Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/82D8B7282FB411EE9EA5397E4AD9E6FC.roa
File:                     82D8B7282FB411EE9EA5397E4AD9E6FC.roa (raw, json)
Hash identifier:          sgnbdRWwq4QY4fdFo3d0e69cth49fQ8T5xlIdhVY+S8=
Subject key identifier:   CF:0F:E2:FC:33:3F:23:F3:39:29:FD:CC:C1:F6:0E:EB:B6:C6:14:69
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       03A5
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/82D8B7282FB411EE9EA5397E4AD9E6FC.roa
Signing time:             Mon 31 Jul 2023 15:11:23 +0000
ROA not before:           Mon 31 Jul 2023 15:11:19 +0000
ROA not after:            Wed 31 Jul 2024 15:11:19 +0000
asID:                     174
IP address blocks:        102.177.146.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 933 (0x3a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Jul 31 15:11:19 2023 GMT
            Not After : Jul 31 15:11:19 2024 GMT
        Subject: CN=64c7cf1b-6c1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:dc:39:a1:ef:b1:7c:29:82:c5:39:17:94:86:
                    d7:25:70:13:7a:eb:0d:2e:bd:de:7d:b9:3f:f2:38:
                    40:1b:14:88:b3:70:90:d8:23:7e:f1:0a:1f:fd:e3:
                    4a:f4:72:c2:59:e6:30:61:1b:62:b5:5b:2f:51:41:
                    8e:21:d2:c1:3f:cc:91:a7:27:06:b0:07:34:c2:89:
                    d6:11:71:07:38:07:6c:c7:98:89:3c:dd:3b:42:ea:
                    09:af:b0:e4:fe:1d:b6:9f:1b:1b:9b:a1:b9:87:bf:
                    aa:dd:b2:a9:96:f2:1e:e3:e3:6d:27:bb:51:2c:a4:
                    1f:83:b3:6b:51:65:4c:59:3d:fe:52:d1:60:f6:90:
                    75:fa:fe:60:eb:af:02:2f:97:20:f7:3c:5e:b0:1b:
                    82:64:a5:e5:fc:b3:ed:32:cb:0e:3f:91:49:ef:ae:
                    a7:b4:cb:da:c1:88:0c:e0:10:3f:35:dd:f7:ee:2d:
                    01:7a:8b:7b:eb:81:7a:bd:7c:d6:e6:c2:d2:3d:6c:
                    f5:2e:98:a8:90:9f:4f:bd:a4:e5:66:bf:ba:87:76:
                    d3:1b:26:db:70:62:d3:09:7f:ff:11:a0:90:e0:cd:
                    5f:30:12:3a:2c:8a:6c:39:3f:81:d1:d8:2f:25:b6:
                    66:7b:9b:cb:8b:15:7e:83:b4:9f:79:21:22:7f:59:
                    85:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:0F:E2:FC:33:3F:23:F3:39:29:FD:CC:C1:F6:0E:EB:B6:C6:14:69
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/82D8B7282FB411EE9EA5397E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1a:2a:38:0b:6b:21:73:c8:b3:80:94:28:7d:88:da:2a:2c:27:
         0c:5a:55:f9:52:2c:8b:d0:e0:65:ed:ce:30:80:e9:10:8a:6e:
         97:9d:ed:2e:a3:fc:6d:15:b3:3d:ec:4f:ea:4e:ed:33:56:f2:
         f9:30:57:d9:c7:f4:84:61:b4:83:3a:cd:b5:a2:48:27:4e:b5:
         41:0b:b2:be:95:27:1e:e5:e7:06:5f:b2:c6:80:12:18:b7:ea:
         8e:41:bb:cd:fd:8f:af:b8:23:a5:44:ff:db:7b:c2:72:89:18:
         4a:66:3b:80:79:63:c1:2e:57:db:33:79:29:6e:4e:3f:e8:3c:
         3c:54:f0:fc:75:bb:3e:2b:1b:9c:0f:6b:64:17:a5:81:6f:47:
         2d:bb:ee:8d:80:10:10:73:50:d0:75:29:b7:86:ee:7a:09:2a:
         33:ad:fe:e4:7c:13:55:b2:8e:e3:82:15:7c:e2:b8:3d:ad:97:
         b9:85:1c:bb:6e:45:46:40:ab:88:6e:7d:49:02:1b:62:97:89:
         48:f1:40:29:f5:dd:de:c4:9e:e7:ed:4a:cf:99:e1:d2:ab:3a:
         8d:98:54:c9:e2:4e:e5:e5:56:2c:d3:d8:c1:59:a6:07:de:3d:
         5e:a2:96:4c:e4:a6:bb:39:98:31:92:65:91:35:8c:fb:98:ca:
         75:62:a6:4b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA6UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMzA3MzExNTExMTlaFw0yNDA3MzExNTExMTlaMBgxFjAU
BgNVBAMTDTY0YzdjZjFiLTZjMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDc3Dmh77F8KYLFOReUhtclcBN66w0uvd59uT/yOEAbFIizcJDYI37xCh/9
40r0csJZ5jBhG2K1Wy9RQY4h0sE/zJGnJwawBzTCidYRcQc4B2zHmIk83TtC6gmv
sOT+HbafGxubobmHv6rdsqmW8h7j420nu1EspB+Ds2tRZUxZPf5S0WD2kHX6/mDr
rwIvlyD3PF6wG4JkpeX8s+0yyw4/kUnvrqe0y9rBiAzgED813ffuLQF6i3vrgXq9
fNbmwtI9bPUumKiQn0+9pOVmv7qHdtMbJttwYtMJf/8RoJDgzV8wEjosimw5P4HR
2C8ltmZ7m8uLFX6DtJ95ISJ/WYVRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzw/i
/DM/I/M5Kf3MwfYO67bGFGkwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzgyRDhCNzI4MkZCNDExRUU5RUE1Mzk3RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFmsZIwDQYJKoZIhvcNAQEL
BQADggEBABoqOAtrIXPIs4CUKH2I2iosJwxaVflSLIvQ4GXtzjCA6RCKbped7S6j
/G0Vsz3sT+pO7TNW8vkwV9nH9IRhtIM6zbWiSCdOtUELsr6VJx7l5wZfssaAEhi3
6o5Bu839j6+4I6VE/9t7wnKJGEpmO4B5Y8EuV9szeSluTj/oPDxU8Px1uz4rG5wP
a2QXpYFvRy277o2AEBBzUNB1KbeG7noJKjOt/uR8E1WyjuOCFXziuD2tl7mFHLtu
RUZAq4hufUkCG2KXiUjxQCn13d7EnuftSs+Z4dKrOo2YVMniTuXlVizT2MFZpgfe
PV6ilkzkprs5mDGSZZE1jPuYynVipks=
-----END CERTIFICATE-----
Generated at Thu Aug 1 04:13:05 2024 by rpki-client on console-fra.rpki-client.org