Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/0D0376880AA611EE969E634C4AD9E6FC.roa
File:                     0D0376880AA611EE969E634C4AD9E6FC.roa (raw, json)
Hash identifier:          HqtvBW6NArhptDqE2y6MsEyLSvpMvAR33FSX2td8nv0=
Subject key identifier:   ED:31:09:10:2F:59:EB:9C:16:19:B5:DD:5A:DD:83:1A:11:8D:96:38
Certificate issuer:       /CN=F36C7A8FAF/serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
Certificate serial:       04
Authority key identifier: E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/0D0376880AA611EE969E634C4AD9E6FC.roa
Signing time:             Wed 14 Jun 2023 11:24:39 +0000
ROA not before:           Wed 14 Jun 2023 11:24:36 +0000
ROA not after:            Thu 13 Jun 2024 11:24:36 +0000
asID:                     36959
IP address blocks:        197.220.0.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C7A8FAF/serialNumber=E99E81FC8FE487C2F84DC9AFADC1FCDBB4029AF9
        Validity
            Not Before: Jun 14 11:24:36 2023 GMT
            Not After : Jun 13 11:24:36 2024 GMT
        Subject: CN=6489a377-c508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:85:72:f3:ca:7f:87:61:5c:81:ec:45:ed:1e:
                    37:a6:66:dc:e9:e0:a1:0c:94:94:79:97:4e:cd:7d:
                    0e:03:2c:4b:c8:6e:98:e8:30:64:24:fd:55:0c:2b:
                    45:29:3b:ed:17:b2:8f:76:f3:11:01:25:7c:a8:ce:
                    73:13:61:fd:dc:ae:19:a1:6c:51:70:5c:59:ad:f0:
                    43:67:19:5f:dd:2a:20:3f:c0:f1:a4:a3:f0:8e:a9:
                    8a:95:90:61:1f:f5:79:df:73:74:2e:5a:0e:eb:f7:
                    1c:8d:eb:4e:69:fb:a1:fa:4a:b5:10:ee:43:08:8e:
                    42:93:39:6a:a2:aa:79:a1:04:bd:3a:4c:07:e8:0b:
                    3b:09:f6:27:c4:1a:1b:08:75:5a:80:26:c5:97:3e:
                    96:8d:86:b3:fd:d2:a0:a1:18:1d:ce:34:d3:77:2c:
                    03:14:17:5e:c1:82:c8:8a:f5:7a:6c:8e:7d:75:ad:
                    fc:a0:34:36:57:78:95:ac:05:58:ee:15:d0:90:00:
                    a0:88:d4:89:e7:41:80:da:9d:51:c1:57:f3:12:1d:
                    e4:e2:bd:30:5a:60:91:2a:85:46:a8:b9:19:4a:e1:
                    2a:d6:50:fd:8f:66:e7:e5:ec:fa:07:1d:42:51:b4:
                    f7:74:15:1a:ef:89:ad:07:7f:61:47:2a:94:7b:69:
                    3e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:31:09:10:2F:59:EB:9C:16:19:B5:DD:5A:DD:83:1A:11:8D:96:38
            X509v3 Authority Key Identifier:
                keyid:E9:9E:81:FC:8F:E4:87:C2:F8:4D:C9:AF:AD:C1:FC:DB:B4:02:9A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/6Z6B_I_kh8L4TcmvrcH827QCmvk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6Z6B_I_kh8L4TcmvrcH827QCmvk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C7A8F/0D485FCA0A9A11EE955F44294AD9E6FC/0D0376880AA611EE969E634C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.220.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         01:af:63:1d:b7:67:2d:d2:96:3c:d4:7a:35:06:b4:0a:5c:80:
         50:0b:dd:62:84:6c:c6:4c:fa:b1:b1:b8:68:d8:69:9d:b5:89:
         b1:71:19:42:f7:26:c6:f0:cb:da:1a:9f:e5:24:7f:58:12:f5:
         92:67:13:64:36:d1:20:13:52:cd:cc:0b:d4:aa:c4:66:44:31:
         03:2a:6e:77:61:ab:c0:c0:c0:f7:b1:f4:d8:de:6a:dc:85:66:
         48:fa:47:5b:87:5f:22:c0:18:8b:cb:42:fd:3b:ef:47:93:27:
         e4:d4:29:33:de:4e:9e:7d:bf:58:49:13:ea:61:da:3c:b3:a2:
         ee:01:41:b4:d6:d0:63:03:1b:5b:53:9a:0c:5c:1e:aa:cb:4c:
         69:8c:6a:ab:9a:90:af:59:8e:a1:57:8d:00:a8:6a:c6:ce:9e:
         2b:45:bb:51:52:d4:d8:6d:91:93:33:81:ca:70:8a:38:bf:ce:
         e1:90:b8:57:3f:ce:40:a4:2e:8b:fa:91:9c:a6:a4:dd:14:58:
         69:39:55:f1:56:11:53:87:2c:6e:f4:bd:14:40:4b:a5:9a:84:
         8c:36:7f:4b:18:dc:e5:aa:e5:d0:15:a3:c8:1a:79:7f:51:c0:
         7c:28:5b:4c:b0:1a:28:3f:3d:ce:1d:4c:86:49:d6:3b:c6:6d:
         40:9d:4e:a4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
N0E4RkFGMTEwLwYDVQQFEyhFOTlFODFGQzhGRTQ4N0MyRjg0REM5QUZBREMxRkNE
QkI0MDI5QUY5MB4XDTIzMDYxNDExMjQzNloXDTI0MDYxMzExMjQzNlowGDEWMBQG
A1UEAxMNNjQ4OWEzNzctYzUwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSFcvPKf4dhXIHsRe0eN6Zm3OngoQyUlHmXTs19DgMsS8humOgwZCT9VQwr
RSk77Reyj3bzEQElfKjOcxNh/dyuGaFsUXBcWa3wQ2cZX90qID/A8aSj8I6pipWQ
YR/1ed9zdC5aDuv3HI3rTmn7ofpKtRDuQwiOQpM5aqKqeaEEvTpMB+gLOwn2J8Qa
Gwh1WoAmxZc+lo2Gs/3SoKEYHc4003csAxQXXsGCyIr1emyOfXWt/KA0Nld4lawF
WO4V0JAAoIjUiedBgNqdUcFX8xId5OK9MFpgkSqFRqi5GUrhKtZQ/Y9m5+Xs+gcd
QlG093QVGu+JrQd/YUcqlHtpPoMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTtMQkQ
L1nrnBYZtd1a3YMaEY2WODAfBgNVHSMEGDAWgBTpnoH8j+SHwvhNya+twfzbtAKa
+TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzdBOEYvMEQ0ODVGQ0EwQTlBMTFFRTk1NUY0NDI5NEFEOUU2RkMvNlo2Ql9J
X2toOEw0VGNtdnJjSDgyN1FDbXZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNlo2Ql9JX2toOEw0VGNtdnJjSDgyN1FDbXZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzdBOEYvMEQ0ODVGQ0EwQTlBMTFFRTk1NUY0NDI5NEFE
OUU2RkMvMEQwMzc2ODgwQUE2MTFFRTk2OUU2MzRDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcXcADANBgkqhkiG9w0BAQsF
AAOCAQEAAa9jHbdnLdKWPNR6NQa0ClyAUAvdYoRsxkz6sbG4aNhpnbWJsXEZQvcm
xvDL2hqf5SR/WBL1kmcTZDbRIBNSzcwL1KrEZkQxAypud2GrwMDA97H02N5q3IVm
SPpHW4dfIsAYi8tC/TvvR5Mn5NQpM95Onn2/WEkT6mHaPLOi7gFBtNbQYwMbW1Oa
DFweqstMaYxqq5qQr1mOoVeNAKhqxs6eK0W7UVLU2G2RkzOBynCKOL/O4ZC4Vz/O
QKQui/qRnKak3RRYaTlV8VYRU4csbvS9FEBLpZqEjDZ/Sxjc5arl0BWjyBp5f1HA
fChbTLAaKD89zh1MhknWO8ZtQJ1OpA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 05:35:55 2024 by rpki-client on console-fra.rpki-client.org