Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB73176ACAC411EFAA665078762E951A.roa
File:                     CB73176ACAC411EFAA665078762E951A.roa (raw, json)
Hash identifier:          N/Os0j/tfoDe4I7aaM7YOwOjWKd3/CAu6aB/w8JdvBc=
Subject key identifier:   68:0C:9D:F5:AD:C2:68:9E:18:61:B4:97:FC:A5:C2:EC:2E:5C:63:CD
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       F72A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB73176ACAC411EFAA665078762E951A.roa
Signing time:             Sat 04 Jan 2025 17:53:25 +0000
ROA not before:           Sun 05 Jan 2025 17:53:21 +0000
ROA not after:            Fri 17 Jan 2025 17:53:21 +0000
asID:                     21859
IP address blocks:        45.196.137.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63274 (0xf72a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  5 17:53:21 2025 GMT
            Not After : Jan 17 17:53:21 2025 GMT
        Subject: CN=67797595-913c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:66:18:e9:ab:6a:08:39:1a:c1:7f:a8:cf:5e:
                    6b:d2:9d:18:b7:66:bf:c4:03:e8:3b:60:eb:e4:78:
                    b6:27:ac:e1:7c:41:7e:82:f2:35:92:ef:6a:c3:40:
                    d0:02:e3:72:1a:cd:6a:49:ca:87:38:2a:d3:17:eb:
                    16:ba:f2:44:02:f5:e5:ae:73:e9:4e:6b:22:f9:43:
                    46:96:13:b1:1d:08:5e:97:13:ad:30:a1:bd:48:92:
                    f1:d6:ca:45:dc:ab:8c:00:92:56:cd:75:c2:13:00:
                    d5:3d:82:e9:1d:fc:fe:67:ff:75:fb:08:8b:4d:da:
                    8f:fd:60:0d:0c:59:15:d3:ed:57:1a:96:53:b1:4c:
                    b9:21:a0:09:5d:46:a2:cb:a3:47:16:97:6a:9f:43:
                    98:45:d2:9f:a0:f1:64:07:39:f4:8e:91:77:89:af:
                    76:db:ee:2d:b8:bf:21:9b:f1:03:81:06:d4:b4:0d:
                    4a:92:5d:74:16:e5:f5:d3:1c:5e:48:e7:6b:1d:ff:
                    5d:9b:e8:08:d5:f5:18:81:a0:3f:00:95:65:5b:db:
                    67:85:fd:93:ff:e7:31:51:04:af:4b:7d:2d:99:ed:
                    17:4c:c4:86:dc:86:23:6e:f9:1c:b4:c1:fb:50:d9:
                    78:e5:3e:fa:a2:93:c6:c8:50:e3:1f:36:68:86:7a:
                    18:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:0C:9D:F5:AD:C2:68:9E:18:61:B4:97:FC:A5:C2:EC:2E:5C:63:CD
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB73176ACAC411EFAA665078762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.196.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:a6:a6:21:44:3a:58:78:47:1f:45:b7:c2:c3:da:bf:f7:02:
         0c:78:c1:17:b2:79:98:be:66:91:ee:95:31:fa:b4:d5:ca:db:
         ab:32:a7:5d:12:37:78:b4:ec:02:b3:2e:ea:ad:9a:f1:56:c3:
         db:0d:c9:18:a8:0d:7e:a1:c3:78:75:56:b2:e6:8f:56:f3:6f:
         06:19:13:3a:72:6b:ad:81:de:08:40:84:b6:bd:27:87:ca:cf:
         e2:e4:86:62:95:c2:5e:aa:b0:95:36:6e:3a:a0:1e:8f:7b:cd:
         e9:d4:2d:0c:2e:5e:88:12:8f:bb:c6:a1:d5:49:3a:fd:1b:a6:
         14:1f:b6:87:72:9e:77:dc:00:fa:ad:5e:36:e3:41:33:30:67:
         5f:2e:e4:16:46:76:1a:8f:18:bb:0d:b6:da:78:5b:00:64:a2:
         31:6e:37:4c:f1:8f:f7:40:18:92:93:35:da:c7:00:5b:f2:f4:
         eb:fa:66:22:e8:ab:d6:24:73:f3:fe:c2:2b:cf:5c:25:b0:7e:
         bd:2d:c7:c3:50:36:05:31:5a:d9:a3:4b:2b:4b:2f:a8:b1:b2:
         ee:e4:12:e4:ff:9c:e7:7c:30:5e:c7:c1:08:4d:64:7b:2f:33:
         ed:b5:6b:df:59:66:3e:11:72:37:be:bf:ef:0e:17:12:25:c6:
         70:76:84:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPcqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTc1MzIxWhcNMjUwMTE3MTc1MzIxWjAYMRYw
FAYDVQQDEw02Nzc5NzU5NS05MTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArWYY6atqCDkawX+oz15r0p0Yt2a/xAPoO2Dr5Hi2J6zhfEF+gvI1ku9q
w0DQAuNyGs1qScqHOCrTF+sWuvJEAvXlrnPpTmsi+UNGlhOxHQhelxOtMKG9SJLx
1spF3KuMAJJWzXXCEwDVPYLpHfz+Z/91+wiLTdqP/WANDFkV0+1XGpZTsUy5IaAJ
XUaiy6NHFpdqn0OYRdKfoPFkBzn0jpF3ia922+4tuL8hm/EDgQbUtA1Kkl10FuX1
0xxeSOdrHf9dm+gI1fUYgaA/AJVlW9tnhf2T/+cxUQSvS30tme0XTMSG3IYjbvkc
tMH7UNl45T76opPGyFDjHzZohnoYUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGgM
nfWtwmieGGG0l/ylwuwuXGPNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjczMTc2QUNBQzQxMUVGQUE2NjUwNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSJMA0GCSqGSIb3DQEBCwUA
A4IBAQCfpqYhRDpYeEcfRbfCw9q/9wIMeMEXsnmYvmaR7pUx+rTVyturMqddEjd4
tOwCsy7qrZrxVsPbDckYqA1+ocN4dVay5o9W828GGRM6cmutgd4IQIS2vSeHys/i
5IZilcJeqrCVNm46oB6Pe83p1C0MLl6IEo+7xqHVSTr9G6YUH7aHcp533AD6rV42
40EzMGdfLuQWRnYajxi7DbbaeFsAZKIxbjdM8Y/3QBiSkzXaxwBb8vTr+mYi6KvW
JHPz/sIrz1wlsH69LcfDUDYFMVrZo0srSy+osbLu5BLk/5znfDBex8EITWR7LzPt
tWvfWWY+EXI3vr/vDhcSJcZwdoSX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:28 2025 by rpki-client