Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AE3BDDA038311EFB3AF380A017001B1.roa
File:                     7AE3BDDA038311EFB3AF380A017001B1.roa (raw, json)
Hash identifier:          oRfO1bjkuovtDdNJjnaNrkxZUwZSHflta/eJ+GuQ9cw=
Subject key identifier:   9F:B0:A7:05:F5:A1:2D:D1:A4:53:8A:9A:B1:F9:B0:79:50:EB:A5:BB
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8582
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AE3BDDA038311EFB3AF380A017001B1.roa
Signing time:             Fri 26 Apr 2024 04:14:31 +0000
ROA not before:           Fri 26 Apr 2024 04:14:28 +0000
ROA not after:            Tue 03 Sep 2024 04:14:28 +0000
asID:                     131685
IP address blocks:        156.226.190.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34178 (0x8582)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 26 04:14:28 2024 GMT
            Not After : Sep  3 04:14:28 2024 GMT
        Subject: CN=662b2a27-ad13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c3:4d:2f:b8:09:ca:de:62:2f:ed:77:7d:73:
                    b5:dd:d4:42:d6:4e:b2:e8:3f:4a:a8:2e:01:08:c0:
                    53:63:a2:d4:d7:bc:b5:e9:76:ed:0d:ef:70:6f:bd:
                    5f:1b:22:34:e4:01:90:ba:fb:61:bf:ba:f4:df:f1:
                    06:d6:b2:f4:fe:4c:a3:33:a8:cc:55:de:4c:23:3b:
                    c8:36:e7:b2:f1:cc:1d:76:ba:03:c4:ad:fc:72:2a:
                    c0:fb:4d:d5:a7:ff:63:26:db:04:14:03:af:2c:a4:
                    22:08:81:75:be:84:4c:d9:6b:39:37:3e:43:19:63:
                    da:cc:0e:8e:5e:47:e6:f0:c6:0c:19:61:78:bc:8b:
                    ee:bc:15:b6:a1:be:9c:76:bd:b6:8a:6d:30:0d:58:
                    10:ad:70:6e:94:50:20:6b:a5:4b:26:ae:27:9b:7f:
                    25:f4:38:85:cd:89:17:9a:5d:ec:ed:14:87:99:97:
                    33:08:ff:52:f4:43:27:87:3c:3d:24:2c:69:54:c1:
                    97:8b:60:05:78:f1:6c:93:90:d3:d7:51:1c:a9:92:
                    7a:e9:80:93:76:60:c7:f2:2f:2e:49:e0:3e:4c:23:
                    15:44:b0:18:a3:ea:0a:e4:8a:60:25:65:19:a0:f8:
                    82:47:e9:8f:f2:c2:91:c4:2a:17:7a:4c:6d:ef:7b:
                    cb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B0:A7:05:F5:A1:2D:D1:A4:53:8A:9A:B1:F9:B0:79:50:EB:A5:BB
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AE3BDDA038311EFB3AF380A017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.226.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:a0:b1:7a:f2:b3:da:2d:1c:f5:04:99:db:3f:64:72:4f:a9:
         fd:f9:b6:59:0f:30:4a:1f:aa:5c:27:c9:14:0f:d8:90:1d:3b:
         a5:ce:ff:b0:62:54:bd:d0:fe:8d:48:87:86:54:e8:17:14:6f:
         12:c8:52:e9:e1:be:26:54:d4:aa:7e:f0:5f:f6:80:8b:ec:c9:
         f0:ba:bd:44:29:40:90:d3:3c:6e:86:b2:14:99:c1:7d:df:79:
         65:22:d6:80:ed:a4:15:7f:88:b6:25:1f:56:de:ec:20:47:00:
         65:43:ff:66:c6:0f:54:eb:34:71:52:5b:1e:a5:33:57:bb:dd:
         6f:67:12:55:59:e9:ab:6a:84:70:4d:cc:7b:69:0a:e4:e9:47:
         19:48:2e:ec:fc:b0:1c:04:db:9e:10:c4:37:3c:7a:e4:4b:10:
         41:18:66:4a:54:17:e5:a9:d4:ed:c6:2b:0c:17:67:b7:df:dd:
         85:fa:04:e6:35:72:58:a1:7f:23:61:b4:1e:4b:6e:0b:4d:4f:
         00:10:c3:01:cc:16:ff:c6:62:86:bf:d8:b8:de:05:bd:97:64:
         cd:5f:61:43:c9:93:e2:ff:68:55:6a:48:87:3e:59:1a:77:49:
         48:d7:c5:86:55:9f:3e:01:3a:37:fd:ce:04:ce:19:bf:49:74:
         25:b8:62:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIWCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDQxNDI4WhcNMjQwOTAzMDQxNDI4WjAYMRYw
FAYDVQQDEw02NjJiMmEyNy1hZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMNNL7gJyt5iL+13fXO13dRC1k6y6D9KqC4BCMBTY6LU17y16XbtDe9w
b71fGyI05AGQuvthv7r03/EG1rL0/kyjM6jMVd5MIzvINuey8cwddroDxK38cirA
+03Vp/9jJtsEFAOvLKQiCIF1voRM2Ws5Nz5DGWPazA6OXkfm8MYMGWF4vIvuvBW2
ob6cdr22im0wDVgQrXBulFAga6VLJq4nm38l9DiFzYkXml3s7RSHmZczCP9S9EMn
hzw9JCxpVMGXi2AFePFsk5DT11EcqZJ66YCTdmDH8i8uSeA+TCMVRLAYo+oK5Ipg
JWUZoPiCR+mP8sKRxCoXekxt73vLjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ+w
pwX1oS3RpFOKmrH5sHlQ66W7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QUUzQkREQTAzODMxMUVGQjNBRjM4MEEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOK+MA0GCSqGSIb3DQEBCwUA
A4IBAQCHoLF68rPaLRz1BJnbP2RyT6n9+bZZDzBKH6pcJ8kUD9iQHTulzv+wYlS9
0P6NSIeGVOgXFG8SyFLp4b4mVNSqfvBf9oCL7Mnwur1EKUCQ0zxuhrIUmcF933ll
ItaA7aQVf4i2JR9W3uwgRwBlQ/9mxg9U6zRxUlsepTNXu91vZxJVWemraoRwTcx7
aQrk6UcZSC7s/LAcBNueEMQ3PHrkSxBBGGZKVBflqdTtxisMF2e3392F+gTmNXJY
oX8jYbQeS24LTU8AEMMBzBb/xmKGv9i43gW9l2TNX2FDyZPi/2hVakiHPlkad0lI
18WGVZ8+ATo3/c4Ezhm/SXQluGJL
-----END CERTIFICATE-----
Generated at Tue Sep 3 12:42:41 2024 by rpki-client on console-ams.rpki-client.org