Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E76B3E22038511EF8C050E1C017001B1.roa
File:                     E76B3E22038511EF8C050E1C017001B1.roa (raw, json)
Hash identifier:          0u2vA/V6zfKHnbPwI8Dgg7JIQ9r4rG/l03UgULzGvRc=
Subject key identifier:   B3:0A:AB:17:72:F7:16:DA:88:B0:6D:C1:CB:E4:BB:1E:D1:34:73:13
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       85A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E76B3E22038511EF8C050E1C017001B1.roa
Signing time:             Fri 26 Apr 2024 04:31:52 +0000
ROA not before:           Fri 26 Apr 2024 04:31:49 +0000
ROA not after:            Tue 03 Sep 2024 04:31:49 +0000
asID:                     131685
IP address blocks:        156.234.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34210 (0x85a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 26 04:31:49 2024 GMT
            Not After : Sep  3 04:31:49 2024 GMT
        Subject: CN=662b2e38-fb66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f5:c4:22:84:e8:2d:f3:6a:d5:c0:76:c1:79:
                    df:31:6c:6d:a5:99:12:dd:41:a3:5b:0f:f6:a6:63:
                    5c:0e:f2:6c:b5:6e:a8:88:a3:a1:5e:b3:4f:2e:11:
                    4f:4b:d8:53:04:8e:7a:3d:20:ce:ce:60:8e:9f:92:
                    a0:2c:84:48:2e:1a:96:33:cd:a5:01:ba:86:2d:50:
                    70:1d:d9:38:68:33:28:99:11:31:bc:96:2d:36:de:
                    2d:40:cb:d4:d3:43:a4:91:4d:da:b7:94:b2:20:a4:
                    97:49:64:63:96:66:8c:f6:e5:0e:8a:20:64:38:d7:
                    96:41:11:3b:d9:d9:2b:f3:22:5c:b3:89:59:6b:13:
                    70:43:bb:f4:58:d9:1f:35:9e:08:fa:3f:89:af:e2:
                    c2:22:df:64:2e:61:be:d1:07:91:d1:32:f3:95:a4:
                    f1:6a:a5:b2:1b:e1:43:82:98:71:7b:e2:ee:9c:44:
                    96:c2:dc:3a:2e:ff:92:05:83:97:16:a6:7d:47:c5:
                    59:dc:79:08:3c:c0:6b:70:fb:50:f5:d5:c7:ac:29:
                    c3:76:4c:88:22:f4:90:96:8d:8c:d3:4c:ca:7f:da:
                    d9:fd:7d:ed:d2:0c:2c:21:01:fc:d5:06:ed:7c:d4:
                    9f:9e:91:bb:ea:e7:c5:1a:8f:91:86:96:df:99:ef:
                    97:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:0A:AB:17:72:F7:16:DA:88:B0:6D:C1:CB:E4:BB:1E:D1:34:73:13
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E76B3E22038511EF8C050E1C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.234.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:67:02:db:73:a6:77:ce:8b:61:bf:bf:32:b2:b1:52:22:d0:
         ef:85:91:90:c3:1b:9e:bc:7b:67:fd:06:a3:7b:e4:ee:57:33:
         aa:78:ca:ff:35:1a:a6:7e:35:5f:cc:cb:14:3c:0b:17:3b:50:
         25:eb:99:c0:18:81:7d:45:a3:b5:b3:09:de:c5:8a:8d:9b:8d:
         38:c2:4a:40:f3:af:3d:45:a2:02:66:77:6b:79:81:89:a6:cb:
         3a:8b:73:5b:e1:41:96:1d:83:06:05:8d:66:7e:bc:39:a6:23:
         78:84:a6:8e:b3:b9:fb:3d:9a:9c:c8:71:47:35:b7:b1:46:60:
         da:7b:ea:11:0e:5d:b2:8c:ca:76:aa:f5:56:0a:86:64:72:8d:
         ae:89:3a:65:37:f7:0e:d1:c7:20:c9:da:f7:38:82:b9:75:80:
         48:a2:31:67:e1:ee:28:27:e2:59:be:7a:0c:73:85:5d:43:9d:
         d7:86:d1:27:cd:e9:94:f1:99:a0:d3:16:ef:f7:91:54:48:d4:
         25:55:27:d5:be:ad:10:28:9b:39:32:18:0c:9c:f2:ab:a5:61:
         64:99:8b:02:a1:aa:49:4d:51:89:95:43:88:89:b0:dc:cf:b9:
         2c:8e:42:ba:03:d7:fd:31:7a:81:cb:d2:c9:3f:12:cc:bb:14:
         e5:d2:b0:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIWiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDQzMTQ5WhcNMjQwOTAzMDQzMTQ5WjAYMRYw
FAYDVQQDEw02NjJiMmUzOC1mYjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/XEIoToLfNq1cB2wXnfMWxtpZkS3UGjWw/2pmNcDvJstW6oiKOhXrNP
LhFPS9hTBI56PSDOzmCOn5KgLIRILhqWM82lAbqGLVBwHdk4aDMomRExvJYtNt4t
QMvU00OkkU3at5SyIKSXSWRjlmaM9uUOiiBkONeWQRE72dkr8yJcs4lZaxNwQ7v0
WNkfNZ4I+j+Jr+LCIt9kLmG+0QeR0TLzlaTxaqWyG+FDgphxe+LunESWwtw6Lv+S
BYOXFqZ9R8VZ3HkIPMBrcPtQ9dXHrCnDdkyIIvSQlo2M00zKf9rZ/X3t0gwsIQH8
1QbtfNSfnpG76ufFGo+Rhpbfme+XQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLMK
qxdy9xbaiLBtwcvkux7RNHMTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNzZCM0UyMjAzODUxMUVGOEMwNTBFMUMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOqpMA0GCSqGSIb3DQEBCwUA
A4IBAQC6ZwLbc6Z3zothv78ysrFSItDvhZGQwxuevHtn/Qaje+TuVzOqeMr/NRqm
fjVfzMsUPAsXO1Al65nAGIF9RaO1swnexYqNm404wkpA8689RaICZndreYGJpss6
i3Nb4UGWHYMGBY1mfrw5piN4hKaOs7n7PZqcyHFHNbexRmDae+oRDl2yjMp2qvVW
CoZkco2uiTplN/cO0ccgydr3OIK5dYBIojFn4e4oJ+JZvnoMc4VdQ53XhtEnzemU
8Zmg0xbv95FUSNQlVSfVvq0QKJs5MhgMnPKrpWFkmYsCoapJTVGJlUOIibDcz7ks
jkK6A9f9MXqBy9LJPxLMuxTl0rCX
-----END CERTIFICATE-----
Generated at Tue Sep 3 11:37:22 2024 by rpki-client on console-fra.rpki-client.org