Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/3EB843F4B20211ED9665B1C6F1222468.roa
File:                     3EB843F4B20211ED9665B1C6F1222468.roa (raw, json)
Hash identifier:          ZQLxlRbHw0R+n1rO0fSUCMLsJ24kBSYHkVnebfXqpCQ=
Subject key identifier:   70:79:C0:9E:E6:F2:CB:31:AC:1E:F4:06:24:87:5A:ED:D6:42:8E:80
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0A4E
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/3EB843F4B20211ED9665B1C6F1222468.roa
Signing time:             Tue 21 Feb 2023 16:10:23 +0000
ROA not before:           Tue 21 Feb 2023 16:10:19 +0000
ROA not after:            Wed 21 Feb 2024 16:10:19 +0000
asID:                     61317
IP address blocks:        102.165.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2638 (0xa4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 21 16:10:19 2023 GMT
            Not After : Feb 21 16:10:19 2024 GMT
        Subject: CN=63f4ecef-b08b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:43:7d:b4:d4:3c:77:2d:c2:b5:e8:2b:d9:d4:
                    4b:86:77:dc:b1:19:1e:dc:ce:18:5c:89:dd:db:f8:
                    b6:e6:94:03:c4:3b:86:e7:48:fb:47:0f:f0:63:a9:
                    a8:cb:5b:e5:46:25:c2:82:92:0c:3a:0c:17:fb:ae:
                    33:e0:f6:02:ed:8d:0b:93:c7:ae:9b:55:51:68:bf:
                    47:37:c6:48:d1:aa:78:22:e6:cc:7e:ee:c2:5b:90:
                    e4:bd:70:94:27:a4:8d:0c:c0:47:a6:3d:07:00:a0:
                    3d:cc:28:65:35:d8:70:99:33:de:e6:1e:eb:51:9b:
                    e3:8d:4e:c8:71:da:19:27:14:00:83:5d:b1:03:b9:
                    2f:a0:4e:09:25:6f:7d:ec:ad:f6:14:ec:8a:b5:77:
                    66:80:e2:3d:cd:9b:d5:15:9a:95:93:21:3c:a1:09:
                    01:69:77:f8:7b:fb:75:87:7e:ae:63:72:fd:a8:b2:
                    97:95:51:2e:78:ed:31:09:79:48:7f:b1:11:4c:8f:
                    ed:9f:ec:cb:f7:c9:78:dd:ac:c4:5b:23:7b:d2:ee:
                    bd:9b:38:16:7a:ee:8e:d9:0f:72:ff:ec:1d:21:37:
                    7a:ce:d3:7a:7d:ff:88:72:eb:a0:e6:95:d5:89:3a:
                    82:08:1c:4b:28:38:28:7f:23:a9:91:a5:53:ae:92:
                    99:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:79:C0:9E:E6:F2:CB:31:AC:1E:F4:06:24:87:5A:ED:D6:42:8E:80
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/3EB843F4B20211ED9665B1C6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:6a:e2:2a:cb:b0:93:11:e4:27:e2:3f:4c:16:ff:91:cc:5a:
         ff:41:6a:e4:c0:18:f9:de:0c:45:aa:9c:33:9a:f2:8f:22:56:
         91:63:60:0c:b0:04:4d:25:31:7c:31:76:eb:41:af:d5:da:1b:
         c3:ff:9a:64:69:73:e6:70:22:63:95:86:e7:f4:f6:b2:44:f2:
         af:4a:56:9a:a4:f2:f4:6a:64:b6:77:e4:89:0b:1e:9e:0c:44:
         ea:2f:2d:fd:32:09:7b:7b:f5:80:b2:cb:ee:07:f0:70:97:aa:
         91:c5:f4:85:ab:ef:a4:75:e2:f9:47:6d:c5:10:e5:b2:88:60:
         90:3d:0e:5f:fc:2e:a5:ae:5f:01:67:7a:ce:c7:77:73:40:60:
         a5:d6:7a:57:67:0b:e4:43:15:5f:0a:81:48:f6:d3:b8:77:38:
         66:38:f9:3d:03:aa:e9:1f:44:94:e2:ab:cd:01:94:12:dc:49:
         9f:9a:84:f1:1e:89:3a:26:99:1b:17:d7:b7:2c:90:9b:a8:c2:
         9a:b9:8f:86:0a:5c:8f:bf:53:11:e2:77:71:87:94:4f:fa:05:
         5a:ed:2f:76:b5:18:0e:cf:a5:0b:40:d0:f9:df:cb:bf:61:b5:
         31:93:97:3c:e3:00:58:b9:f9:7e:81:4b:a6:5b:64:d0:b5:55:
         2c:c2:7f:ef
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCk4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzAyMjExNjEwMTlaFw0yNDAyMjExNjEwMTlaMBgxFjAU
BgNVBAMMDTYzZjRlY2VmLWIwOGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCiQ3201Dx3LcK16CvZ1EuGd9yxGR7czhhcid3b+LbmlAPEO4bnSPtHD/Bj
qajLW+VGJcKCkgw6DBf7rjPg9gLtjQuTx66bVVFov0c3xkjRqngi5sx+7sJbkOS9
cJQnpI0MwEemPQcAoD3MKGU12HCZM97mHutRm+ONTshx2hknFACDXbEDuS+gTgkl
b33srfYU7Iq1d2aA4j3Nm9UVmpWTITyhCQFpd/h7+3WHfq5jcv2ospeVUS547TEJ
eUh/sRFMj+2f7Mv3yXjdrMRbI3vS7r2bOBZ67o7ZD3L/7B0hN3rO03p9/4hy66Dm
ldWJOoIIHEsoOCh/I6mRpVOukpmDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUcHnA
nubyyzGsHvQGJIda7dZCjoAwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzNFQjg0M0Y0QjIwMjExRUQ5NjY1QjFDNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpRQwDQYJKoZIhvcNAQEL
BQADggEBAAtq4irLsJMR5CfiP0wW/5HMWv9BauTAGPneDEWqnDOa8o8iVpFjYAyw
BE0lMXwxdutBr9XaG8P/mmRpc+ZwImOVhuf09rJE8q9KVpqk8vRqZLZ35IkLHp4M
ROovLf0yCXt79YCyy+4H8HCXqpHF9IWr76R14vlHbcUQ5bKIYJA9Dl/8LqWuXwFn
es7Hd3NAYKXWeldnC+RDFV8KgUj207h3OGY4+T0DqukfRJTiq80BlBLcSZ+ahPEe
iTommRsX17cskJuowpq5j4YKXI+/UxHid3GHlE/6BVrtL3a1GA7PpQtA0Pnfy79h
tTGTlzzjAFi5+X6BS6ZbZNC1VSzCf+8=
-----END CERTIFICATE-----
Generated at Thu Feb 22 03:37:37 2024 by rpki-client on console-fra.rpki-client.org