Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EC4117EA90EB11ED9DF267F6F1222468.roa
File:                     EC4117EA90EB11ED9DF267F6F1222468.roa (raw, json)
Hash identifier:          p1EhXuosNN2V802qeB6EFy0X33UxdvorGqkf7rrfjXc=
Subject key identifier:   A7:EB:D5:9E:00:06:E2:21:B9:01:67:C5:3D:83:6F:91:1B:FD:A3:53
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0B6C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EC4117EA90EB11ED9DF267F6F1222468.roa
Signing time:             Tue 10 Jan 2023 13:37:27 +0000
ROA not before:           Tue 10 Jan 2023 13:37:24 +0000
ROA not after:            Wed 10 Jan 2024 13:37:24 +0000
asID:                     35913
IP address blocks:        154.16.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2924 (0xb6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 10 13:37:24 2023 GMT
            Not After : Jan 10 13:37:24 2024 GMT
        Subject: CN=63bd6a17-0686
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b4:1f:35:3d:74:ba:bc:72:48:09:b7:58:5f:
                    5e:fc:f5:5b:6f:e2:4e:a7:ad:d4:41:02:34:f8:5d:
                    cb:b1:dd:df:3a:f8:45:48:04:42:81:6e:5b:a0:23:
                    80:90:cb:40:1d:85:cf:62:b4:97:39:27:15:ce:bf:
                    fa:71:4a:c4:d3:69:60:c0:52:e5:8e:59:39:17:9b:
                    0b:72:5d:dd:95:2d:32:f7:04:be:75:cb:2f:31:88:
                    50:9b:56:18:79:a6:fd:8f:be:6a:9e:c1:fc:cf:c9:
                    e8:fd:b5:f8:6f:29:98:27:ab:84:d4:35:9e:85:65:
                    ab:22:d1:11:b2:8c:d4:38:60:34:eb:a8:87:a6:df:
                    31:21:13:d8:97:94:60:7d:5c:fb:47:46:07:25:00:
                    31:68:89:36:8e:84:54:8c:24:dd:26:ee:49:67:15:
                    cf:54:68:25:c1:c0:b6:cf:0c:38:cd:c0:ee:50:8b:
                    6b:95:df:20:bb:55:6e:fc:79:d0:e1:cb:fb:a1:62:
                    97:9c:f0:da:19:5b:6c:d4:ab:f8:10:33:25:f9:dc:
                    6d:1b:67:05:88:b3:aa:41:df:8e:2e:ae:c9:c8:d2:
                    f6:5d:0a:11:d7:19:51:0d:d5:72:84:9d:71:7d:21:
                    cc:b3:01:40:8f:d4:86:81:ac:2a:78:2e:13:d0:fd:
                    79:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:EB:D5:9E:00:06:E2:21:B9:01:67:C5:3D:83:6F:91:1B:FD:A3:53
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EC4117EA90EB11ED9DF267F6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:be:8b:ed:6f:62:ac:58:92:1f:7e:b6:1d:cf:f9:f8:5b:02:
         0e:75:06:d1:3a:62:84:ea:a0:8c:a6:ce:9d:e7:d8:bc:c3:0b:
         b5:06:62:f5:c9:56:13:c5:c1:61:4f:ba:52:0c:cc:e0:2e:06:
         12:94:33:80:f1:5a:bc:80:52:3a:92:85:c3:05:4d:93:06:cf:
         36:11:0f:51:66:c4:4b:8d:ce:36:f2:d4:a4:74:44:ed:93:cd:
         74:26:f2:eb:89:33:01:67:33:7f:d9:04:0e:40:60:fd:98:3f:
         15:c7:6e:7c:bc:24:57:b1:86:ba:ad:94:38:e3:30:68:f2:48:
         43:23:af:35:db:ee:15:03:58:40:fa:eb:e2:42:85:47:6e:86:
         3c:cf:79:8e:37:e8:87:92:9b:ec:ee:e8:9f:f4:c3:a6:e5:26:
         ee:d3:f2:83:e2:e8:79:e3:29:82:a4:01:29:fb:34:f6:08:0e:
         73:a8:4c:00:28:2f:59:9f:f7:3f:0c:f7:f4:b9:d5:f1:8a:27:
         76:24:69:9a:be:8c:b1:cc:17:7c:6a:de:c9:ff:b1:60:5f:dd:
         b3:da:1d:9a:60:cd:7a:33:63:ab:de:37:cf:ce:26:fb:4b:1a:
         60:3b:ea:05:cd:48:57:6d:0b:3c:d3:b5:9d:69:9e:0c:fd:d6:
         36:cc:b0:90
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC2wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAxMTAxMzM3MjRaFw0yNDAxMTAxMzM3MjRaMBgxFjAU
BgNVBAMMDTYzYmQ2YTE3LTA2ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/tB81PXS6vHJICbdYX1789Vtv4k6nrdRBAjT4Xcux3d86+EVIBEKBblug
I4CQy0Adhc9itJc5JxXOv/pxSsTTaWDAUuWOWTkXmwtyXd2VLTL3BL51yy8xiFCb
Vhh5pv2PvmqewfzPyej9tfhvKZgnq4TUNZ6FZasi0RGyjNQ4YDTrqIem3zEhE9iX
lGB9XPtHRgclADFoiTaOhFSMJN0m7klnFc9UaCXBwLbPDDjNwO5Qi2uV3yC7VW78
edDhy/uhYpec8NoZW2zUq/gQMyX53G0bZwWIs6pB344ursnI0vZdChHXGVEN1XKE
nXF9IcyzAUCP1IaBrCp4LhPQ/Xl5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUp+vV
ngAG4iG5AWfFPYNvkRv9o1MwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VDNDExN0VBOTBFQjExRUQ5REYyNjdGNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJgwDQYJKoZIhvcNAQEL
BQADggEBAJu+i+1vYqxYkh9+th3P+fhbAg51BtE6YoTqoIymzp3n2LzDC7UGYvXJ
VhPFwWFPulIMzOAuBhKUM4DxWryAUjqShcMFTZMGzzYRD1FmxEuNzjby1KR0RO2T
zXQm8uuJMwFnM3/ZBA5AYP2YPxXHbny8JFexhrqtlDjjMGjySEMjrzXb7hUDWED6
6+JChUduhjzPeY436IeSm+zu6J/0w6blJu7T8oPi6HnjKYKkASn7NPYIDnOoTAAo
L1mf9z8M9/S51fGKJ3YkaZq+jLHMF3xq3sn/sWBf3bPaHZpgzXozY6veN8/OJvtL
GmA76gXNSFdtCzzTtZ1pngz91jbMsJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:41 2024 by rpki-client on console-ams.rpki-client.org