Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
File:                     31411BA8F14D11EDA145B6434AD9E6FC.roa (raw, json)
Hash identifier:          EsUeW25vgjngCQi867dAGCrEhj4rjKMMFSZnn0fqWRg=
Subject key identifier:   16:64:49:E6:9B:4F:84:76:66:0F:B0:62:48:B9:B7:5A:07:87:20:7D
Certificate issuer:       /CN=F36750E0AF/serialNumber=1AC2711DE56051E0CD6701041D1D8204710BDDF5
Certificate serial:       10
Authority key identifier: 1A:C2:71:1D:E5:60:51:E0:CD:67:01:04:1D:1D:82:04:71:0B:DD:F5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/GsJxHeVgUeDNZwEEHR2CBHEL3fU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
Signing time:             Sat 13 May 2023 05:15:36 +0000
ROA not before:           Sat 13 May 2023 05:15:33 +0000
ROA not after:            Sat 11 May 2024 05:15:33 +0000
asID:                     328275
IP address blocks:        102.165.120.0/24 maxlen: 24
                          102.165.121.0/24 maxlen: 24
                          102.165.122.0/24 maxlen: 24
                          102.165.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36750E0AF/serialNumber=1AC2711DE56051E0CD6701041D1D8204710BDDF5
        Validity
            Not Before: May 13 05:15:33 2023 GMT
            Not After : May 11 05:15:33 2024 GMT
        Subject: CN=645f1cf8-9745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0d:1b:a5:a5:72:e9:52:57:b7:cf:e7:e3:78:
                    bf:dc:eb:ec:f8:d1:74:88:aa:de:cb:90:d4:c7:9b:
                    7f:b9:f1:b0:c9:69:db:8c:7a:20:e4:a5:67:5b:29:
                    46:68:d5:a3:55:b4:fc:5e:62:7b:ab:db:c9:c6:17:
                    75:8f:59:e6:f2:82:d6:05:ce:c2:da:76:0f:c7:92:
                    3f:87:bb:8b:d4:45:0c:af:72:b9:7c:cf:6e:76:d4:
                    f5:5c:e9:ea:59:cc:11:29:0f:37:9c:b8:89:b8:ba:
                    45:37:e1:38:59:c8:b6:11:e4:f6:15:63:c3:f5:70:
                    d8:fd:75:a2:cd:05:ee:8d:38:77:10:83:23:99:e1:
                    37:5a:c4:d6:52:60:cc:3d:6e:b9:d7:3d:7a:6d:00:
                    c0:fa:4b:51:2d:18:cb:74:68:31:9f:a7:8e:7f:1b:
                    f7:89:4d:6a:2c:57:92:10:57:df:e5:d2:12:b9:43:
                    13:8a:d5:73:f9:21:c8:07:d4:8f:b8:ba:50:a5:c6:
                    df:ea:9f:b9:81:a6:9a:af:bb:8e:5a:cb:2a:4d:05:
                    17:e0:79:b5:27:bd:ab:07:70:d6:cf:60:67:c5:75:
                    5d:12:31:7b:1a:e7:db:0e:17:82:ed:84:8f:a0:4f:
                    43:03:1a:87:e7:72:1b:4f:2b:38:02:bf:f0:d7:8f:
                    41:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:64:49:E6:9B:4F:84:76:66:0F:B0:62:48:B9:B7:5A:07:87:20:7D
            X509v3 Authority Key Identifier:
                keyid:1A:C2:71:1D:E5:60:51:E0:CD:67:01:04:1D:1D:82:04:71:0B:DD:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/GsJxHeVgUeDNZwEEHR2CBHEL3fU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GsJxHeVgUeDNZwEEHR2CBHEL3fU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3e:6e:b6:18:11:47:4f:66:ac:6e:75:5a:05:7c:c9:2c:23:48:
         98:76:fd:79:d4:64:0a:70:ba:b9:04:96:af:1b:a7:8a:c6:a2:
         85:e0:bc:28:4e:ae:ad:e9:78:ca:29:67:0b:9f:18:e9:f0:d1:
         e2:fe:c7:04:9c:1e:7e:e9:7b:68:c3:dc:3b:cb:6a:74:cc:f3:
         16:1e:fb:f2:24:ab:cd:a6:64:07:87:45:7f:3c:15:46:23:af:
         2e:99:0e:7a:8a:f1:a5:6d:52:ad:f0:2c:29:c1:cd:a9:83:98:
         d5:d7:cd:f4:33:a0:f8:8d:f7:13:b7:5a:1d:69:30:c9:f8:b3:
         6d:09:49:3d:10:6a:95:3f:cd:d5:0e:e8:51:fd:28:3f:4d:bd:
         e1:28:2d:36:b0:d5:e5:b9:dc:2f:18:62:71:81:92:5b:69:12:
         6a:89:90:4d:b7:e7:8e:70:d4:be:44:cf:c1:76:b9:65:59:50:
         0b:fb:00:b1:18:44:9f:fb:d4:b4:e1:a4:6a:e2:73:7c:ea:4a:
         d1:8c:6c:2b:5d:64:ba:be:73:26:a9:60:4f:72:29:1d:8c:ad:
         91:8c:54:aa:7e:2b:c6:90:7c:48:f1:9f:85:c2:61:ee:9f:93:
         ca:60:a7:0b:6c:88:ba:e5:fe:6e:bd:2e:ec:aa:e2:5f:36:6c:
         49:ec:eb:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTBFMEFGMTEwLwYDVQQFEygxQUMyNzExREU1NjA1MUUwQ0Q2NzAxMDQxRDFEODIw
NDcxMEJEREY1MB4XDTIzMDUxMzA1MTUzM1oXDTI0MDUxMTA1MTUzM1owGDEWMBQG
A1UEAxMNNjQ1ZjFjZjgtOTc0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcNG6WlculSV7fP5+N4v9zr7PjRdIiq3suQ1Mebf7nxsMlp24x6IOSlZ1sp
RmjVo1W0/F5ie6vbycYXdY9Z5vKC1gXOwtp2D8eSP4e7i9RFDK9yuXzPbnbU9Vzp
6lnMESkPN5y4ibi6RTfhOFnIthHk9hVjw/Vw2P11os0F7o04dxCDI5nhN1rE1lJg
zD1uudc9em0AwPpLUS0Yy3RoMZ+njn8b94lNaixXkhBX3+XSErlDE4rVc/khyAfU
j7i6UKXG3+qfuYGmmq+7jlrLKk0FF+B5tSe9qwdw1s9gZ8V1XRIxexrn2w4Xgu2E
j6BPQwMah+dyG08rOAK/8NePQc8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQWZEnm
m0+EdmYPsGJIubdaB4cgfTAfBgNVHSMEGDAWgBQawnEd5WBR4M1nAQQdHYIEcQvd
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzUwRTAvRjFBMEJGMzRFQkQ1MTFFREE0QkFBNzJBNEFEOUU2RkMvR3NKeEhl
VmdVZUROWndFRUhSMkNCSEVMM2ZVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR3NKeEhlVmdVZUROWndFRUhSMkNCSEVMM2ZVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzUwRTAvRjFBMEJGMzRFQkQ1MTFFREE0QkFBNzJBNEFE
OUU2RkMvMzE0MTFCQThGMTREMTFFREExNDVCNjQzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaleDANBgkqhkiG9w0BAQsF
AAOCAQEAPm62GBFHT2asbnVaBXzJLCNImHb9edRkCnC6uQSWrxunisaiheC8KE6u
rel4yilnC58Y6fDR4v7HBJweful7aMPcO8tqdMzzFh778iSrzaZkB4dFfzwVRiOv
LpkOeorxpW1SrfAsKcHNqYOY1dfN9DOg+I33E7daHWkwyfizbQlJPRBqlT/N1Q7o
Uf0oP0294SgtNrDV5bncLxhicYGSW2kSaomQTbfnjnDUvkTPwXa5ZVlQC/sAsRhE
n/vUtOGkauJzfOpK0YxsK11kur5zJqlgT3IpHYytkYxUqn4rxpB8SPGfhcJh7p+T
ymCnC2yIuuX+br0u7KriXzZsSezr2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-ams.rpki-client.org