Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366D2C6/0BEC0256711A11EB9EB6B41CF8AEA228/FF2F015AD3DA11EDB8F9A180F1222468.roa
File:                     FF2F015AD3DA11EDB8F9A180F1222468.roa (raw, json)
Hash identifier:          cU5CAFtj9Wp0Wi+gfpU99a2BHqlo8qBa1AVB8ONc90s=
Subject key identifier:   13:60:2E:6E:60:32:6B:46:6D:1E:6F:20:7D:8D:6A:A2:9E:A0:7F:8B
Certificate issuer:       /CN=F366D2C6AF/serialNumber=386298D9D0EB71CA90F486A16134AF1361D271C8
Certificate serial:       032B
Authority key identifier: 38:62:98:D9:D0:EB:71:CA:90:F4:86:A1:61:34:AF:13:61:D2:71:C8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OGKY2dDrccqQ9IahYTSvE2HSccg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366D2C6/0BEC0256711A11EB9EB6B41CF8AEA228/FF2F015AD3DA11EDB8F9A180F1222468.roa
Signing time:             Wed 05 Apr 2023 17:55:06 +0000
ROA not before:           Wed 05 Apr 2023 17:55:02 +0000
ROA not after:            Tue 30 Apr 2024 17:55:02 +0000
asID:                     328010
IP address blocks:        196.49.19.0/24 maxlen: 24
                          2001:43f8:b61::/48 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 811 (0x32b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366D2C6AF/serialNumber=386298D9D0EB71CA90F486A16134AF1361D271C8
        Validity
            Not Before: Apr  5 17:55:02 2023 GMT
            Not After : Apr 30 17:55:02 2024 GMT
        Subject: CN=642db5fa-b2a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:69:b7:03:06:8b:da:09:e3:f8:3e:8c:a2:69:
                    4e:d1:fa:4e:8c:62:1b:17:98:29:eb:2f:97:60:0e:
                    66:95:2a:b4:0d:d6:36:39:db:76:22:5a:09:09:90:
                    b7:08:72:bd:37:97:2e:8b:f0:a0:4d:ad:a1:e8:2b:
                    47:56:35:66:8c:b2:68:e2:da:f1:a9:09:26:58:bf:
                    95:de:61:98:7e:34:9f:1f:eb:66:d0:8e:ec:37:f0:
                    db:bf:d7:e6:0e:51:ee:26:c3:c3:6c:15:10:9f:62:
                    49:e9:72:f9:d8:17:17:60:c6:e0:b7:3e:b0:a6:92:
                    dd:b5:b8:61:02:60:44:3a:a1:94:61:af:4b:7e:3a:
                    97:f2:ab:4d:6d:99:ed:d7:e0:04:25:e2:fa:29:5f:
                    d2:73:82:ee:fb:a0:20:6b:ef:d0:d5:d5:1b:52:d1:
                    42:50:4f:14:2a:1a:a7:fb:11:a7:3f:f2:81:6f:3c:
                    55:9b:5a:68:e7:46:83:92:96:c3:6b:41:d6:03:aa:
                    6b:c4:ae:0b:8f:fa:90:66:78:1c:ca:44:ec:5c:f2:
                    ec:b7:81:65:d9:80:38:46:70:e5:4f:7a:83:bb:58:
                    a3:18:c3:38:f9:86:46:10:8c:38:c7:4b:cf:38:1b:
                    b5:c7:17:cd:af:55:7c:89:f4:b2:7d:28:4d:f7:90:
                    ff:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:60:2E:6E:60:32:6B:46:6D:1E:6F:20:7D:8D:6A:A2:9E:A0:7F:8B
            X509v3 Authority Key Identifier:
                keyid:38:62:98:D9:D0:EB:71:CA:90:F4:86:A1:61:34:AF:13:61:D2:71:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366D2C6/0BEC0256711A11EB9EB6B41CF8AEA228/OGKY2dDrccqQ9IahYTSvE2HSccg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OGKY2dDrccqQ9IahYTSvE2HSccg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366D2C6/0BEC0256711A11EB9EB6B41CF8AEA228/FF2F015AD3DA11EDB8F9A180F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.19.0/24
                IPv6:
                  2001:43f8:b61::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:f4:f9:1a:65:1f:a3:75:03:38:be:6c:52:e6:67:2c:1b:59:
         b2:37:8a:5a:98:ed:bf:60:d6:af:8d:1f:97:b9:26:5f:2a:5b:
         5e:1d:e6:fa:68:ca:96:c9:10:6d:b7:0d:22:db:c3:31:75:eb:
         68:e2:6c:fe:2a:c5:41:e3:4a:a5:93:9f:0f:2d:f0:2d:bd:7c:
         07:45:0c:83:45:22:13:7a:af:21:97:c9:5f:3b:a5:5f:70:c0:
         72:92:e7:02:72:3d:22:fe:09:c8:4b:f5:d8:72:10:5f:24:b2:
         76:e3:b3:ee:af:8e:06:4e:10:66:ac:97:33:36:e2:33:91:d4:
         d9:f8:ff:4d:b3:92:29:69:a8:17:e8:53:8e:f3:8c:4c:72:6d:
         47:76:ad:e8:20:90:3e:54:90:37:9a:cf:8d:4c:50:b3:f1:d7:
         48:f7:db:ac:8a:97:83:bc:d4:b6:60:23:aa:b3:c5:4f:6d:f9:
         ca:c4:96:22:e5:48:a1:14:28:61:bd:72:05:fe:6b:f1:59:25:
         a8:41:87:3b:2d:70:a4:b7:2c:42:c2:33:71:b2:6d:b8:72:42:
         18:cd:09:44:2b:62:96:91:35:b8:cc:38:dd:3d:b8:27:2f:d5:
         da:c8:eb:3d:ca:cb:09:df:b8:ba:5a:6a:b1:e7:85:7c:64:35:
         d9:25:43:22
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICAyswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NkQyQzZBRjExMC8GA1UEBRMoMzg2Mjk4RDlEMEVCNzFDQTkwRjQ4NkExNjEzNEFG
MTM2MUQyNzFDODAeFw0yMzA0MDUxNzU1MDJaFw0yNDA0MzAxNzU1MDJaMBgxFjAU
BgNVBAMMDTY0MmRiNWZhLWIyYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQabcDBovaCeP4PoyiaU7R+k6MYhsXmCnrL5dgDmaVKrQN1jY523YiWgkJ
kLcIcr03ly6L8KBNraHoK0dWNWaMsmji2vGpCSZYv5XeYZh+NJ8f62bQjuw38Nu/
1+YOUe4mw8NsFRCfYknpcvnYFxdgxuC3PrCmkt21uGECYEQ6oZRhr0t+Opfyq01t
me3X4AQl4vopX9Jzgu77oCBr79DV1RtS0UJQTxQqGqf7Eac/8oFvPFWbWmjnRoOS
lsNrQdYDqmvErguP+pBmeBzKROxc8uy3gWXZgDhGcOVPeoO7WKMYwzj5hkYQjDjH
S884G7XHF82vVXyJ9LJ9KE33kP+/AgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUE2Au
bmAya0ZtHm8gfY1qop6gf4swHwYDVR0jBBgwFoAUOGKY2dDrccqQ9IahYTSvE2HS
ccgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZEMkM2LzBCRUMwMjU2NzExQTExRUI5RUI2QjQxQ0Y4QUVBMjI4L09HS1ky
ZERyY2NxUTlJYWhZVFN2RTJIU2NjZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09HS1kyZERyY2NxUTlJYWhZVFN2RTJIU2NjZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZEMkM2LzBCRUMwMjU2NzExQTExRUI5RUI2QjQxQ0Y4
QUVBMjI4L0ZGMkYwMTVBRDNEQTExRURCOEY5QTE4MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEMRMwDwQCAAIwCQMHACAB
Q/gLYTANBgkqhkiG9w0BAQsFAAOCAQEASPT5GmUfo3UDOL5sUuZnLBtZsjeKWpjt
v2DWr40fl7kmXypbXh3m+mjKlskQbbcNItvDMXXraOJs/irFQeNKpZOfDy3wLb18
B0UMg0UiE3qvIZfJXzulX3DAcpLnAnI9Iv4JyEv12HIQXySyduOz7q+OBk4QZqyX
MzbiM5HU2fj/TbOSKWmoF+hTjvOMTHJtR3at6CCQPlSQN5rPjUxQs/HXSPfbrIqX
g7zUtmAjqrPFT235ysSWIuVIoRQoYb1yBf5r8VklqEGHOy1wpLcsQsIzcbJtuHJC
GM0JRCtilpE1uMw43T24Jy/V2sjrPcrLCd+4ulpqseeFfGQ12SVDIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:09 2024 by rpki-client on console-fra.rpki-client.org