Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E7EB48CF24811EEAA69136B775412E6.roa
File:                     2E7EB48CF24811EEAA69136B775412E6.roa (raw, json)
Hash identifier:          aVBLM92Iu9DbdFpMzYlBwKIbRaOKv8Et2mYDMxVr0xc=
Subject key identifier:   75:24:89:43:69:3D:89:D7:9F:13:6E:3E:BB:4D:23:8F:1E:0D:85:43
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8192
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E7EB48CF24811EEAA69136B775412E6.roa
Signing time:             Thu 04 Apr 2024 05:57:13 +0000
ROA not before:           Thu 04 Apr 2024 05:57:09 +0000
ROA not after:            Sun 07 Jul 2024 05:57:09 +0000
asID:                     272018
IP address blocks:        156.235.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33170 (0x8192)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr  4 05:57:09 2024 GMT
            Not After : Jul  7 05:57:09 2024 GMT
        Subject: CN=660e4139-fdca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ba:4d:79:68:fb:de:99:83:19:4b:c8:ce:18:
                    45:3d:5a:ce:6e:f5:eb:62:64:ff:4b:06:88:7f:e1:
                    bd:67:cb:a1:36:2e:07:54:80:47:84:f2:a4:23:de:
                    23:22:02:42:73:c4:f3:70:21:7c:ef:2c:80:48:72:
                    1f:d0:d0:93:a7:34:3f:59:d6:3e:a2:02:3c:a0:d2:
                    8f:37:a3:e2:00:b9:5e:00:1a:3c:e0:18:89:a6:72:
                    e3:8a:7e:12:fe:83:97:61:60:2c:72:ab:f2:e3:10:
                    9a:2b:00:da:86:cc:4b:17:2f:e8:18:61:5a:3b:fe:
                    c2:fc:82:e9:3d:f0:4f:bd:58:6b:a6:b2:6a:9e:fb:
                    9b:d1:ac:bc:c7:c0:8c:1a:57:a3:6b:c3:5b:a6:81:
                    99:e7:5d:d9:70:b4:4b:cf:b8:c8:56:58:74:3a:46:
                    73:1a:b3:6e:3a:de:3c:65:78:97:83:ae:71:e6:ec:
                    2e:68:7c:59:2a:ff:0c:ba:d6:0c:49:9f:30:cf:3f:
                    21:a3:aa:f2:fb:b0:9e:00:f4:c0:a6:d0:2d:ee:1d:
                    1e:6e:cf:a3:87:77:47:16:fd:56:2b:d5:82:fb:b4:
                    42:d0:c2:09:7c:4f:ec:2c:60:cb:d3:6f:a1:1c:92:
                    b9:83:c6:36:10:f9:46:79:65:1b:1f:51:34:d4:0c:
                    19:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:24:89:43:69:3D:89:D7:9F:13:6E:3E:BB:4D:23:8F:1E:0D:85:43
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E7EB48CF24811EEAA69136B775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.235.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:83:98:74:55:95:11:72:97:35:90:5e:1e:0d:89:93:0c:3c:
         4f:c6:a9:28:81:fc:55:c2:19:d5:17:e6:0f:7f:b3:53:ab:0b:
         ac:db:1e:87:67:fa:85:98:89:d1:f8:06:21:2f:55:71:08:ee:
         3d:44:fd:eb:91:ee:eb:c7:c6:af:33:3c:64:34:16:ff:f2:82:
         fa:6b:81:ae:18:da:af:e0:8b:41:86:60:b3:8a:3c:a2:65:95:
         21:68:6b:91:5e:cf:53:6f:44:43:5e:d7:b5:59:34:08:88:47:
         43:bc:26:7b:55:04:78:bc:0f:87:ab:55:a0:ad:88:24:4b:34:
         19:db:16:b6:e5:68:4b:47:d2:f1:44:b0:29:e6:3b:29:9c:0a:
         96:a8:ff:93:cd:14:33:32:70:0c:40:00:ff:22:64:94:ce:c2:
         fa:60:1a:f4:5b:eb:17:a5:b6:7f:11:e1:5d:0a:1a:e3:46:01:
         55:bb:55:d2:de:d8:f9:25:b5:22:12:da:8e:1c:e1:65:fa:45:
         5c:c1:f3:82:68:2e:58:71:63:f8:5a:8b:fd:7a:45:b9:f7:c8:
         48:bd:bd:a0:e5:e3:70:7f:92:3b:b1:c0:b4:46:a4:b3:35:11:
         30:78:de:98:f3:b2:6e:1d:0c:99:ad:61:5a:dd:f5:32:ae:66:
         a1:7b:6e:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIGSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDA0MDU1NzA5WhcNMjQwNzA3MDU1NzA5WjAYMRYw
FAYDVQQDEw02NjBlNDEzOS1mZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx7pNeWj73pmDGUvIzhhFPVrObvXrYmT/SwaIf+G9Z8uhNi4HVIBHhPKk
I94jIgJCc8TzcCF87yyASHIf0NCTpzQ/WdY+ogI8oNKPN6PiALleABo84BiJpnLj
in4S/oOXYWAscqvy4xCaKwDahsxLFy/oGGFaO/7C/ILpPfBPvVhrprJqnvub0ay8
x8CMGleja8NbpoGZ513ZcLRLz7jIVlh0OkZzGrNuOt48ZXiXg65x5uwuaHxZKv8M
utYMSZ8wzz8ho6ry+7CeAPTAptAt7h0ebs+jh3dHFv1WK9WC+7RC0MIJfE/sLGDL
02+hHJK5g8Y2EPlGeWUbH1E01AwZaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHUk
iUNpPYnXnxNuPrtNI48eDYVDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTdFQjQ4Q0YyNDgxMUVFQUE2OTEzNkI3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOtaMA0GCSqGSIb3DQEBCwUA
A4IBAQATg5h0VZURcpc1kF4eDYmTDDxPxqkogfxVwhnVF+YPf7NTqwus2x6HZ/qF
mInR+AYhL1VxCO49RP3rke7rx8avMzxkNBb/8oL6a4GuGNqv4ItBhmCzijyiZZUh
aGuRXs9Tb0RDXte1WTQIiEdDvCZ7VQR4vA+Hq1WgrYgkSzQZ2xa25WhLR9LxRLAp
5jspnAqWqP+TzRQzMnAMQAD/ImSUzsL6YBr0W+sXpbZ/EeFdChrjRgFVu1XS3tj5
JbUiEtqOHOFl+kVcwfOCaC5YcWP4Wov9ekW598hIvb2g5eNwf5I7scC0RqSzNREw
eN6Y87JuHQyZrWFa3fUyrmahe27K
-----END CERTIFICATE-----
Generated at Mon Jul 8 03:08:09 2024 by rpki-client on console-ams.rpki-client.org