Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/C0526AECBEDA11EB9591CE44F8AEA228.roa
File:                     C0526AECBEDA11EB9591CE44F8AEA228.roa (raw, json)
Hash identifier:          rhIrh4LFIFpTXgVa9XaMXeIXCuHJgi0mSpWl3wRaqz8=
Subject key identifier:   27:C3:54:F2:A1:B6:BB:0A:0C:DE:0A:2F:6C:32:F3:6A:D6:16:5B:CE
Certificate issuer:       /CN=F365C79EAF/serialNumber=DD7499A8C8C12AB67E15EB492808A692ED4B59F4
Certificate serial:       02
Authority key identifier: DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/C0526AECBEDA11EB9591CE44F8AEA228.roa
Signing time:             Thu 27 May 2021 11:00:31 +0000
ROA not before:           Thu 27 May 2021 11:00:26 +0000
ROA not after:            Fri 27 May 2022 11:00:26 +0000
asID:                     328732
IP address blocks:        102.221.216.0/22 maxlen: 24
                          2c0f:e9a8::/32 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365C79EAF/serialNumber=DD7499A8C8C12AB67E15EB492808A692ED4B59F4
        Validity
            Not Before: May 27 11:00:26 2021 GMT
            Not After : May 27 11:00:26 2022 GMT
        Subject: CN=60af7bcf-f5a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ee:50:5a:39:c0:e1:b3:37:e2:78:d8:3b:94:
                    b7:a0:90:ed:d3:5b:b7:04:d0:2c:90:03:b9:48:35:
                    dd:22:3e:df:55:30:b1:27:66:55:cb:4c:52:d7:69:
                    88:15:6a:1d:b7:24:e0:6e:7a:db:69:24:d7:e9:fd:
                    41:c9:fd:42:5b:9b:86:0c:86:a4:47:67:80:55:95:
                    13:86:0e:91:ab:50:d6:9b:c3:7e:21:ab:c3:10:20:
                    5b:43:33:b9:70:11:a9:dd:95:cf:b9:73:ac:87:41:
                    c3:b0:fc:f6:a0:fe:79:0a:65:cb:4c:b0:9e:7c:bb:
                    72:ef:aa:10:c1:05:71:fd:39:b6:ba:55:fc:2f:02:
                    e8:92:f8:01:bf:21:4e:fa:20:8f:6e:05:41:6a:dc:
                    3b:73:85:49:fa:12:73:d9:7b:81:bb:db:35:94:92:
                    5b:44:36:d0:99:be:8f:3d:4b:69:34:68:56:e2:7c:
                    6e:3e:77:36:b5:f0:7d:96:dd:29:a0:cc:bc:23:10:
                    4b:95:ec:ce:03:2a:5a:81:01:39:6f:53:ee:d8:23:
                    3c:ee:22:27:6b:99:fd:cc:6b:95:66:90:f4:ce:2e:
                    80:f4:a7:20:72:3e:44:d4:db:c2:f5:c7:eb:88:8b:
                    03:b8:3a:68:90:c4:72:93:e7:52:f0:58:1e:92:ab:
                    36:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:C3:54:F2:A1:B6:BB:0A:0C:DE:0A:2F:6C:32:F3:6A:D6:16:5B:CE
            X509v3 Authority Key Identifier:
                keyid:DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/3XSZqMjBKrZ-FetJKAimku1LWfQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/C0526AECBEDA11EB9591CE44F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.216.0/22
                IPv6:
                  2c0f:e9a8::/32

    Signature Algorithm: sha256WithRSAEncryption
         c5:5e:d5:ed:5f:5c:7d:8c:7d:b8:ce:48:d0:57:67:52:d2:17:
         04:1b:1c:b6:f7:61:36:68:84:95:14:bf:59:44:aa:9b:84:01:
         7f:bd:19:4f:43:08:29:83:46:77:57:17:b1:7e:f4:12:9c:d3:
         51:ef:d0:1a:5f:c3:35:b7:32:29:8f:a0:2d:13:64:d3:e8:b0:
         0e:5d:db:55:7e:b3:b0:a4:61:53:7c:a9:ac:c6:00:95:3c:61:
         30:71:e0:2e:d1:28:31:32:36:35:ec:20:99:98:47:50:5f:50:
         14:bb:31:92:92:a4:8e:a5:6e:68:4e:13:1f:42:44:11:e6:94:
         f4:a5:bc:6d:55:c6:98:14:33:04:94:51:83:1c:c6:5f:3d:89:
         12:0b:85:25:56:39:e7:46:d0:a2:91:1a:f9:12:9e:61:77:db:
         f3:d4:f3:6d:b1:f1:fe:cb:df:f8:fc:7e:ba:bd:74:13:cb:c9:
         c4:c6:92:1a:a4:0d:00:40:1d:d5:5c:90:31:e4:0c:57:90:46:
         c5:19:55:0e:c3:be:29:5f:56:47:f5:7c:9c:46:9c:b6:fb:98:
         8b:3a:01:28:f6:f5:bc:8b:50:20:98:58:e0:50:e8:7b:df:3f:
         33:3f:7c:ae:37:e3:71:60:88:a3:90:9d:6e:95:a5:91:56:2b:
         7a:37:97:38
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
Qzc5RUFGMTEwLwYDVQQFEyhERDc0OTlBOEM4QzEyQUI2N0UxNUVCNDkyODA4QTY5
MkVENEI1OUY0MB4XDTIxMDUyNzExMDAyNloXDTIyMDUyNzExMDAyNlowGDEWMBQG
A1UEAxMNNjBhZjdiY2YtZjVhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANruUFo5wOGzN+J42DuUt6CQ7dNbtwTQLJADuUg13SI+31UwsSdmVctMUtdp
iBVqHbck4G5622kk1+n9Qcn9QlubhgyGpEdngFWVE4YOkatQ1pvDfiGrwxAgW0Mz
uXARqd2Vz7lzrIdBw7D89qD+eQply0ywnny7cu+qEMEFcf05trpV/C8C6JL4Ab8h
Tvogj24FQWrcO3OFSfoSc9l7gbvbNZSSW0Q20Jm+jz1LaTRoVuJ8bj53NrXwfZbd
KaDMvCMQS5XszgMqWoEBOW9T7tgjPO4iJ2uZ/cxrlWaQ9M4ugPSnIHI+RNTbwvXH
64iLA7g6aJDEcpPnUvBYHpKrNpECAwEAAaOCArQwggKwMB0GA1UdDgQWBBQnw1Ty
oba7CgzeCi9sMvNq1hZbzjAfBgNVHSMEGDAWgBTddJmoyMEqtn4V60koCKaS7UtZ
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUM3OUUvMUZDMzRCRTZCRURBMTFFQjhGNUNFMjQzRjhBRUEyMjgvM1hTWnFN
akJLclotRmV0SktBaW1rdTFMV2ZRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM1hTWnFNakJLclotRmV0SktBaW1rdTFMV2ZRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUM3OUUvMUZDMzRCRTZCRURBMTFFQjhGNUNFMjQzRjhB
RUEyMjgvQzA1MjZBRUNCRURBMTFFQjk1OTFDRTQ0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbd2DANBAIAAjAHAwUALA/p
qDANBgkqhkiG9w0BAQsFAAOCAQEAxV7V7V9cfYx9uM5I0FdnUtIXBBsctvdhNmiE
lRS/WUSqm4QBf70ZT0MIKYNGd1cXsX70EpzTUe/QGl/DNbcyKY+gLRNk0+iwDl3b
VX6zsKRhU3yprMYAlTxhMHHgLtEoMTI2NewgmZhHUF9QFLsxkpKkjqVuaE4TH0JE
EeaU9KW8bVXGmBQzBJRRgxzGXz2JEguFJVY550bQopEa+RKeYXfb89TzbbHx/svf
+Px+ur10E8vJxMaSGqQNAEAd1VyQMeQMV5BGxRlVDsO+KV9WR/V8nEactvuYizoB
KPb1vItQIJhY4FDoe98/Mz98rjfjcWCIo5CdbpWlkVYrejeXOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org