Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/CC7FC9205F2B11ED9E65CDAFF1222468.roa
File:                     CC7FC9205F2B11ED9E65CDAFF1222468.roa (raw, json)
Hash identifier:          ggke60cRwrtaA0IhHRjOdO+urU8fnPg7GGFgdqYU9bU=
Subject key identifier:   C5:FC:13:38:5B:1D:AD:E6:B6:FA:2A:97:1F:F8:7F:C6:B2:AF:34:CF
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       20
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/CC7FC9205F2B11ED9E65CDAFF1222468.roa
Signing time:             Tue 08 Nov 2022 06:08:44 +0000
ROA not before:           Tue 08 Nov 2022 06:08:40 +0000
ROA not after:            Sat 09 Nov 2024 06:08:40 +0000
asID:                     4134
IP address blocks:        2c0f:f7a8:8011::/48 maxlen: 48
                          2c0f:f7a8:8050::/48 maxlen: 48
                          2c0f:f7a8:805f::/48 maxlen: 48
                          2c0f:f7a8:8150::/48 maxlen: 48
                          2c0f:f7a8:815f::/48 maxlen: 48
                          2c0f:f7a8:8211::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32 (0x20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Nov  8 06:08:40 2022 GMT
            Not After : Nov  9 06:08:40 2024 GMT
        Subject: CN=6369f26c-fba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e9:c1:dc:74:7f:7a:a3:48:e3:3a:92:5a:c1:
                    71:04:e6:d1:b3:e9:0d:16:e4:ee:a6:15:2d:7c:46:
                    6f:bb:6f:4e:88:46:86:d2:e1:c0:23:4b:1a:85:c0:
                    a9:f6:1b:7c:2f:d7:a4:26:84:6d:22:e3:1f:dc:34:
                    87:f9:28:8b:9f:2f:1e:e4:31:02:8f:a1:dd:eb:2f:
                    1b:5a:45:77:39:8b:89:cc:64:dd:18:44:20:12:13:
                    bb:49:13:87:72:77:04:56:9a:c8:d6:95:96:9e:94:
                    33:83:69:9b:a3:29:26:eb:90:ae:0f:0f:da:d1:28:
                    bb:e4:ba:c9:89:1d:87:39:6e:3b:52:a9:91:b6:40:
                    3c:c9:9f:04:ee:99:03:64:81:09:31:b4:78:23:44:
                    ba:74:6d:49:42:e2:b4:98:3d:da:db:68:02:5d:32:
                    62:e5:13:ab:31:1b:f0:02:16:ea:6d:22:22:2b:55:
                    03:1b:01:8e:3f:33:12:0b:1b:6b:a4:f6:e3:ff:a1:
                    a0:f7:01:ee:d4:92:ef:54:1c:00:68:0c:00:dc:66:
                    77:76:17:1c:d3:3d:ee:5a:12:64:00:67:56:e8:03:
                    9e:92:24:60:09:8e:d1:90:b4:35:91:2a:3b:9e:79:
                    c6:18:ca:23:d6:e1:5e:a5:0d:9e:07:c1:fe:8f:0f:
                    fe:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:FC:13:38:5B:1D:AD:E6:B6:FA:2A:97:1F:F8:7F:C6:B2:AF:34:CF
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/CC7FC9205F2B11ED9E65CDAFF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f7a8:8011::/48
                  2c0f:f7a8:8050::/48
                  2c0f:f7a8:805f::/48
                  2c0f:f7a8:8150::/48
                  2c0f:f7a8:815f::/48
                  2c0f:f7a8:8211::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:dc:10:f9:4e:66:9c:37:b7:35:8c:98:ed:bc:4c:24:ac:95:
         ba:f8:09:66:17:62:2c:dd:05:30:d7:3e:ea:37:b0:a4:6c:fc:
         de:74:26:e1:fc:79:e3:f5:8d:c2:aa:e6:58:ff:a7:ef:ca:c0:
         a5:ca:87:01:50:af:27:03:0a:1a:ac:f2:e6:d8:50:14:4b:67:
         1a:df:f1:7b:99:8b:33:73:e9:8f:66:bd:64:06:08:c9:cd:65:
         71:fe:62:e5:2b:75:04:c7:92:25:8a:53:da:04:c8:40:e9:ff:
         8c:c6:47:e0:f7:5c:bf:ca:e7:25:75:c7:8d:32:a5:9b:5c:6f:
         69:a6:1c:ea:e2:d3:3c:29:fb:fc:aa:0f:66:43:43:53:17:3b:
         ce:8a:09:c0:b3:1c:5f:87:4e:3b:2d:cf:20:db:ea:fa:d7:f5:
         94:a9:52:43:92:00:45:5c:87:1c:e3:fe:18:12:e4:32:fd:26:
         21:24:a5:e1:32:39:af:eb:3b:c4:09:7a:f2:f8:d1:ad:dd:6d:
         fd:16:41:d3:5a:02:db:91:78:be:37:e1:27:f5:11:cc:62:e5:
         80:e3:3c:87:d2:82:df:f8:f2:ee:77:a2:e3:bf:20:f2:1b:5e:
         2a:e0:94:0d:de:1a:8c:3a:2f:66:d0:8d:cc:8e:0f:2d:a6:f0:
         c5:63:7b:45
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
QjQ5MkFGMTEwLwYDVQQFEyhGNDNFMDY2OEVGNzJCRDg3RkE1MzY4QkUyQjY4MTVD
MEJDQjQwMTQ5MB4XDTIyMTEwODA2MDg0MFoXDTI0MTEwOTA2MDg0MFowGDEWMBQG
A1UEAwwNNjM2OWYyNmMtZmJhNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3pwdx0f3qjSOM6klrBcQTm0bPpDRbk7qYVLXxGb7tvTohGhtLhwCNLGoXA
qfYbfC/XpCaEbSLjH9w0h/koi58vHuQxAo+h3esvG1pFdzmLicxk3RhEIBITu0kT
h3J3BFaayNaVlp6UM4Npm6MpJuuQrg8P2tEou+S6yYkdhzluO1KpkbZAPMmfBO6Z
A2SBCTG0eCNEunRtSULitJg92ttoAl0yYuUTqzEb8AIW6m0iIitVAxsBjj8zEgsb
a6T24/+hoPcB7tSS71QcAGgMANxmd3YXHNM97loSZABnVugDnpIkYAmO0ZC0NZEq
O555xhjKI9bhXqUNngfB/o8P/tsCAwEAAaOCAtUwggLRMB0GA1UdDgQWBBTF/BM4
Wx2t5rb6Kpcf+H/Gsq80zzAfBgNVHSMEGDAWgBT0PgZo73K9h/pTaL4raBXAvLQB
STAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REI0OTIvMTBEQTk5NzY0QTAzMTFFRDhGNTlEODlFRjEyMjI0NjgvOUQ0R2FP
OXl2WWY2VTJpLUsyZ1Z3THkwQVVrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOUQ0R2FPOXl2WWY2VTJpLUsyZ1Z3THkwQVVrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REI0OTIvMTBEQTk5NzY0QTAzMTFFRDhGNTlEODlFRjEy
MjI0NjgvQ0M3RkM5MjA1RjJCMTFFRDlFNjVDREFGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAIwNgMHACwP96iAEQMHACwP96iAUAMH
ACwP96iAXwMHACwP96iBUAMHACwP96iBXwMHACwP96iCETANBgkqhkiG9w0BAQsF
AAOCAQEAZdwQ+U5mnDe3NYyY7bxMJKyVuvgJZhdiLN0FMNc+6jewpGz83nQm4fx5
4/WNwqrmWP+n78rApcqHAVCvJwMKGqzy5thQFEtnGt/xe5mLM3Ppj2a9ZAYIyc1l
cf5i5St1BMeSJYpT2gTIQOn/jMZH4Pdcv8rnJXXHjTKlm1xvaaYc6uLTPCn7/KoP
ZkNDUxc7zooJwLMcX4dOOy3PINvq+tf1lKlSQ5IARVyHHOP+GBLkMv0mISSl4TI5
r+s7xAl68vjRrd1t/RZB01oC25F4vjfhJ/URzGLlgOM8h9KC3/jy7nei478g8hte
KuCUDd4ajDovZtCNzI4PLabwxWN7RQ==
-----END CERTIFICATE-----
Generated at Sun Nov 10 05:03:24 2024 by rpki-client on console-fra.rpki-client.org