Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/9A7879324E3A11EEB1269A2D4AD9E6FC.roa
File:                     9A7879324E3A11EEB1269A2D4AD9E6FC.roa (raw, json)
Hash identifier:          JGGoidhxD1q3ILG90MW9+x76sOi4TXlxN+BNsaGTyuQ=
Subject key identifier:   11:F6:A3:3D:11:60:9D:5D:F3:EA:D8:73:D7:53:ED:D4:13:DA:E2:E2
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       0167
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/9A7879324E3A11EEB1269A2D4AD9E6FC.roa
Signing time:             Fri 08 Sep 2023 11:26:50 +0000
ROA not before:           Fri 08 Sep 2023 11:26:47 +0000
ROA not after:            Sat 07 Sep 2024 11:26:47 +0000
asID:                     53356
IP address blocks:        66.251.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359 (0x167)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Sep  8 11:26:47 2023 GMT
            Not After : Sep  7 11:26:47 2024 GMT
        Subject: CN=64fb04fa-4ace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:be:34:ad:c2:8f:c6:19:63:d9:bc:26:4a:aa:
                    9e:4b:ae:fc:ea:20:7b:34:6d:b0:5e:97:0a:c9:3f:
                    2a:b7:72:15:b6:45:96:39:ec:9e:d1:c4:00:2a:57:
                    57:51:bf:81:4e:97:ad:0a:55:03:94:c9:03:5c:5c:
                    2f:d0:c0:aa:74:4d:13:00:a5:eb:0d:50:a9:28:57:
                    52:aa:23:8f:61:c1:90:f6:60:af:3f:a1:74:50:09:
                    68:6c:a3:65:c4:1d:40:13:6c:11:0e:65:6c:33:a6:
                    79:3f:8a:57:e6:71:e0:fe:2c:a3:d5:f2:a4:93:f4:
                    56:70:39:9d:61:d0:8d:2b:82:35:06:d2:03:d9:25:
                    8c:bd:64:00:76:e0:28:a3:a9:f0:5a:42:cb:e2:a4:
                    89:66:57:6d:74:e4:18:12:01:a6:ba:bd:ed:83:08:
                    c1:11:f5:29:85:cf:66:d2:8e:b8:d5:36:ad:08:c1:
                    2f:96:7d:60:1a:bb:b9:72:86:03:c4:db:49:0c:5a:
                    57:3f:55:af:b9:42:86:b7:39:dd:db:74:3a:9f:16:
                    b3:ca:d3:34:7b:3f:e2:77:1b:12:c7:93:b9:5e:b2:
                    db:0e:ca:84:01:b4:d4:58:54:a3:e4:ff:29:57:50:
                    2c:39:2b:7d:18:a0:f5:ed:f7:6f:94:9a:30:d3:d3:
                    20:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:F6:A3:3D:11:60:9D:5D:F3:EA:D8:73:D7:53:ED:D4:13:DA:E2:E2
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/9A7879324E3A11EEB1269A2D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:e1:41:7b:1b:f9:cd:69:99:ad:92:83:1d:80:e2:f3:c6:f0:
         5c:ab:c2:b7:82:ed:3c:af:c3:a1:de:2d:c9:81:2c:f5:b8:b1:
         40:de:36:62:89:61:e7:ff:89:a7:e9:5d:e8:85:47:d8:a0:a0:
         12:e1:8c:0d:41:45:e6:9e:6f:1a:7f:3f:d2:63:30:e6:45:72:
         02:b4:0f:3a:c0:3c:79:1d:03:f0:00:aa:be:d6:32:59:d6:2a:
         e8:d4:67:55:aa:c3:08:95:2d:7e:54:4c:9b:2f:f2:2e:3b:e8:
         de:9c:58:d3:3f:05:f7:e6:0c:12:7e:b5:35:72:f2:67:27:18:
         5d:7b:b5:a7:80:10:95:b7:8c:03:6f:ab:d1:61:77:c1:4a:0a:
         53:ac:e7:d9:2f:78:38:fd:37:f2:ae:35:2e:09:bb:84:fd:26:
         e5:c6:a9:59:73:fe:d3:a4:22:31:29:fe:72:f3:01:8f:52:5e:
         61:6c:56:8e:4d:28:74:ab:16:4e:cc:02:2c:02:6f:f3:8d:c7:
         92:fb:d3:1a:32:f2:54:2f:19:6d:d0:be:d2:0b:45:c3:3f:b8:
         e6:e2:e5:7e:06:22:bc:f2:57:a1:1e:5e:8f:a5:fa:db:cf:06:
         b7:16:5c:80:be:21:7e:9a:c2:62:4f:1d:08:b4:bf:04:13:d5:
         5c:9b:7c:73
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzA5MDgxMTI2NDdaFw0yNDA5MDcxMTI2NDdaMBgxFjAU
BgNVBAMTDTY0ZmIwNGZhLTRhY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdvjStwo/GGWPZvCZKqp5LrvzqIHs0bbBelwrJPyq3chW2RZY57J7RxAAq
V1dRv4FOl60KVQOUyQNcXC/QwKp0TRMApesNUKkoV1KqI49hwZD2YK8/oXRQCWhs
o2XEHUATbBEOZWwzpnk/ilfmceD+LKPV8qST9FZwOZ1h0I0rgjUG0gPZJYy9ZAB2
4CijqfBaQsvipIlmV2105BgSAaa6ve2DCMER9SmFz2bSjrjVNq0IwS+WfWAau7ly
hgPE20kMWlc/Va+5Qoa3Od3bdDqfFrPK0zR7P+J3GxLHk7lestsOyoQBtNRYVKPk
/ylXUCw5K30YoPXt92+UmjDT0yDDAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUEfaj
PRFgnV3z6thz11Pt1BPa4uIwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzlBNzg3OTMyNEUzQTExRUVCMTI2OUEyRDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+78wDQYJKoZIhvcNAQELBQAD
ggEBAEzhQXsb+c1pma2Sgx2A4vPG8FyrwreC7Tyvw6HeLcmBLPW4sUDeNmKJYef/
iafpXeiFR9igoBLhjA1BReaebxp/P9JjMOZFcgK0DzrAPHkdA/AAqr7WMlnWKujU
Z1WqwwiVLX5UTJsv8i476N6cWNM/BffmDBJ+tTVy8mcnGF17taeAEJW3jANvq9Fh
d8FKClOs59kveDj9N/KuNS4Ju4T9JuXGqVlz/tOkIjEp/nLzAY9SXmFsVo5NKHSr
Fk7MAiwCb/ONx5L70xoy8lQvGW3QvtILRcM/uObi5X4GIrzyV6EeXo+l+tvPBrcW
XIC+IX6awmJPHQi0vwQT1VybfHM=
-----END CERTIFICATE-----
Generated at Sun Sep 8 03:52:16 2024 by rpki-client on console-ams.rpki-client.org