Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/AD4AD8CE2FB411EEB2C0C47E4AD9E6FC.roa
File:                     AD4AD8CE2FB411EEB2C0C47E4AD9E6FC.roa (raw, json)
Hash identifier:          vi/rPJP+Q2LNos2FsKX+kP3U6WtvEixNsoNMCMq13DI=
Subject key identifier:   D3:8B:91:E0:1F:97:23:BC:E9:43:A1:83:64:CD:D8:DF:8C:C4:B5:6D
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       03A7
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/AD4AD8CE2FB411EEB2C0C47E4AD9E6FC.roa
Signing time:             Mon 31 Jul 2023 15:12:34 +0000
ROA not before:           Mon 31 Jul 2023 15:12:31 +0000
ROA not after:            Wed 31 Jul 2024 15:12:31 +0000
asID:                     174
IP address blocks:        102.177.152.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 935 (0x3a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Jul 31 15:12:31 2023 GMT
            Not After : Jul 31 15:12:31 2024 GMT
        Subject: CN=64c7cf62-e5b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a1:5f:bd:7b:a7:e8:2f:86:b7:01:57:ce:11:
                    83:39:d3:72:82:06:5b:e4:b6:ee:44:27:cc:2e:7c:
                    10:f3:60:08:20:dd:56:db:32:3b:e3:00:ec:5e:3d:
                    35:be:38:c2:be:15:f4:cf:38:b0:f5:97:d6:33:be:
                    f4:1b:23:88:44:d8:96:d1:a4:5c:b4:a3:4e:79:32:
                    af:67:1c:0f:e9:c1:66:39:e3:7a:51:d5:3a:79:90:
                    02:7f:a8:c6:10:42:26:fb:c3:3a:9f:de:4f:f3:1a:
                    43:96:f7:76:54:2f:1b:33:8c:80:a1:61:a8:09:16:
                    15:5a:fb:3a:af:cf:24:4f:00:ab:b7:40:98:10:8e:
                    33:76:7f:72:ed:0f:e0:9b:d0:5e:fb:f8:88:d2:13:
                    60:5a:8a:34:5d:0e:49:08:47:9e:97:15:ab:49:54:
                    ee:fa:e7:56:24:d4:40:a4:5b:1a:d6:fb:a5:e0:04:
                    9d:4f:1c:7c:1c:de:7a:be:5e:a9:ad:7d:92:18:4a:
                    86:65:72:cb:b5:c1:98:ce:5d:90:02:e7:c6:c5:a5:
                    47:f1:e9:59:7e:4c:8c:c3:42:76:7d:29:95:f7:d2:
                    2e:75:d8:e3:cc:fb:54:9a:f9:0e:d2:fd:7d:47:5c:
                    a1:46:30:11:d8:cd:ef:97:da:e3:c4:a8:9f:72:23:
                    80:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:8B:91:E0:1F:97:23:BC:E9:43:A1:83:64:CD:D8:DF:8C:C4:B5:6D
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/AD4AD8CE2FB411EEB2C0C47E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         27:d2:21:8e:9b:27:c2:2f:3b:a5:02:41:54:ae:36:f4:75:cc:
         9d:1b:63:ca:ad:0f:48:c5:d3:e2:62:64:34:38:31:1a:4f:5b:
         31:a3:95:90:a0:fb:1f:40:be:6c:e6:6b:85:85:a1:7a:12:0b:
         e9:57:2a:c3:bf:cd:4a:11:f1:08:67:3c:e7:cd:ec:c2:25:a1:
         2e:df:fa:0b:45:fc:f7:81:8d:d6:72:6c:6a:f4:5d:72:03:3f:
         5e:40:5e:f9:48:7a:8a:ba:ac:78:ae:fb:a0:aa:e7:13:85:24:
         eb:92:7d:3d:70:71:ef:9f:7f:c5:c5:73:ef:e0:06:d3:39:ec:
         80:1d:6d:77:e4:d8:07:2e:1d:0f:cb:ec:d7:c1:00:a2:8e:60:
         9b:0e:47:31:dc:d3:9a:c3:07:09:c1:7d:04:d5:ae:db:0a:b5:
         7f:ee:6f:24:05:57:fe:1c:ba:37:ff:d7:1b:82:1b:67:04:30:
         59:76:cb:ca:74:34:8c:7f:fb:84:1d:01:86:ee:f6:7f:9a:14:
         37:ab:2b:31:4d:83:07:ae:f8:b0:a0:26:5f:ef:5a:cf:2c:21:
         b2:58:e9:ed:25:16:45:08:b2:fb:e1:20:4f:46:ee:03:af:7c:
         3c:a9:4a:fb:49:bb:b1:94:28:91:49:7c:ac:ae:df:95:5c:14:
         30:32:f7:b5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA6cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMzA3MzExNTEyMzFaFw0yNDA3MzExNTEyMzFaMBgxFjAU
BgNVBAMTDTY0YzdjZjYyLWU1YjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzoV+9e6foL4a3AVfOEYM503KCBlvktu5EJ8wufBDzYAgg3VbbMjvjAOxe
PTW+OMK+FfTPOLD1l9YzvvQbI4hE2JbRpFy0o055Mq9nHA/pwWY543pR1Tp5kAJ/
qMYQQib7wzqf3k/zGkOW93ZULxszjIChYagJFhVa+zqvzyRPAKu3QJgQjjN2f3Lt
D+Cb0F77+IjSE2BaijRdDkkIR56XFatJVO7651Yk1ECkWxrW+6XgBJ1PHHwc3nq+
XqmtfZIYSoZlcsu1wZjOXZAC58bFpUfx6Vl+TIzDQnZ9KZX30i512OPM+1Sa+Q7S
/X1HXKFGMBHYze+X2uPEqJ9yI4B1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU04uR
4B+XI7zpQ6GDZM3Y34zEtW0wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4L0FENEFEOENFMkZCNDExRUVCMkMwQzQ3RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANmsZgwDQYJKoZIhvcNAQEL
BQADggEBACfSIY6bJ8IvO6UCQVSuNvR1zJ0bY8qtD0jF0+JiZDQ4MRpPWzGjlZCg
+x9Avmzma4WFoXoSC+lXKsO/zUoR8QhnPOfN7MIloS7f+gtF/PeBjdZybGr0XXID
P15AXvlIeoq6rHiu+6Cq5xOFJOuSfT1wce+ff8XFc+/gBtM57IAdbXfk2AcuHQ/L
7NfBAKKOYJsORzHc05rDBwnBfQTVrtsKtX/ubyQFV/4cujf/1xuCG2cEMFl2y8p0
NIx/+4QdAYbu9n+aFDerKzFNgweu+LCgJl/vWs8sIbJY6e0lFkUIsvvhIE9G7gOv
fDypSvtJu7GUKJFJfKyu35VcFDAy97U=
-----END CERTIFICATE-----
Generated at Thu Aug 1 04:29:55 2024 by rpki-client on console-ams.rpki-client.org