Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3058FAF6C47D11ECB2D08F89F1222468.roa
File:                     3058FAF6C47D11ECB2D08F89F1222468.roa (raw, json)
Hash identifier:          BTR6FP82W7CkLb42UL3+2XGAuCt2ZZeEo48eJVQ47bI=
Subject key identifier:   D1:90:E1:9A:0D:DF:2F:DA:2D:B2:00:3D:D5:30:60:39:85:19:ED:86
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       1370
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3058FAF6C47D11ECB2D08F89F1222468.roa
Signing time:             Mon 25 Apr 2022 09:50:50 +0000
ROA not before:           Mon 25 Apr 2022 09:50:47 +0000
ROA not after:            Mon 30 Jan 2023 09:50:47 +0000
asID:                     139057
IP address blocks:        156.251.68.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4976 (0x1370)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:50:47 2022 GMT
            Not After : Jan 30 09:50:47 2023 GMT
        Subject: CN=62666efa-8dca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:69:10:04:72:25:9a:03:5b:d5:2f:56:46:5c:
                    3d:ba:fe:f1:43:64:fb:eb:f5:74:74:06:70:06:50:
                    41:1d:06:84:58:46:ec:55:98:2c:af:2f:10:92:7c:
                    3c:20:f2:d7:27:be:d1:e4:7e:32:9f:33:0c:35:2b:
                    49:e0:ba:9e:3a:d9:ec:1e:ea:1a:7a:73:22:41:af:
                    ee:53:72:06:b4:fa:40:4b:fa:aa:06:2e:a5:6e:93:
                    83:12:c5:31:78:c6:91:16:68:8a:9c:44:88:89:3d:
                    f8:f3:ae:02:88:5b:d1:03:72:21:27:e9:7e:b3:10:
                    31:36:f4:f1:bd:9f:e6:3c:05:7f:bc:ce:28:60:a4:
                    02:bb:7b:6a:76:92:69:bd:c5:d6:2c:de:06:45:52:
                    0e:79:39:77:f0:f9:4f:2e:6a:7e:b1:c9:5e:7d:0e:
                    1d:35:93:15:ee:a1:0e:aa:70:9b:cd:81:fc:1e:83:
                    84:00:65:74:9e:5a:d4:03:3f:be:03:74:f6:05:69:
                    4d:9a:35:23:7b:96:09:65:ae:15:85:dd:3a:30:4a:
                    34:c6:8b:bf:8b:d3:0e:48:2a:e0:33:69:5c:10:43:
                    dc:89:81:41:d2:75:6a:07:1d:bc:47:f5:23:71:4e:
                    5b:70:b7:7a:b8:41:af:0e:4c:80:01:87:52:bd:2c:
                    34:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:90:E1:9A:0D:DF:2F:DA:2D:B2:00:3D:D5:30:60:39:85:19:ED:86
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3058FAF6C47D11ECB2D08F89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:98:cd:8f:8f:84:ab:3b:bc:97:27:3a:fa:0f:4b:99:56:2f:
         5c:b3:46:35:15:d6:fb:fc:25:0d:cb:37:9d:0b:71:ff:4e:a7:
         08:b2:57:24:df:ed:e2:39:10:f6:2e:ab:f9:ef:8f:d8:c8:cb:
         36:d7:84:10:de:9a:a0:a2:89:d4:ac:97:5b:26:fb:09:4e:12:
         df:bb:d1:66:e4:56:ed:6b:c3:02:d3:b8:c6:43:83:5b:ff:e1:
         83:d8:d7:e2:72:d3:b4:81:42:3a:92:96:96:af:06:b9:8f:6d:
         4c:a2:3a:69:01:48:7f:fa:ad:b7:88:41:3d:06:33:ec:0a:f6:
         b9:0c:70:b5:9b:8e:e5:9e:23:cd:82:80:a4:3d:30:69:60:32:
         d8:12:1a:cd:51:fe:a5:1c:91:eb:8e:e4:b6:28:06:9d:7c:b4:
         f4:ec:92:35:d4:12:d7:f7:09:fe:2e:32:2a:c3:67:7b:21:4e:
         4a:8e:dc:29:51:d8:87:59:98:b9:a0:71:c1:43:9e:2e:95:d2:
         94:cf:45:3c:69:3f:b7:8f:fd:7f:65:c4:76:d5:14:18:06:1c:
         f5:0e:44:52:f5:0e:d8:85:3b:43:c8:79:e0:eb:2a:2a:9d:ac:
         98:f7:6f:58:2f:ea:f0:3f:fa:37:9b:54:02:c1:8a:67:4b:e6:
         1c:27:42:4f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE3AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTUwNDdaFw0yMzAxMzAwOTUwNDdaMBgxFjAU
BgNVBAMMDTYyNjY2ZWZhLThkY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEaRAEciWaA1vVL1ZGXD26/vFDZPvr9XR0BnAGUEEdBoRYRuxVmCyvLxCS
fDwg8tcnvtHkfjKfMww1K0ngup462ewe6hp6cyJBr+5Tcga0+kBL+qoGLqVuk4MS
xTF4xpEWaIqcRIiJPfjzrgKIW9EDciEn6X6zEDE29PG9n+Y8BX+8zihgpAK7e2p2
kmm9xdYs3gZFUg55OXfw+U8uan6xyV59Dh01kxXuoQ6qcJvNgfweg4QAZXSeWtQD
P74DdPYFaU2aNSN7lgllrhWF3TowSjTGi7+L0w5IKuAzaVwQQ9yJgUHSdWoHHbxH
9SNxTltwt3q4Qa8OTIABh1K9LDT5AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU0ZDh
mg3fL9otsgA91TBgOYUZ7YYwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzMwNThGQUY2QzQ3RDExRUNCMkQwOEY4OUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGc+0QwDQYJKoZIhvcNAQELBQAD
ggEBAImYzY+PhKs7vJcnOvoPS5lWL1yzRjUV1vv8JQ3LN50Lcf9OpwiyVyTf7eI5
EPYuq/nvj9jIyzbXhBDemqCiidSsl1sm+wlOEt+70WbkVu1rwwLTuMZDg1v/4YPY
1+Jy07SBQjqSlpavBrmPbUyiOmkBSH/6rbeIQT0GM+wK9rkMcLWbjuWeI82CgKQ9
MGlgMtgSGs1R/qUckeuO5LYoBp18tPTskjXUEtf3Cf4uMirDZ3shTkqO3ClR2IdZ
mLmgccFDni6V0pTPRTxpP7eP/X9lxHbVFBgGHPUORFL1DtiFO0PIeeDrKiqdrJj3
b1gv6vA/+jebVALBimdL5hwnQk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:49:44 2024 by rpki-client on console-fra.rpki-client.org