Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/AF20C5B43E7E11EDBD589EC5F1222468.roa
File:                     AF20C5B43E7E11EDBD589EC5F1222468.roa (raw, json)
Hash identifier:          sQmcmEKKSp2PON2vVjyEmI42h0cyVQGUhJDe8yLXvGs=
Subject key identifier:   E2:BD:9B:D4:A3:35:01:74:18:B5:08:34:70:AB:BE:9C:33:A5:7A:6A
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0809
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/AF20C5B43E7E11EDBD589EC5F1222468.roa
Signing time:             Tue 27 Sep 2022 16:08:54 +0000
ROA not before:           Tue 27 Sep 2022 16:08:51 +0000
ROA not after:            Wed 27 Sep 2023 16:08:51 +0000
asID:                     212238
IP address blocks:        102.129.228.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2057 (0x809)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Sep 27 16:08:51 2022 GMT
            Not After : Sep 27 16:08:51 2023 GMT
        Subject: CN=63332016-5f9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2e:7b:7a:59:ab:64:a6:f3:1b:73:cf:53:08:
                    ee:09:29:4c:ea:b0:7f:5e:75:aa:7e:72:7f:cc:82:
                    8f:9f:61:50:eb:40:b5:f5:87:df:98:c0:0a:a1:3e:
                    01:56:22:31:ea:b9:fc:d7:07:f0:e4:0f:8a:5b:da:
                    ac:0c:42:09:3e:33:77:a5:9d:d7:13:27:bf:aa:bd:
                    ca:d0:ae:93:6e:fc:72:96:e1:c6:11:09:f9:91:9f:
                    2a:ee:f2:bd:e4:bc:2e:53:93:e0:01:a7:35:e9:98:
                    35:d8:2e:5b:aa:32:92:c3:f2:1c:30:b0:82:dc:00:
                    b6:c6:6e:bd:7a:24:90:af:0a:7d:3e:47:6c:90:4c:
                    39:c4:66:6d:b0:b6:fc:0d:b0:45:68:21:97:c1:b0:
                    aa:9e:f0:2a:ac:ae:fd:57:70:ae:66:40:ff:b9:e7:
                    e2:4b:d0:f5:75:87:72:a3:ed:e4:47:fc:41:f0:cd:
                    68:27:7a:a1:43:29:8f:2d:29:52:47:a6:76:31:2c:
                    04:05:d8:87:cf:06:b8:01:a3:c6:59:72:ee:fd:76:
                    32:dc:b7:65:e6:e0:ad:04:d1:45:4b:ea:79:70:99:
                    1d:34:3a:a4:29:64:1c:8f:77:29:a7:5d:59:94:01:
                    30:d9:92:77:d9:97:d7:7f:db:e0:d0:45:5d:45:72:
                    41:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:BD:9B:D4:A3:35:01:74:18:B5:08:34:70:AB:BE:9C:33:A5:7A:6A
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/AF20C5B43E7E11EDBD589EC5F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:b6:b2:dd:28:33:4b:07:25:0f:e0:67:1a:de:d6:db:ea:4e:
         e8:b8:da:ed:23:8d:01:5c:8a:0d:2e:34:5d:e0:41:fc:68:fb:
         58:88:0b:56:1f:c1:14:48:1d:d3:19:e9:4c:e4:31:9f:ca:98:
         31:cb:32:1b:84:6e:ce:91:36:ac:ec:8a:29:e3:92:4d:a8:89:
         dd:91:c1:c9:d8:71:54:e1:46:e9:8e:7c:dd:f9:f5:3b:83:35:
         f8:62:bc:b6:0e:35:6c:cd:8e:bc:de:7b:2f:c3:b7:f1:c8:de:
         69:bc:39:6d:f5:dc:ad:92:e7:e2:03:18:5b:8b:0b:f7:4e:14:
         03:34:b5:c6:6c:b5:d0:51:f3:0d:64:0a:d3:eb:55:b2:33:82:
         8a:14:23:e3:1f:4b:fa:38:c2:1c:0a:33:f9:39:32:95:2a:13:
         69:96:6c:ae:5a:db:03:5f:51:e9:29:ac:ef:08:c9:a5:cc:6f:
         d4:a4:6c:53:ae:d2:aa:dd:97:e4:bf:21:46:11:98:bd:bc:ce:
         f7:72:ad:05:89:fe:fc:17:63:d3:20:c5:74:7b:ab:43:d2:82:
         dd:d5:cb:6a:a0:33:cf:f7:ae:1a:42:66:f7:ee:02:b4:f2:a1:
         db:e4:c3:42:76:a8:a6:d4:f8:c4:b5:4f:9f:90:97:61:9e:8f:
         5f:e8:be:b2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCAkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMjA5MjcxNjA4NTFaFw0yMzA5MjcxNjA4NTFaMBgxFjAU
BgNVBAMMDTYzMzMyMDE2LTVmOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqLnt6WatkpvMbc89TCO4JKUzqsH9edap+cn/Mgo+fYVDrQLX1h9+YwAqh
PgFWIjHqufzXB/DkD4pb2qwMQgk+M3elndcTJ7+qvcrQrpNu/HKW4cYRCfmRnyru
8r3kvC5Tk+ABpzXpmDXYLluqMpLD8hwwsILcALbGbr16JJCvCn0+R2yQTDnEZm2w
tvwNsEVoIZfBsKqe8Cqsrv1XcK5mQP+55+JL0PV1h3Kj7eRH/EHwzWgneqFDKY8t
KVJHpnYxLAQF2IfPBrgBo8ZZcu79djLct2Xm4K0E0UVL6nlwmR00OqQpZByPdymn
XVmUATDZknfZl9d/2+DQRV1FckFrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4r2b
1KM1AXQYtQg0cKu+nDOlemowHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0FGMjBDNUI0M0U3RTExRURCRDU4OUVDNUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgeQwDQYJKoZIhvcNAQEL
BQADggEBAJu2st0oM0sHJQ/gZxre1tvqTui42u0jjQFcig0uNF3gQfxo+1iIC1Yf
wRRIHdMZ6UzkMZ/KmDHLMhuEbs6RNqzsiinjkk2oid2RwcnYcVThRumOfN359TuD
NfhivLYONWzNjrzeey/Dt/HI3mm8OW313K2S5+IDGFuLC/dOFAM0tcZstdBR8w1k
CtPrVbIzgooUI+MfS/o4whwKM/k5MpUqE2mWbK5a2wNfUekprO8IyaXMb9SkbFOu
0qrdl+S/IUYRmL28zvdyrQWJ/vwXY9MgxXR7q0PSgt3Vy2qgM8/3rhpCZvfuArTy
odvkw0J2qKbU+MS1T5+Ql2Gej1/ovrI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:52 2024 by rpki-client on console-fra.rpki-client.org