Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/2FBEAA445F0B11EEA7A0E44B4AD9E6FC.roa
File:                     2FBEAA445F0B11EEA7A0E44B4AD9E6FC.roa (raw, json)
Hash identifier:          lCa/JbSnPJNRyqRAJCwo058IxsZT1OLbMnek898Pp3Q=
Subject key identifier:   75:34:91:4A:7F:25:BE:19:DF:01:8E:03:74:D2:AA:AA:A4:2C:28:8A
Certificate issuer:       /CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
Certificate serial:       0377
Authority key identifier: 86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/2FBEAA445F0B11EEA7A0E44B4AD9E6FC.roa
Signing time:             Fri 29 Sep 2023 21:00:15 +0000
ROA not before:           Fri 29 Sep 2023 21:00:09 +0000
ROA not after:            Fri 29 Dec 2023 21:00:09 +0000
asID:                     205320
IP address blocks:        196.44.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 887 (0x377)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
        Validity
            Not Before: Sep 29 21:00:09 2023 GMT
            Not After : Dec 29 21:00:09 2023 GMT
        Subject: CN=65173ade-d0ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:41:8e:e6:4a:3e:bb:6d:dc:2c:1b:68:c7:43:
                    f6:ac:46:32:e6:d9:a3:db:bb:34:37:c8:ab:6c:de:
                    9a:fb:b9:8b:ad:5a:ac:af:a9:01:5d:0c:bb:e2:9d:
                    68:b2:ac:54:9f:ac:9f:ef:bc:a2:0f:16:df:84:2c:
                    05:eb:d5:1e:dd:32:84:b1:aa:79:2e:bf:dd:29:c7:
                    33:a3:c2:9f:07:11:b9:23:1a:47:27:ce:aa:14:1d:
                    3e:df:18:71:19:c5:90:15:3e:8a:bf:3f:4d:af:c3:
                    cf:4d:f9:d4:74:ce:33:6f:f9:f9:1e:91:56:94:3d:
                    38:41:ce:7d:bb:27:78:d2:ba:cb:77:0f:a9:73:ea:
                    8a:8e:9b:3e:ee:47:9e:6a:45:e6:3b:b4:a9:2f:db:
                    87:47:2a:b0:fa:24:49:bd:d1:9c:9c:8a:f9:76:a5:
                    bc:8c:20:ee:3a:96:3b:60:df:71:7a:66:92:20:5d:
                    c7:a6:8d:00:be:0b:45:ab:8e:2d:18:1f:51:a5:b5:
                    e9:fa:c8:21:d5:00:36:08:54:b5:50:f0:3e:0b:15:
                    9f:9a:ad:d8:1d:ef:1b:e1:24:08:5f:ab:3d:97:a4:
                    10:49:db:8a:6a:3b:24:22:e3:6a:9c:51:94:10:0b:
                    15:a9:48:26:ca:15:c9:21:35:ab:28:d0:a3:2b:39:
                    27:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:34:91:4A:7F:25:BE:19:DF:01:8E:03:74:D2:AA:AA:A4:2C:28:8A
            X509v3 Authority Key Identifier:
                keyid:86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/2FBEAA445F0B11EEA7A0E44B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.44.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:6e:b0:21:a2:04:76:16:55:b4:e5:f5:c1:6f:c5:90:00:c8:
         5a:2d:0c:b5:ca:12:01:14:3f:7e:30:2f:fe:b6:ea:81:df:18:
         43:bd:3e:66:85:bf:7b:b7:70:ed:1f:4d:1f:30:1d:dc:28:88:
         e9:1f:6e:1f:0b:f7:09:06:10:d5:d8:b2:58:0f:56:0e:e2:d8:
         c0:54:b2:07:6c:a6:9e:ba:04:5c:37:6d:4f:d1:53:0f:e3:18:
         16:3b:c7:a0:2b:20:61:2a:1f:1f:d2:b6:27:44:1c:10:65:7e:
         9a:0c:65:70:bc:f1:81:8a:02:cf:fa:b2:f8:75:ac:f3:2c:25:
         1f:c1:90:63:82:67:93:81:05:a9:26:06:4f:11:97:08:80:c3:
         1e:ff:6c:df:74:de:df:62:e9:69:ab:48:0a:76:7a:49:07:8d:
         e1:78:12:3d:3a:f6:35:29:0d:e6:be:c0:5b:4c:be:98:02:da:
         fb:21:2f:cf:82:91:88:a6:6e:a8:98:c1:d6:49:f7:9e:01:f2:
         1e:e9:b5:b3:fe:98:55:75:f5:3f:75:f4:de:ac:49:38:42:ef:
         98:2e:e5:98:9c:09:27:a7:e8:a8:c2:40:bd:86:b1:02:da:0a:
         aa:f4:b9:fa:c2:7a:c1:a2:bf:41:e8:88:14:f1:c2:a9:bf:a6:
         bc:2b:5a:46
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA3cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjA2MjhBRjExMC8GA1UEBRMoODYwNUQ3NTk5QTA0MDJGNzBFQzJGMjU4RDZDMTZC
RDJFNEU4RDFGRTAeFw0yMzA5MjkyMTAwMDlaFw0yMzEyMjkyMTAwMDlaMBgxFjAU
BgNVBAMTDTY1MTczYWRlLWQwYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4QY7mSj67bdwsG2jHQ/asRjLm2aPbuzQ3yKts3pr7uYutWqyvqQFdDLvi
nWiyrFSfrJ/vvKIPFt+ELAXr1R7dMoSxqnkuv90pxzOjwp8HEbkjGkcnzqoUHT7f
GHEZxZAVPoq/P02vw89N+dR0zjNv+fkekVaUPThBzn27J3jSust3D6lz6oqOmz7u
R55qReY7tKkv24dHKrD6JEm90Zycivl2pbyMIO46ljtg33F6ZpIgXcemjQC+C0Wr
ji0YH1Glten6yCHVADYIVLVQ8D4LFZ+ardgd7xvhJAhfqz2XpBBJ24pqOyQi42qc
UZQQCxWpSCbKFckhNaso0KMrOSeRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdTSR
Sn8lvhnfAY4DdNKqqqQsKIowHwYDVR0jBBgwFoAUhgXXWZoEAvcOwvJY1sFr0uTo
0f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYwNjI4L0YwQ0NCRTdDRkJBMDExRUJBQjc4NkM0OUQ4QTAxNENFL2hnWFhX
Wm9FQXZjT3d2Slkxc0ZyMHVUbzBmNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2hnWFhXWm9FQXZjT3d2Slkxc0ZyMHVUbzBmNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkYwNjI4L0YwQ0NCRTdDRkJBMDExRUJBQjc4NkM0OUQ4
QTAxNENFLzJGQkVBQTQ0NUYwQjExRUVBN0EwRTQ0QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADELH0wDQYJKoZIhvcNAQEL
BQADggEBAJpusCGiBHYWVbTl9cFvxZAAyFotDLXKEgEUP34wL/626oHfGEO9PmaF
v3u3cO0fTR8wHdwoiOkfbh8L9wkGENXYslgPVg7i2MBUsgdspp66BFw3bU/RUw/j
GBY7x6ArIGEqHx/StidEHBBlfpoMZXC88YGKAs/6svh1rPMsJR/BkGOCZ5OBBakm
Bk8RlwiAwx7/bN903t9i6WmrSAp2ekkHjeF4Ej069jUpDea+wFtMvpgC2vshL8+C
kYimbqiYwdZJ954B8h7ptbP+mFV19T919N6sSThC75gu5ZicCSen6KjCQL2GsQLa
Cqr0ufrCesGiv0HoiBTxwqm/prwrWkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:41 2024 by rpki-client on console-ams.rpki-client.org