Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3671BB4/02E646F8061D11EABC386256F8AEA228/3F01D3949EAC11EC9A65B3E25A40D577.roa
File:                     3F01D3949EAC11EC9A65B3E25A40D577.roa (raw, json)
Hash identifier:          1a7aG1wjJm+t4jJ8jTnGoAIORVzDNivliV1M88IeycM=
Subject key identifier:   4B:8E:BC:79:7F:D1:AC:75:4F:ED:F5:6A:50:E1:DE:CD:61:0B:0B:2D
Certificate issuer:       /CN=F3671BB4AF/serialNumber=F72AC76BB07E44DDC7AC60E6631F1CD2EDF035DD
Certificate serial:       036A
Authority key identifier: F7:2A:C7:6B:B0:7E:44:DD:C7:AC:60:E6:63:1F:1C:D2:ED:F0:35:DD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9yrHa7B-RN3HrGDmYx8c0u3wNd0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3671BB4/02E646F8061D11EABC386256F8AEA228/3F01D3949EAC11EC9A65B3E25A40D577.roa
Signing time:             Tue 08 Mar 2022 06:51:57 +0000
ROA not before:           Tue 08 Mar 2022 06:51:53 +0000
ROA not after:            Sat 08 Apr 2023 06:51:53 +0000
asID:                     37520
IP address blocks:        2001:43f8:1430::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 874 (0x36a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3671BB4AF/serialNumber=F72AC76BB07E44DDC7AC60E6631F1CD2EDF035DD
        Validity
            Not Before: Mar  8 06:51:53 2022 GMT
            Not After : Apr  8 06:51:53 2023 GMT
        Subject: CN=6226fd0d-1f9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c7:74:20:ac:af:1c:9c:eb:22:e7:24:59:90:
                    18:6c:f0:32:97:ba:f5:32:3a:90:62:b2:79:6f:99:
                    5e:fa:49:9b:a8:3e:bd:09:00:19:d5:5e:b9:8c:d4:
                    06:8f:79:5c:0c:3e:90:c6:ed:76:d8:08:de:23:78:
                    92:9f:4b:77:38:7c:4d:06:ac:0b:52:9c:95:e3:a9:
                    e4:f6:eb:61:34:98:db:c2:9f:78:92:37:88:b3:32:
                    05:79:74:05:73:4b:32:9e:65:64:9c:3c:aa:1e:a5:
                    4e:5a:4d:4f:94:8d:31:00:e3:bf:a8:58:75:3c:bb:
                    ec:ac:ad:24:fe:65:bf:59:88:2e:98:e1:ee:dd:cb:
                    74:d5:e8:7b:ec:bc:0b:e9:64:5d:15:32:f7:26:00:
                    0e:bc:ae:d2:6f:e6:b6:e1:4d:2b:57:c1:ca:dc:b9:
                    df:cd:36:87:60:cf:24:76:ad:b6:39:aa:d0:c7:99:
                    f4:cd:e0:3e:2b:e3:96:f7:f3:9e:38:b5:23:de:fe:
                    ec:f2:37:ed:61:9e:01:e5:7a:63:66:f6:81:e5:ab:
                    3a:0f:c8:8d:4f:cd:20:11:62:60:b3:a1:e8:25:38:
                    35:cc:0a:0b:14:26:fd:34:73:e2:f3:90:06:da:85:
                    05:85:42:ad:86:2f:69:be:63:72:cf:3f:7c:60:13:
                    e1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:8E:BC:79:7F:D1:AC:75:4F:ED:F5:6A:50:E1:DE:CD:61:0B:0B:2D
            X509v3 Authority Key Identifier:
                keyid:F7:2A:C7:6B:B0:7E:44:DD:C7:AC:60:E6:63:1F:1C:D2:ED:F0:35:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3671BB4/02E646F8061D11EABC386256F8AEA228/9yrHa7B-RN3HrGDmYx8c0u3wNd0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9yrHa7B-RN3HrGDmYx8c0u3wNd0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3671BB4/02E646F8061D11EABC386256F8AEA228/3F01D3949EAC11EC9A65B3E25A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:43f8:1430::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:22:43:0e:1f:a0:73:d5:fc:5a:b7:57:37:be:d5:bb:d1:c9:
         ab:08:80:b8:94:9a:96:8b:fe:87:d9:c5:b2:24:c1:3c:11:56:
         64:49:11:51:2b:c5:fb:54:31:4f:53:45:d5:18:73:2d:52:74:
         85:3c:25:9c:ee:70:11:c8:a8:a2:4a:7b:e4:22:07:62:19:e7:
         75:f3:77:3e:4e:8e:26:3f:5c:e8:9d:1d:bf:1b:e9:98:db:c7:
         de:48:f8:9a:c9:50:9c:5a:81:97:0b:c2:d0:1b:f4:c9:98:44:
         10:ed:19:94:14:d0:27:10:9f:a6:0b:11:19:43:75:04:fa:50:
         05:7a:bd:f3:60:3f:93:8f:4b:0b:c7:aa:25:6a:3d:bf:75:58:
         33:3a:84:11:2b:94:89:d8:40:6a:bc:58:0e:5c:05:c6:5a:a7:
         e6:fd:02:98:eb:7a:df:99:ba:14:75:e6:14:dd:8f:57:dc:f1:
         96:46:8e:c0:1a:2c:a2:0f:cf:09:30:1c:64:a4:ac:4d:e6:0b:
         14:69:6a:67:8c:3e:3f:2c:38:dd:85:49:3c:15:e3:e8:2c:ec:
         f9:b4:e8:cf:3e:cd:72:b4:49:d9:09:06:c8:6b:06:5c:9c:1c:
         a2:86:8d:a4:00:6a:ba:3c:5b:ff:af:a9:69:03:99:91:da:34:
         d0:f2:31:b9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA2owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NzFCQjRBRjExMC8GA1UEBRMoRjcyQUM3NkJCMDdFNDREREM3QUM2MEU2NjMxRjFD
RDJFREYwMzVERDAeFw0yMjAzMDgwNjUxNTNaFw0yMzA0MDgwNjUxNTNaMBgxFjAU
BgNVBAMMDTYyMjZmZDBkLTFmOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtx3QgrK8cnOsi5yRZkBhs8DKXuvUyOpBisnlvmV76SZuoPr0JABnVXrmM
1AaPeVwMPpDG7XbYCN4jeJKfS3c4fE0GrAtSnJXjqeT262E0mNvCn3iSN4izMgV5
dAVzSzKeZWScPKoepU5aTU+UjTEA47+oWHU8u+ysrST+Zb9ZiC6Y4e7dy3TV6Hvs
vAvpZF0VMvcmAA68rtJv5rbhTStXwcrcud/NNodgzyR2rbY5qtDHmfTN4D4r45b3
8544tSPe/uzyN+1hngHlemNm9oHlqzoPyI1PzSARYmCzoeglODXMCgsUJv00c+Lz
kAbahQWFQq2GL2m+Y3LPP3xgE+FjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUS468
eX/RrHVP7fVqUOHezWELCy0wHwYDVR0jBBgwFoAU9yrHa7B+RN3HrGDmYx8c0u3w
Nd0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjcxQkI0LzAyRTY0NkY4MDYxRDExRUFCQzM4NjI1NkY4QUVBMjI4Lzl5ckhh
N0ItUk4zSHJHRG1ZeDhjMHUzd05kMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzl5ckhhN0ItUk4zSHJHRG1ZeDhjMHUzd05kMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjcxQkI0LzAyRTY0NkY4MDYxRDExRUFCQzM4NjI1NkY4
QUVBMjI4LzNGMDFEMzk0OUVBQzExRUM5QTY1QjNFMjVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUP4FDAwDQYJKoZIhvcN
AQELBQADggEBAAwiQw4foHPV/Fq3Vze+1bvRyasIgLiUmpaL/ofZxbIkwTwRVmRJ
EVErxftUMU9TRdUYcy1SdIU8JZzucBHIqKJKe+QiB2IZ53Xzdz5OjiY/XOidHb8b
6Zjbx95I+JrJUJxagZcLwtAb9MmYRBDtGZQU0CcQn6YLERlDdQT6UAV6vfNgP5OP
SwvHqiVqPb91WDM6hBErlInYQGq8WA5cBcZap+b9Apjret+ZuhR15hTdj1fc8ZZG
jsAaLKIPzwkwHGSkrE3mCxRpameMPj8sON2FSTwV4+gs7Pm06M8+zXK0SdkJBshr
BlycHKKGjaQAaro8W/+vqWkDmZHaNNDyMbk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:09 2024 by rpki-client on console-fra.rpki-client.org