Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/C73C1778643111EEBADEB43A4AD9E6FC.roa
File:                     C73C1778643111EEBADEB43A4AD9E6FC.roa (raw, json)
Hash identifier:          N675OlrRas4s58wvhhmPl5Ljbg05uV4Q54N7a01B4XA=
Subject key identifier:   66:CB:02:F9:46:C8:26:9B:C2:51:77:1D:BC:81:1C:FE:9C:FF:F0:C7
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       019F
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/C73C1778643111EEBADEB43A4AD9E6FC.roa
Signing time:             Fri 06 Oct 2023 10:19:05 +0000
ROA not before:           Fri 06 Oct 2023 10:19:02 +0000
ROA not after:            Sat 05 Oct 2024 10:19:02 +0000
asID:                     62387
IP address blocks:        66.251.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415 (0x19f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Oct  6 10:19:02 2023 GMT
            Not After : Oct  5 10:19:02 2024 GMT
        Subject: CN=651fdf19-9def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ff:34:9f:3a:72:dc:5b:4d:57:9b:b7:2c:6f:
                    d0:06:14:6b:12:0c:06:c2:0e:33:ed:86:04:96:4a:
                    16:56:17:ec:61:78:8e:af:5d:9e:06:72:2b:b1:1d:
                    52:62:e5:cc:17:af:b2:ac:01:01:55:07:19:96:f5:
                    87:74:98:41:d7:c5:6f:88:e0:23:df:b8:a7:9c:ac:
                    8b:fb:52:dd:98:f6:33:1a:48:37:bf:b7:66:2d:3c:
                    0d:f4:39:b8:71:c5:d1:09:38:2a:00:09:77:48:bb:
                    ee:7e:8d:ab:fa:9c:75:25:3a:62:99:38:88:be:bd:
                    b5:f9:fa:00:45:24:25:1a:5e:92:85:f2:67:fd:b8:
                    37:1d:af:22:fc:c2:f7:e9:76:35:25:d1:44:4f:bb:
                    84:99:ee:0e:10:4a:17:ac:d1:01:78:49:70:49:e1:
                    a1:3b:fb:f7:67:d4:90:36:e7:ad:ff:53:4f:38:db:
                    ee:da:a5:e1:b9:32:83:30:c1:aa:e7:fc:ae:c0:a8:
                    bf:ba:90:2d:0a:b9:ca:ac:b0:76:dd:50:ba:57:38:
                    16:1b:57:16:74:26:5d:50:03:5c:ee:ab:99:1f:84:
                    6a:2a:f3:06:45:5f:08:d7:15:58:18:37:19:66:7f:
                    35:b3:38:5b:ea:46:20:2d:19:4e:de:92:df:24:4c:
                    a5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:CB:02:F9:46:C8:26:9B:C2:51:77:1D:BC:81:1C:FE:9C:FF:F0:C7
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/C73C1778643111EEBADEB43A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:a4:38:38:d7:85:23:36:54:ea:b6:64:42:5d:14:7b:0c:d7:
         6f:d6:69:f2:bb:61:fe:81:86:aa:29:82:61:80:65:56:c4:68:
         59:20:d4:97:63:8a:ab:68:ab:6b:de:85:bb:2a:ce:e0:4e:e6:
         a2:42:fe:3a:d0:3c:be:90:36:9a:30:0e:ff:29:a2:cc:8c:76:
         c6:da:49:e8:68:1c:2f:18:a6:07:3e:17:de:1c:f0:2e:ab:f3:
         a5:5e:b6:30:4e:57:75:86:ae:ed:d3:cd:cc:6c:12:49:ad:50:
         26:d6:d1:02:74:a8:3e:79:76:be:32:d8:d7:8a:44:23:de:e8:
         f2:ae:e8:4b:8f:9b:05:17:fd:44:23:36:bc:e5:77:de:7b:d9:
         e5:de:39:93:d1:bf:94:0c:9f:b6:6a:f9:6c:96:28:80:3b:82:
         c7:c1:7f:1d:1b:b2:f1:bb:29:5c:aa:db:a2:8e:70:69:db:1c:
         a0:6c:2f:ef:35:45:9c:1f:8c:d5:6b:df:ea:75:f4:b8:51:be:
         2f:32:8f:e7:79:a8:bc:9b:91:c7:b4:f0:69:b1:5f:09:3c:b3:
         e6:cf:ad:93:5e:ad:88:05:2a:d1:7a:62:11:9c:17:bd:bc:0b:
         a4:3b:56:53:76:7a:4c:1a:33:90:b0:8d:5c:65:84:82:e4:71:
         2d:72:59:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzEwMDYxMDE5MDJaFw0yNDEwMDUxMDE5MDJaMBgxFjAU
BgNVBAMTDTY1MWZkZjE5LTlkZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9/zSfOnLcW01Xm7csb9AGFGsSDAbCDjPthgSWShZWF+xheI6vXZ4Gciux
HVJi5cwXr7KsAQFVBxmW9Yd0mEHXxW+I4CPfuKecrIv7Ut2Y9jMaSDe/t2YtPA30
ObhxxdEJOCoACXdIu+5+jav6nHUlOmKZOIi+vbX5+gBFJCUaXpKF8mf9uDcdryL8
wvfpdjUl0URPu4SZ7g4QShes0QF4SXBJ4aE7+/dn1JA2563/U0842+7apeG5MoMw
warn/K7AqL+6kC0KucqssHbdULpXOBYbVxZ0Jl1QA1zuq5kfhGoq8wZFXwjXFVgY
NxlmfzWzOFvqRiAtGU7ekt8kTKW3AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUZssC
+UbIJpvCUXcdvIEc/pz/8McwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4L0M3M0MxNzc4NjQzMTExRUVCQURFQjQzQTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+5MwDQYJKoZIhvcNAQELBQAD
ggEBAEOkODjXhSM2VOq2ZEJdFHsM12/WafK7Yf6BhqopgmGAZVbEaFkg1Jdjiqto
q2vehbsqzuBO5qJC/jrQPL6QNpowDv8posyMdsbaSehoHC8Ypgc+F94c8C6r86Ve
tjBOV3WGru3TzcxsEkmtUCbW0QJ0qD55dr4y2NeKRCPe6PKu6EuPmwUX/UQjNrzl
d9572eXeOZPRv5QMn7Zq+WyWKIA7gsfBfx0bsvG7KVyq26KOcGnbHKBsL+81RZwf
jNVr3+p19LhRvi8yj+d5qLybkce08GmxXwk8s+bPrZNerYgFKtF6YhGcF728C6Q7
VlN2ekwaM5CwjVxlhILkcS1yWWI=
-----END CERTIFICATE-----
Generated at Sun Oct 6 05:42:07 2024 by rpki-client on console-fra.rpki-client.org