Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/1C5A30FA0B6811EE8909C81B4AD9E6FC.roa
File:                     1C5A30FA0B6811EE8909C81B4AD9E6FC.roa (raw, json)
Hash identifier:          +04IXi7ANl+K/pBnMuUYskD3ND4xfZmZMvJZRC+yEiU=
Subject key identifier:   7D:FC:74:8D:93:D9:92:97:F9:8C:EF:07:B5:9C:C7:B2:D9:6C:11:73
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       04
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/1C5A30FA0B6811EE8909C81B4AD9E6FC.roa
Signing time:             Thu 15 Jun 2023 10:33:47 +0000
ROA not before:           Thu 15 Jun 2023 10:33:44 +0000
ROA not after:            Sat 15 Jun 2024 10:33:44 +0000
asID:                     37684
IP address blocks:        41.242.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Jun 15 10:33:44 2023 GMT
            Not After : Jun 15 10:33:44 2024 GMT
        Subject: CN=648ae90b-421c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:80:2b:8c:40:f2:af:c3:7d:11:d3:5c:23:54:
                    e9:a5:23:95:b2:a4:bb:37:76:cf:70:10:4b:24:67:
                    78:b0:d2:2d:2c:35:5c:2d:7b:00:c4:f2:99:b1:9f:
                    1d:51:b2:64:8e:58:e1:b4:66:e6:8d:10:85:a5:98:
                    96:ed:4b:a1:f3:82:1f:15:bd:6c:47:77:24:9e:2d:
                    5d:0e:9d:b0:f6:d0:c0:42:1d:09:24:ad:0c:30:cd:
                    0e:b5:b2:7f:fb:a1:e9:e4:0d:b7:d1:81:34:71:49:
                    c5:57:f9:a4:3e:5f:12:73:db:51:47:a4:36:c5:0b:
                    b7:aa:04:b4:02:94:99:b8:f7:c0:29:6c:62:15:59:
                    cb:c7:5e:c3:87:f9:b5:98:ca:ac:76:0d:42:0d:e4:
                    5c:75:92:42:3d:dd:6b:3d:46:34:b7:bc:cf:b4:98:
                    8b:6a:b5:8d:90:13:07:a5:6c:59:2a:dc:9f:29:87:
                    df:33:37:78:b0:8e:7d:97:c9:7e:54:dc:74:61:c1:
                    c4:df:a5:04:f3:f4:93:c2:04:ca:29:1e:5a:4c:42:
                    38:6c:ad:43:8e:df:2e:84:be:98:c8:db:46:c4:7d:
                    13:34:5a:ce:e0:b9:92:aa:a7:19:55:58:01:b5:5e:
                    d1:51:cc:17:5a:e0:ff:8c:b4:50:a6:ab:51:00:2f:
                    a5:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:FC:74:8D:93:D9:92:97:F9:8C:EF:07:B5:9C:C7:B2:D9:6C:11:73
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/1C5A30FA0B6811EE8909C81B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.242.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:e8:8a:bc:43:69:d8:38:92:45:40:6c:c9:67:38:51:7f:8e:
         36:7f:34:3a:ee:cb:99:23:24:a4:20:f0:81:cb:25:e6:d1:7c:
         a8:fb:40:68:11:a0:95:ff:6c:9c:4f:f6:0c:ce:32:37:ba:13:
         b0:ec:1f:6e:79:c0:f8:d1:28:f1:d6:e6:d4:f7:74:8f:d2:01:
         b9:08:5c:ed:b2:4e:10:ae:4e:79:f1:31:92:4f:ce:08:db:92:
         38:aa:f8:17:e1:32:9a:8c:0c:0b:54:64:75:17:59:dc:9d:2f:
         2a:bb:d3:1f:95:79:f8:fd:32:f1:6f:f5:5e:0b:ff:cc:f5:a1:
         bf:e5:65:af:a7:cf:f8:f0:97:06:82:fe:56:e3:a3:fb:2a:eb:
         c9:55:4b:0f:6f:d5:6f:58:8c:84:1c:e3:c3:55:80:16:bb:0d:
         cb:9f:4a:7e:7a:06:2b:13:09:6e:69:47:aa:65:dc:64:0f:a0:
         20:e7:33:e4:2a:d2:9f:7e:a7:77:ce:ae:25:9f:13:ce:4b:66:
         f6:e3:bc:6c:e0:67:fc:9b:12:cb:57:ee:69:64:9e:9b:03:ae:
         df:26:c7:d9:f3:e9:2e:86:3a:f9:b5:27:4a:c3:80:d4:3f:fe:
         0a:35:48:87:b3:97:5f:2c:54:99:93:0d:20:4c:51:20:29:d5:
         cc:a0:8c:af
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI4Q0FGMTEwLwYDVQQFEyg4NzIxMzBFNjlCM0ZCODAzNUIxQjI1RDNGNkZCOTc0
QTJBMDc4RUNDMB4XDTIzMDYxNTEwMzM0NFoXDTI0MDYxNTEwMzM0NFowGDEWMBQG
A1UEAxMNNjQ4YWU5MGItNDIxYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyAK4xA8q/DfRHTXCNU6aUjlbKkuzd2z3AQSyRneLDSLSw1XC17AMTymbGf
HVGyZI5Y4bRm5o0QhaWYlu1LofOCHxW9bEd3JJ4tXQ6dsPbQwEIdCSStDDDNDrWy
f/uh6eQNt9GBNHFJxVf5pD5fEnPbUUekNsULt6oEtAKUmbj3wClsYhVZy8dew4f5
tZjKrHYNQg3kXHWSQj3daz1GNLe8z7SYi2q1jZATB6VsWSrcnymH3zM3eLCOfZfJ
flTcdGHBxN+lBPP0k8IEyikeWkxCOGytQ47fLoS+mMjbRsR9EzRazuC5kqqnGVVY
AbVe0VHMF1rg/4y0UKarUQAvpYkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR9/HSN
k9mSl/mM7we1nMey2WwRczAfBgNVHSMEGDAWgBSHITDmmz+4A1sbJdP2+5dKKgeO
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFEOUU2RkMvaHlFdzVw
c191QU5iR3lYVDl2dVhTaW9IanN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHlFdzVwc191QU5iR3lYVDl2dVhTaW9IanN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFE
OUU2RkMvMUM1QTMwRkEwQjY4MTFFRTg5MDlDODFCNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnyADANBgkqhkiG9w0BAQsF
AAOCAQEAY+iKvENp2DiSRUBsyWc4UX+ONn80Ou7LmSMkpCDwgcsl5tF8qPtAaBGg
lf9snE/2DM4yN7oTsOwfbnnA+NEo8dbm1Pd0j9IBuQhc7bJOEK5OefExkk/OCNuS
OKr4F+EymowMC1RkdRdZ3J0vKrvTH5V5+P0y8W/1Xgv/zPWhv+Vlr6fP+PCXBoL+
VuOj+yrryVVLD2/Vb1iMhBzjw1WAFrsNy59KfnoGKxMJbmlHqmXcZA+gIOcz5CrS
n36nd86uJZ8Tzktm9uO8bOBn/JsSy1fuaWSemwOu3ybH2fPpLoY6+bUnSsOA1D/+
CjVIh7OXXyxUmZMNIExRICnVzKCMrw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:53:06 2024 by rpki-client on console-fra.rpki-client.org