Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/FE3219F06F8311EE9CFDEF494AD9E6FC.roa
File:                     FE3219F06F8311EE9CFDEF494AD9E6FC.roa (raw, json)
Hash identifier:          x8rcZYCQO6VkKh3g7Rs360ZYiJBa03ddfX8b9F27Kcg=
Subject key identifier:   F5:77:C8:09:DA:F1:C1:AD:EE:9E:10:33:BC:9D:F8:0A:34:5B:BF:98
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       040C
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/FE3219F06F8311EE9CFDEF494AD9E6FC.roa
Signing time:             Fri 20 Oct 2023 20:05:19 +0000
ROA not before:           Fri 20 Oct 2023 20:05:16 +0000
ROA not after:            Mon 01 Jul 2024 20:05:16 +0000
asID:                     22724
IP address blocks:        102.177.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1036 (0x40c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Oct 20 20:05:16 2023 GMT
            Not After : Jul  1 20:05:16 2024 GMT
        Subject: CN=6532dd7f-b1a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7d:b8:f8:a5:76:46:60:98:fa:9e:40:58:1f:
                    71:56:ff:36:59:46:57:54:ea:9d:1c:20:e7:0e:c2:
                    2a:24:d3:ff:b0:b7:fc:fd:c2:c9:56:ea:d1:96:41:
                    ef:21:6e:d7:c3:0e:2d:9c:f0:de:c1:fb:df:e0:3f:
                    20:69:20:4d:35:a1:1e:7f:8a:85:47:d4:67:aa:4f:
                    a1:56:ec:5b:cc:78:a8:5a:82:48:f3:08:a1:c4:b4:
                    fc:a9:84:99:53:2c:c3:bb:1a:31:93:5e:c6:8a:76:
                    62:88:9e:6a:03:09:03:dc:06:ba:be:b3:92:61:ee:
                    e6:fb:e1:5c:f0:ab:05:87:78:5a:f9:3f:eb:52:2a:
                    b3:4e:af:c4:0a:cd:31:3c:58:93:10:f6:a7:96:df:
                    53:48:66:12:30:7e:68:43:bf:d9:20:3e:d1:ca:a0:
                    62:c7:12:59:c9:b5:d5:68:8c:d1:20:bc:2f:41:da:
                    2b:44:69:a5:05:c2:59:43:a5:79:79:db:2f:76:8c:
                    b2:72:47:dc:62:12:0a:66:c6:96:b1:9e:42:6c:96:
                    99:66:2d:10:aa:da:50:70:cc:a0:d2:08:c4:c7:7b:
                    ce:be:f3:f7:cb:d6:bd:61:81:9e:06:8d:ee:36:04:
                    10:c9:b8:02:09:ea:5e:3b:e6:3e:5f:b8:ae:0b:ff:
                    42:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:77:C8:09:DA:F1:C1:AD:EE:9E:10:33:BC:9D:F8:0A:34:5B:BF:98
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/FE3219F06F8311EE9CFDEF494AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:85:49:b8:a6:94:4e:f8:4c:92:62:d6:77:e2:27:b3:7d:f0:
         a6:3f:84:d2:6e:ab:f5:b6:ec:cc:58:ba:92:d7:b8:e7:c9:c3:
         42:33:bd:7b:a0:24:b4:38:c1:7c:ee:61:fd:f5:5f:bf:19:bc:
         b9:1f:a2:92:ef:15:d0:43:9f:50:8a:55:f1:3f:97:f6:07:f0:
         ff:e7:7e:e1:ab:e6:85:91:28:49:4e:ed:21:33:86:b7:74:54:
         a8:74:26:4e:aa:51:12:9c:66:eb:46:5c:51:5a:96:ef:b2:16:
         54:7b:e9:6e:d0:8f:7a:11:40:0a:0e:f2:0f:a0:2f:74:17:43:
         18:df:b4:f3:2b:b9:23:5d:68:4d:55:35:2f:7a:81:a2:72:c8:
         6a:11:b0:18:63:19:b1:73:92:3a:48:c0:8f:40:59:1c:bf:58:
         85:ad:f7:85:2a:e7:03:8b:a9:b2:9d:1f:61:78:ca:6f:2a:80:
         14:1c:1c:72:d0:49:86:b4:71:98:f3:e2:3d:74:46:1e:9b:a7:
         7a:ab:a2:35:f8:0b:31:5c:d5:03:4f:13:90:3a:86:13:41:c7:
         28:ff:11:ce:89:ad:72:f3:87:8b:19:7e:e6:b2:0d:4c:8d:18:
         0f:fe:0e:ad:69:ea:f4:bf:5f:88:11:91:68:c8:64:60:11:e4:
         c0:b4:85:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBAwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMzEwMjAyMDA1MTZaFw0yNDA3MDEyMDA1MTZaMBgxFjAU
BgNVBAMTDTY1MzJkZDdmLWIxYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCdfbj4pXZGYJj6nkBYH3FW/zZZRldU6p0cIOcOwiok0/+wt/z9wslW6tGW
Qe8hbtfDDi2c8N7B+9/gPyBpIE01oR5/ioVH1GeqT6FW7FvMeKhagkjzCKHEtPyp
hJlTLMO7GjGTXsaKdmKInmoDCQPcBrq+s5Jh7ub74VzwqwWHeFr5P+tSKrNOr8QK
zTE8WJMQ9qeW31NIZhIwfmhDv9kgPtHKoGLHElnJtdVojNEgvC9B2itEaaUFwllD
pXl52y92jLJyR9xiEgpmxpaxnkJslplmLRCq2lBwzKDSCMTHe86+8/fL1r1hgZ4G
je42BBDJuAIJ6l475j5fuK4L/0J9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9XfI
Cdrxwa3unhAzvJ34CjRbv5gwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4L0ZFMzIxOUYwNkY4MzExRUU5Q0ZERUY0OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsa4wDQYJKoZIhvcNAQEL
BQADggEBAGuFSbimlE74TJJi1nfiJ7N98KY/hNJuq/W27MxYupLXuOfJw0IzvXug
JLQ4wXzuYf31X78ZvLkfopLvFdBDn1CKVfE/l/YH8P/nfuGr5oWRKElO7SEzhrd0
VKh0Jk6qURKcZutGXFFalu+yFlR76W7Qj3oRQAoO8g+gL3QXQxjftPMruSNdaE1V
NS96gaJyyGoRsBhjGbFzkjpIwI9AWRy/WIWt94Uq5wOLqbKdH2F4ym8qgBQcHHLQ
SYa0cZjz4j10Rh6bp3qrojX4CzFc1QNPE5A6hhNBxyj/Ec6JrXLzh4sZfuayDUyN
GA/+Dq1p6vS/X4gRkWjIZGAR5MC0hQQ=
-----END CERTIFICATE-----
Generated at Tue Jul 2 02:37:42 2024 by rpki-client on console-ams.rpki-client.org