9E6FC.roa
File:                     996E2FF44E3B11EEBFBC81304AD9E6FC.roa (raw, json)
Hash identifier:          tzsg2A6VmzdQTjshA8Ify2UubehJ6wOWgSsjtKv6Go0=
Subject key identifier:   22:6C:CE:82:9F:CD:12:71:0B:4E:AD:AD:90:D7:18:C8:6E:F3:DD:A1
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       016A
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/996E2FF44E3B11EEBFBC81304AD9E6FC.roa
Signing time:             Fri 08 Sep 2023 11:33:58 +0000
ROA not before:           Fri 08 Sep 2023 11:33:55 +0000
ROA not after:            Sat 07 Sep 2024 11:33:55 +0000
asID:                     53356
IP address blocks:        66.251.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 362 (0x16a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Sep  8 11:33:55 2023 GMT
            Not After : Sep  7 11:33:55 2024 GMT
        Subject: CN=64fb06a6-f180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4c:70:31:30:82:39:a4:ff:2e:db:e7:d0:6e:
                    37:8e:dd:01:d2:7f:df:d6:04:aa:af:af:53:f0:5a:
                    c6:36:8c:10:05:7e:93:1f:e7:78:df:3b:c7:cc:04:
                    ce:87:d8:af:a9:6d:30:97:42:48:ca:52:4b:ad:f9:
                    7a:fe:6c:69:a5:fa:5d:25:67:c8:42:78:06:0e:4f:
                    c0:cb:eb:43:85:ef:1e:c5:04:e7:6a:a7:f5:9c:71:
                    8f:9e:ee:68:4a:de:42:55:6d:70:e9:80:b1:74:8b:
                    af:5e:7d:e4:c9:17:b0:d3:e0:3d:3d:b6:23:5c:68:
                    5d:37:c2:b1:34:76:68:43:09:23:85:b0:0e:29:ca:
                    f7:fe:2e:2d:e3:18:45:3e:f4:4b:18:56:95:f9:f8:
                    4a:b2:ab:6e:dc:d5:6f:a7:8c:10:23:19:bd:61:5c:
                    52:92:cf:d8:ba:9c:68:8d:cf:b9:b2:9c:44:55:a3:
                    2a:12:5e:5d:51:8e:fe:2e:c2:01:3e:de:22:a4:a4:
                    ac:a6:db:c9:8e:8b:6b:c1:73:e9:52:b4:b2:86:73:
                    a8:88:d2:b9:ab:15:2f:f8:6e:13:c4:e1:ad:f5:e4:
                    38:80:c1:91:78:1c:82:18:60:a2:13:a3:0f:4a:13:
                    22:d7:e0:a1:dd:6e:19:f1:e4:96:d9:52:45:3b:7d:
                    ae:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:6C:CE:82:9F:CD:12:71:0B:4E:AD:AD:90:D7:18:C8:6E:F3:DD:A1
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/996E2FF44E3B11EEBFBC81304AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:57:ae:af:ec:d6:21:31:8a:79:04:8b:91:9e:7e:1a:23:f2:
         43:f6:d0:0c:be:7a:71:c9:54:42:e9:16:a8:fc:14:9e:24:d8:
         3f:6e:5f:ec:0b:76:5c:4b:ce:4e:30:b4:b9:9f:ec:5b:ba:a8:
         6a:4b:11:7a:6b:83:4c:ca:34:9a:fe:a7:ee:72:c8:65:8f:92:
         ed:d2:cb:97:94:f7:4f:e0:f5:d5:a2:69:af:f1:be:ac:b3:ed:
         f8:5f:87:b2:38:15:c8:12:85:f2:34:ea:46:c1:ec:c9:e9:e3:
         7f:73:4c:d6:d8:d3:94:e2:91:ec:9f:5b:76:84:c6:2c:c6:19:
         b9:a8:9c:1f:6b:91:f8:c9:7c:97:ea:90:f2:03:2a:0a:4b:80:
         7d:1b:9f:4e:82:55:ff:47:bc:ef:12:2d:be:d9:19:8b:99:4e:
         78:8e:be:c6:54:ec:b0:e5:d8:b3:aa:a3:a5:a9:8b:ac:7f:20:
         65:be:ca:2f:51:f6:4a:18:76:ef:49:56:62:91:c3:0a:78:df:
         31:bb:14:90:ad:71:c9:a3:1d:1a:10:6d:38:5b:0a:c7:03:31:
         be:fe:3d:1f:3e:c3:58:d3:a8:fe:7d:31:0c:66:dd:f2:80:7e:
         d3:bf:2d:49:40:fc:a1:31:57:72:cf:03:de:a0:3e:96:ae:66:
         85:b2:ea:37
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAWowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzA5MDgxMTMzNTVaFw0yNDA5MDcxMTMzNTVaMBgxFjAU
BgNVBAMTDTY0ZmIwNmE2LWYxODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPTHAxMII5pP8u2+fQbjeO3QHSf9/WBKqvr1PwWsY2jBAFfpMf53jfO8fM
BM6H2K+pbTCXQkjKUkut+Xr+bGml+l0lZ8hCeAYOT8DL60OF7x7FBOdqp/WccY+e
7mhK3kJVbXDpgLF0i69efeTJF7DT4D09tiNcaF03wrE0dmhDCSOFsA4pyvf+Li3j
GEU+9EsYVpX5+Eqyq27c1W+njBAjGb1hXFKSz9i6nGiNz7mynERVoyoSXl1Rjv4u
wgE+3iKkpKym28mOi2vBc+lStLKGc6iI0rmrFS/4bhPE4a315DiAwZF4HIIYYKIT
ow9KEyLX4KHdbhnx5JbZUkU7fa5fAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUImzO
gp/NEnELTq2tkNcYyG7z3aEwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4Lzk5NkUyRkY0NEUzQjExRUVCRkJDODEzMDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+5EwDQYJKoZIhvcNAQELBQAD
ggEBAANXrq/s1iExinkEi5Gefhoj8kP20Ay+enHJVELpFqj8FJ4k2D9uX+wLdlxL
zk4wtLmf7Fu6qGpLEXprg0zKNJr+p+5yyGWPku3Sy5eU90/g9dWiaa/xvqyz7fhf
h7I4FcgShfI06kbB7Mnp439zTNbY05TikeyfW3aExizGGbmonB9rkfjJfJfqkPID
KgpLgH0bn06CVf9HvO8SLb7ZGYuZTniOvsZU7LDl2LOqo6Wpi6x/IGW+yi9R9koY
du9JVmKRwwp43zG7FJCtccmjHRoQbThbCscDMb7+PR8+w1jTqP59MQxm3fKAftO/
LUlA/KExV3LPA96gPpauZoWy6jc=
-----END CERTIFICATE-----
Generated at Sun Sep 8 03:52:16 2024 by rpki-client on console-ams.rpki-client.org