Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295CF14C3A4911EEAA81DF124AD9E6FC.roa
File:                     295CF14C3A4911EEAA81DF124AD9E6FC.roa (raw, json)
Hash identifier:          uggp7WfrUAljEDbHqLoltLqXODkth/b1DyM1crqoWIk=
Subject key identifier:   75:9C:61:CA:83:B2:5F:B6:05:E5:D4:56:EE:C2:7C:38:7D:C7:CF:7F
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       352C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295CF14C3A4911EEAA81DF124AD9E6FC.roa
Signing time:             Mon 14 Aug 2023 02:20:40 +0000
ROA not before:           Mon 14 Aug 2023 02:20:36 +0000
ROA not after:            Sat 13 Jan 2024 02:20:36 +0000
asID:                     139057
IP address blocks:        156.251.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13612 (0x352c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Aug 14 02:20:36 2023 GMT
            Not After : Jan 13 02:20:36 2024 GMT
        Subject: CN=64d98f78-dd4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f4:be:1c:42:50:37:b6:46:c2:e2:05:a0:15:
                    42:fa:c1:ec:83:8c:ca:10:70:99:b4:21:a1:42:59:
                    74:20:df:dc:54:6a:55:cd:8c:c7:08:c5:84:d4:54:
                    2a:ac:de:be:49:d9:7f:3b:ec:34:03:71:b8:58:aa:
                    c4:61:6d:1e:ef:9e:11:20:7b:1a:33:27:86:b6:00:
                    79:e9:f5:90:9c:1a:02:57:b9:9e:a3:f3:01:07:6b:
                    6c:45:fb:67:dd:6c:d6:68:59:1b:00:06:75:97:7c:
                    cf:4b:d0:c9:a9:2e:0c:97:93:f9:93:a3:ec:01:34:
                    7f:02:fb:bd:2f:6e:90:5c:da:d0:6e:f4:d6:cf:e8:
                    3a:90:d7:fd:51:0c:32:80:ac:4b:29:82:ca:33:15:
                    14:4e:76:62:1b:42:51:35:f5:45:1d:f8:2d:84:3d:
                    80:e6:fc:ed:d9:1c:45:f7:ea:a2:ec:f8:dc:67:34:
                    16:d9:4c:cf:68:57:d1:4e:11:be:d5:ca:0d:c7:c7:
                    fc:a7:c4:52:66:ab:95:51:94:e1:7e:8b:1a:1b:36:
                    27:43:25:ff:e5:9a:13:86:ab:e4:e5:13:78:be:31:
                    9b:b8:a6:6c:e8:c9:74:28:34:2d:65:17:39:b2:7a:
                    00:eb:5f:35:a7:8b:38:77:29:9f:b9:ef:d6:64:b0:
                    3e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:9C:61:CA:83:B2:5F:B6:05:E5:D4:56:EE:C2:7C:38:7D:C7:CF:7F
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295CF14C3A4911EEAA81DF124AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:80:25:b7:34:a1:44:52:6e:81:f0:9b:2e:3e:81:b0:c7:93:
         43:e0:7c:3b:7e:99:34:87:8c:48:c0:df:d3:d0:66:dd:ff:29:
         35:a8:2c:bb:2c:19:9f:ff:22:9f:f5:19:9a:98:b3:c2:51:f6:
         4d:b2:d7:14:e4:a7:83:25:2d:e6:22:b6:29:a2:0b:35:5d:66:
         2f:09:a8:91:a7:dd:0d:ff:8b:94:d0:33:d0:a1:26:e4:f1:bd:
         bc:73:f5:6f:73:ad:29:99:fd:61:78:2a:06:31:d8:3e:75:0d:
         c9:f4:53:88:64:64:68:aa:c3:35:7b:9a:25:ca:70:31:ba:a4:
         ef:91:9b:fe:83:b1:7c:64:65:4f:0b:79:02:1b:03:78:4d:2f:
         00:99:8f:11:49:80:ac:cf:a3:53:31:bf:5c:c4:e8:5a:66:cb:
         8e:2c:e1:21:58:64:15:9e:41:d5:39:ac:9f:21:78:86:5e:39:
         b4:9e:d0:5a:46:c8:d2:3f:e3:ad:7d:e7:5f:04:36:b4:1b:42:
         d0:70:b4:9c:a7:48:2e:29:5f:14:d6:af:ef:2b:53:79:d8:90:
         75:d0:ed:62:ae:0b:ca:b3:b8:97:54:80:41:66:06:ff:be:6e:
         96:34:cb:69:3c:f4:b9:e7:a1:e4:30:41:7e:c8:e4:f7:f8:c6:
         a8:48:d2:04
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICNSwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA4MTQwMjIwMzZaFw0yNDAxMTMwMjIwMzZaMBgxFjAU
BgNVBAMTDTY0ZDk4Zjc4LWRkNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC59L4cQlA3tkbC4gWgFUL6weyDjMoQcJm0IaFCWXQg39xUalXNjMcIxYTU
VCqs3r5J2X877DQDcbhYqsRhbR7vnhEgexozJ4a2AHnp9ZCcGgJXuZ6j8wEHa2xF
+2fdbNZoWRsABnWXfM9L0MmpLgyXk/mTo+wBNH8C+70vbpBc2tBu9NbP6DqQ1/1R
DDKArEspgsozFRROdmIbQlE19UUd+C2EPYDm/O3ZHEX36qLs+NxnNBbZTM9oV9FO
Eb7Vyg3Hx/ynxFJmq5VRlOF+ixobNidDJf/lmhOGq+TlE3i+MZu4pmzoyXQoNC1l
FzmyegDrXzWnizh3KZ+579ZksD4FAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUdZxh
yoOyX7YF5dRW7sJ8OH3Hz38wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzI5NUNGMTRDM0E0OTExRUVBQTgxREYxMjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+0EwDQYJKoZIhvcNAQELBQAD
ggEBAC6AJbc0oURSboHwmy4+gbDHk0PgfDt+mTSHjEjA39PQZt3/KTWoLLssGZ//
Ip/1GZqYs8JR9k2y1xTkp4MlLeYitimiCzVdZi8JqJGn3Q3/i5TQM9ChJuTxvbxz
9W9zrSmZ/WF4KgYx2D51Dcn0U4hkZGiqwzV7miXKcDG6pO+Rm/6DsXxkZU8LeQIb
A3hNLwCZjxFJgKzPo1Mxv1zE6Fpmy44s4SFYZBWeQdU5rJ8heIZeObSe0FpGyNI/
4619518ENrQbQtBwtJynSC4pXxTWr+8rU3nYkHXQ7WKuC8qzuJdUgEFmBv++bpY0
y2k89LnnoeQwQX7I5Pf4xqhI0gQ=
-----END CERTIFICATE-----
Generated at Sat Jan 13 20:21:52 2024 by rpki-client on console-fra.rpki-client.org