Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/912F27086F4C11EEB861E31F4AD9E6FC.roa
File:                     912F27086F4C11EEB861E31F4AD9E6FC.roa (raw, json)
Hash identifier:          bn06IATwXQ28gv7VE9wxobeunyD6tiXCI3QQfB87D0c=
Subject key identifier:   19:07:CE:AB:70:11:8E:A1:A8:A8:49:CC:9B:75:A0:0C:5E:67:1B:64
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       0404
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/912F27086F4C11EEB861E31F4AD9E6FC.roa
Signing time:             Fri 20 Oct 2023 13:28:34 +0000
ROA not before:           Fri 20 Oct 2023 13:28:31 +0000
ROA not after:            Mon 01 Jul 2024 13:28:31 +0000
asID:                     22724
IP address blocks:        102.177.166.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1028 (0x404)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Oct 20 13:28:31 2023 GMT
            Not After : Jul  1 13:28:31 2024 GMT
        Subject: CN=65328082-2ec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:da:5d:7a:d0:4e:81:a8:c9:2d:e0:e8:65:ac:
                    55:36:a2:e9:52:0e:29:6c:78:35:bc:51:89:09:0c:
                    0c:92:f3:a6:2d:53:34:8c:70:d4:73:af:29:ea:03:
                    bc:68:fc:8a:f6:28:27:44:84:a0:d9:87:a9:53:f7:
                    6c:b2:cb:20:26:86:6f:0e:d2:df:dd:d3:9f:8d:d2:
                    40:c8:ac:6e:b1:b3:68:30:a6:74:30:cc:2a:44:c9:
                    2d:32:eb:49:1e:c3:99:f9:4e:5f:ca:4b:a7:c0:7e:
                    74:19:0b:c3:23:1a:65:30:78:e9:7c:5d:b8:50:3b:
                    ef:53:ed:0c:9e:0e:aa:96:fc:fc:4d:a5:ed:1c:34:
                    f6:7f:9e:80:6b:be:35:95:ba:60:f8:3f:3c:ac:c2:
                    c1:8f:8d:ac:f4:d9:82:b7:9a:56:5a:c0:8c:e7:da:
                    99:1c:61:a7:cc:cd:ce:2e:da:5f:c2:7d:c6:25:06:
                    27:05:63:87:dd:ab:25:bc:55:ee:dc:e4:31:c7:6c:
                    f2:97:a5:be:9e:3d:2b:f7:5b:f2:3d:fe:f4:55:a8:
                    40:d5:f9:dd:16:4f:1f:84:83:11:bf:83:1e:ca:d7:
                    5c:9f:92:a5:32:77:f9:fd:c3:fc:5a:4d:89:a4:17:
                    25:1b:12:64:a5:5c:a7:33:ad:83:9e:fd:7a:ba:96:
                    2f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:07:CE:AB:70:11:8E:A1:A8:A8:49:CC:9B:75:A0:0C:5E:67:1B:64
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/912F27086F4C11EEB861E31F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:8f:fd:4b:04:20:03:fb:2e:6e:e9:22:f6:20:75:7b:d8:d2:
         7b:f8:a8:f7:37:fc:8f:75:db:51:df:8c:ca:e9:cd:49:56:42:
         3f:8f:c6:68:a5:43:15:b7:79:46:08:8b:83:d7:4e:30:3c:05:
         e0:c4:3b:e1:c6:f5:13:96:a3:48:d5:b4:db:09:97:85:9d:a7:
         c9:04:61:31:e5:ee:fd:b2:d6:0e:3d:2d:21:13:3c:b8:eb:4f:
         b4:a8:17:b2:4f:e0:05:51:37:c0:8f:1f:e5:c3:bb:ea:ad:6c:
         f7:8f:e6:14:7a:cf:a8:92:fe:92:15:df:4e:79:da:9c:ac:73:
         a9:e3:20:36:91:a2:bb:b6:ba:2b:29:19:80:13:8b:a5:b5:66:
         01:7c:52:b6:ed:d7:50:03:60:4b:f2:ea:6b:8c:fe:fa:8e:9e:
         46:9c:b3:62:5e:ff:97:63:69:13:ff:a6:d4:26:94:a8:3d:10:
         84:84:c2:da:95:55:4a:de:61:7e:5e:23:0a:ff:16:d3:0b:0a:
         99:09:ff:35:ba:2b:1c:7e:96:e8:5e:60:ff:23:17:9a:06:80:
         ea:64:8e:0c:2a:d8:c3:89:f4:1b:b9:c1:30:4f:f7:91:27:11:
         af:a4:be:65:e9:11:f6:de:00:57:57:e2:1b:7e:7f:77:96:b6:
         42:37:10:6b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBAQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMzEwMjAxMzI4MzFaFw0yNDA3MDExMzI4MzFaMBgxFjAU
BgNVBAMTDTY1MzI4MDgyLTJlYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDF2l160E6BqMkt4OhlrFU2oulSDilseDW8UYkJDAyS86YtUzSMcNRzrynq
A7xo/Ir2KCdEhKDZh6lT92yyyyAmhm8O0t/d05+N0kDIrG6xs2gwpnQwzCpEyS0y
60kew5n5Tl/KS6fAfnQZC8MjGmUweOl8XbhQO+9T7QyeDqqW/PxNpe0cNPZ/noBr
vjWVumD4PzyswsGPjaz02YK3mlZawIzn2pkcYafMzc4u2l/CfcYlBicFY4fdqyW8
Ve7c5DHHbPKXpb6ePSv3W/I9/vRVqEDV+d0WTx+EgxG/gx7K11yfkqUyd/n9w/xa
TYmkFyUbEmSlXKczrYOe/Xq6li/NAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGQfO
q3ARjqGoqEnMm3WgDF5nG2QwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzkxMkYyNzA4NkY0QzExRUVCODYxRTMxRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsaYwDQYJKoZIhvcNAQEL
BQADggEBACyP/UsEIAP7Lm7pIvYgdXvY0nv4qPc3/I9121HfjMrpzUlWQj+Pxmil
QxW3eUYIi4PXTjA8BeDEO+HG9ROWo0jVtNsJl4Wdp8kEYTHl7v2y1g49LSETPLjr
T7SoF7JP4AVRN8CPH+XDu+qtbPeP5hR6z6iS/pIV30552pysc6njIDaRoru2uisp
GYATi6W1ZgF8Urbt11ADYEvy6muM/vqOnkacs2Je/5djaRP/ptQmlKg9EISEwtqV
VUreYX5eIwr/FtMLCpkJ/zW6Kxx+luheYP8jF5oGgOpkjgwq2MOJ9Bu5wTBP95En
Ea+kvmXpEfbeAFdX4ht+f3eWtkI3EGs=
-----END CERTIFICATE-----
Generated at Tue Jul 2 02:55:36 2024 by rpki-client on console-fra.rpki-client.org