Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C5814/CFBB0A84A75111E6B023E037F8AEA228/82AA5718739F11EA9D08332EF8AEA228.roa
File:                     82AA5718739F11EA9D08332EF8AEA228.roa (raw, json)
Hash identifier:          KJfUtQTwbPXoz3EReCmNtqhhpohN/6VheOTVoTa2f4Y=
Subject key identifier:   8A:5A:59:98:C3:F4:C7:A6:A5:CC:FE:BB:39:CF:9E:2E:C5:EC:8B:C6
Certificate issuer:       /CN=F36C5814AF/serialNumber=D2694F5ACE5DF7B7A2B1C75B44B18B5A77683868
Certificate serial:       04FA
Authority key identifier: D2:69:4F:5A:CE:5D:F7:B7:A2:B1:C7:5B:44:B1:8B:5A:77:68:38:68
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0mlPWs5d97eiscdbRLGLWndoOGg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C5814/CFBB0A84A75111E6B023E037F8AEA228/82AA5718739F11EA9D08332EF8AEA228.roa
Signing time:             Tue 31 Mar 2020 22:32:32 +0000
ROA not before:           Tue 31 Mar 2020 22:32:25 +0000
ROA not after:            Tue 25 Apr 2023 22:32:25 +0000
asID:                     36941
IP address blocks:        41.216.224.0/22 maxlen: 22
                          196.2.80.0/20 maxlen: 20
                          196.2.81.0/24 maxlen: 24
                          196.2.82.0/24 maxlen: 24
                          196.2.83.0/24 maxlen: 24
                          196.2.84.0/24 maxlen: 24
                          196.2.85.0/24 maxlen: 24
                          196.2.86.0/24 maxlen: 24
                          196.2.87.0/24 maxlen: 24
                          196.2.88.0/24 maxlen: 24
                          196.2.89.0/24 maxlen: 24
                          196.2.90.0/24 maxlen: 24
                          196.2.91.0/24 maxlen: 24
                          196.2.92.0/24 maxlen: 24
                          196.2.93.0/24 maxlen: 24
                          196.2.94.0/24 maxlen: 24
                          196.2.95.0/24 maxlen: 24
                          196.223.176.0/20 maxlen: 20
                          2c0f:f378::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1274 (0x4fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C5814AF/serialNumber=D2694F5ACE5DF7B7A2B1C75B44B18B5A77683868
        Validity
            Not Before: Mar 31 22:32:25 2020 GMT
            Not After : Apr 25 22:32:25 2023 GMT
        Subject: CN=5e83c500-f4ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:28:31:37:52:4e:e4:76:30:27:4a:28:9d:fe:
                    83:a6:0b:36:8d:1e:a2:9a:1f:d8:b5:c3:e9:77:47:
                    5d:a1:bb:e6:ef:c0:65:e4:d3:f5:0c:3c:97:cc:1e:
                    b7:2d:35:af:0e:ee:88:d4:ba:d4:f1:6f:fe:82:6a:
                    fc:eb:13:5d:69:12:4b:5d:cc:bf:47:37:af:04:f7:
                    56:00:56:7d:90:1b:ec:0b:94:24:2a:d5:14:cf:a5:
                    47:0a:18:5a:c4:03:29:0c:14:51:dc:07:59:75:14:
                    f2:88:0b:8f:5f:8f:77:3e:30:3a:34:aa:f0:9d:3d:
                    0f:c2:ba:f4:09:93:e1:50:d5:2e:88:96:70:13:39:
                    e7:04:af:1f:1e:d1:e4:95:64:21:05:92:36:ef:46:
                    0c:76:55:e6:ff:1c:44:08:b6:9a:df:3d:19:8e:45:
                    ce:aa:86:17:a1:98:d9:6e:5a:2a:6e:dc:0f:8f:13:
                    97:1c:df:ae:3f:b2:f6:48:3f:4f:e3:9c:1d:2d:b5:
                    82:33:4f:4b:b2:e8:b2:c8:68:08:78:ed:db:ab:a3:
                    dc:ef:ac:6c:9f:cd:08:08:2f:7b:40:a3:9f:3a:bb:
                    8e:6a:6f:48:ef:20:65:89:46:ad:83:01:b5:38:a9:
                    4e:e4:c7:1f:3c:51:b0:f9:cf:1a:1b:62:a1:ba:b1:
                    fc:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:5A:59:98:C3:F4:C7:A6:A5:CC:FE:BB:39:CF:9E:2E:C5:EC:8B:C6
            X509v3 Authority Key Identifier:
                keyid:D2:69:4F:5A:CE:5D:F7:B7:A2:B1:C7:5B:44:B1:8B:5A:77:68:38:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C5814/CFBB0A84A75111E6B023E037F8AEA228/0mlPWs5d97eiscdbRLGLWndoOGg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0mlPWs5d97eiscdbRLGLWndoOGg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C5814/CFBB0A84A75111E6B023E037F8AEA228/82AA5718739F11EA9D08332EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.216.224.0/22
                  196.2.80.0/20
                  196.223.176.0/20
                IPv6:
                  2c0f:f378::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:8f:5e:34:9b:98:e4:36:d6:11:5e:66:5f:60:85:e3:5d:93:
         39:66:b3:13:91:b3:12:26:9b:d1:6f:7e:81:41:78:4b:a9:25:
         23:0b:e7:a8:6a:4d:2b:42:2f:82:98:55:a1:c2:b3:f7:4e:50:
         5b:9a:35:33:b6:8f:16:c8:b5:39:da:99:9c:12:bc:a1:06:dc:
         9e:6d:48:31:cb:02:1a:ce:db:c8:96:ee:0c:b8:6e:0a:fc:50:
         f7:5d:6b:c6:35:67:d4:a9:e7:42:2a:a2:03:ff:c7:4e:88:6d:
         f4:64:7d:74:12:5e:be:cd:be:30:77:e7:9b:2a:18:77:40:84:
         7c:08:ce:ed:69:2e:66:3b:d8:50:d5:2c:f5:f0:a6:cb:a0:03:
         5e:df:1b:fc:eb:a1:34:26:38:b9:f4:36:7d:9c:65:a3:80:a3:
         9d:c1:0f:ca:b5:99:e0:f3:d9:37:24:3b:5b:c0:b0:d3:c9:f4:
         4f:65:86:05:37:69:68:c4:a3:49:51:75:2e:88:47:af:aa:84:
         89:9e:58:35:c3:b4:2c:0b:7d:45:85:19:b5:86:42:57:f2:bd:
         e5:04:f1:5a:9c:58:71:e9:78:a0:9a:1d:bb:7a:cd:37:2c:9d:
         44:07:af:27:4b:5c:08:29:da:99:b5:2b:fb:57:86:1f:37:45:
         7f:b4:df:74
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBPowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4MTRBRjExMC8GA1UEBRMoRDI2OTRGNUFDRTVERjdCN0EyQjFDNzVCNDRCMThC
NUE3NzY4Mzg2ODAeFw0yMDAzMzEyMjMyMjVaFw0yMzA0MjUyMjMyMjVaMBgxFjAU
BgNVBAMTDTVlODNjNTAwLWY0YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDiKDE3Uk7kdjAnSiid/oOmCzaNHqKaH9i1w+l3R12hu+bvwGXk0/UMPJfM
HrctNa8O7ojUutTxb/6CavzrE11pEktdzL9HN68E91YAVn2QG+wLlCQq1RTPpUcK
GFrEAykMFFHcB1l1FPKIC49fj3c+MDo0qvCdPQ/CuvQJk+FQ1S6IlnATOecErx8e
0eSVZCEFkjbvRgx2Veb/HEQItprfPRmORc6qhhehmNluWipu3A+PE5cc364/svZI
P0/jnB0ttYIzT0uy6LLIaAh47duro9zvrGyfzQgIL3tAo586u45qb0jvIGWJRq2D
AbU4qU7kxx88UbD5zxobYqG6sfy9AgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUilpZ
mMP0x6alzP67Oc+eLsXsi8YwHwYDVR0jBBgwFoAU0mlPWs5d97eiscdbRLGLWndo
OGgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1ODE0L0NGQkIwQTg0QTc1MTExRTZCMDIzRTAzN0Y4QUVBMjI4LzBtbFBX
czVkOTdlaXNjZGJSTEdMV25kb09HZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBtbFBXczVkOTdlaXNjZGJSTEdMV25kb09HZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1ODE0L0NGQkIwQTg0QTc1MTExRTZCMDIzRTAzN0Y4
QUVBMjI4LzgyQUE1NzE4NzM5RjExRUE5RDA4MzMyRUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAIp2OADBATEAlADBATE37Aw
DQQCAAIwBwMFACwP83gwDQYJKoZIhvcNAQELBQADggEBAGSPXjSbmOQ21hFeZl9g
heNdkzlmsxORsxImm9FvfoFBeEupJSML56hqTStCL4KYVaHCs/dOUFuaNTO2jxbI
tTnamZwSvKEG3J5tSDHLAhrO28iW7gy4bgr8UPdda8Y1Z9Sp50IqogP/x06IbfRk
fXQSXr7NvjB355sqGHdAhHwIzu1pLmY72FDVLPXwpsugA17fG/zroTQmOLn0Nn2c
ZaOAo53BD8q1meDz2TckO1vAsNPJ9E9lhgU3aWjEo0lRdS6IR6+qhImeWDXDtCwL
fUWFGbWGQlfyveUE8VqcWHHpeKCaHbt6zTcsnUQHrydLXAgp2pm1K/tXhh83RX+0
33Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:51 2024 by rpki-client on console-fra.rpki-client.org