Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/203875F43DBA11EEB0F3E7214AD9E6FC.roa
File:                     203875F43DBA11EEB0F3E7214AD9E6FC.roa (raw, json)
Hash identifier:          z4ZF7i1iZ5RA8CxGWs4Gr5wGLHMh9JXIsoaC5J4QN3U=
Subject key identifier:   CA:C6:BC:74:4B:90:4E:F5:36:59:D2:77:FA:8D:3A:F9:77:0F:71:42
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       0BA2
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/203875F43DBA11EEB0F3E7214AD9E6FC.roa
Signing time:             Fri 18 Aug 2023 11:26:51 +0000
ROA not before:           Fri 18 Aug 2023 11:26:45 +0000
ROA not after:            Sun 18 Aug 2024 11:26:45 +0000
asID:                     203020
IP address blocks:        161.123.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2978 (0xba2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: Aug 18 11:26:45 2023 GMT
            Not After : Aug 18 11:26:45 2024 GMT
        Subject: CN=64df557b-6cea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d0:a2:15:50:12:7a:db:89:c2:da:82:a7:5c:
                    cc:05:31:d9:4c:01:66:df:2d:dd:5a:57:eb:0d:3e:
                    e0:57:77:e2:7e:cb:74:94:b3:3d:6c:90:cf:41:25:
                    67:e4:3b:3d:df:58:bb:41:e6:0d:3b:11:93:fa:d5:
                    3f:b8:b1:ab:b4:7d:85:4a:8e:2a:a5:62:45:dd:18:
                    e4:d4:c6:e9:67:26:16:83:29:b1:fc:30:a4:09:6c:
                    0f:9a:f7:c9:4d:22:2d:00:5e:0a:ab:ef:e8:dd:46:
                    d8:8b:26:40:b1:87:f1:a4:7a:77:f7:18:75:d4:0a:
                    46:e3:db:d7:ad:a6:4b:96:f6:c8:39:7e:8f:d9:8f:
                    ec:d0:08:16:fa:3a:6e:6e:52:54:95:4e:82:a0:b0:
                    c0:8d:0f:ec:b9:da:1f:08:fd:7a:6b:b2:14:56:c8:
                    52:67:e4:be:5d:d7:0f:cc:ff:63:68:55:27:be:10:
                    d4:2a:a3:a7:3c:96:12:8e:5f:af:fc:b9:5e:50:af:
                    b9:63:c6:97:09:51:83:d7:30:62:67:74:14:37:98:
                    54:0a:b1:b6:dd:e3:48:ce:a2:ec:4c:36:f5:65:ce:
                    df:a4:ca:67:2c:7d:89:7a:be:11:8d:fd:d8:fc:90:
                    68:00:89:45:8e:8e:29:b7:53:7b:ac:af:8e:e0:28:
                    84:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C6:BC:74:4B:90:4E:F5:36:59:D2:77:FA:8D:3A:F9:77:0F:71:42
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/203875F43DBA11EEB0F3E7214AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:5a:2d:65:c8:59:75:2c:db:2e:f0:5f:4e:94:40:8d:43:6d:
         88:a6:91:ff:76:9f:09:27:2a:72:4d:41:ba:2e:31:e3:3a:10:
         1f:61:c1:1c:4a:be:a3:8d:c8:c0:3b:ea:28:e4:be:36:b7:39:
         62:c2:c2:d7:35:40:a1:3b:4a:92:2b:97:13:e1:fe:92:ad:b9:
         cf:50:a1:61:e8:23:a3:a5:5f:f1:14:b1:52:65:62:76:8b:af:
         97:9d:d6:26:0b:20:9a:02:ae:5a:da:98:0b:e6:e3:a7:64:de:
         b7:c7:f9:42:57:a7:59:b5:8f:4c:f1:53:9c:49:8b:4c:94:58:
         08:30:8c:c2:87:41:9e:d0:d3:aa:b9:a5:51:ec:9e:fe:a0:9f:
         13:03:7f:66:a9:9e:e2:87:7b:74:3e:1b:fd:d0:a0:0c:75:d0:
         8a:cf:69:e3:b9:f9:91:fd:c8:ac:5f:56:19:72:cf:3f:36:53:
         9a:86:86:a8:e5:4e:fa:8b:df:db:80:9c:9b:9b:16:c7:5d:17:
         78:f2:c6:5d:ef:ea:01:0c:fd:b5:91:17:77:4c:83:c8:ad:0a:
         fe:b1:05:a7:1c:e1:3e:2b:6c:e8:bc:75:68:4f:7a:71:b2:41:
         88:c5:69:92:a8:bf:cb:b4:de:ed:7e:3f:91:db:9b:0d:60:64:
         d1:c9:ff:df
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC6IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA4MTgxMTI2NDVaFw0yNDA4MTgxMTI2NDVaMBgxFjAU
BgNVBAMTDTY0ZGY1NTdiLTZjZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC50KIVUBJ624nC2oKnXMwFMdlMAWbfLd1aV+sNPuBXd+J+y3SUsz1skM9B
JWfkOz3fWLtB5g07EZP61T+4sau0fYVKjiqlYkXdGOTUxulnJhaDKbH8MKQJbA+a
98lNIi0AXgqr7+jdRtiLJkCxh/Gkenf3GHXUCkbj29etpkuW9sg5fo/Zj+zQCBb6
Om5uUlSVToKgsMCND+y52h8I/XprshRWyFJn5L5d1w/M/2NoVSe+ENQqo6c8lhKO
X6/8uV5Qr7ljxpcJUYPXMGJndBQ3mFQKsbbd40jOouxMNvVlzt+kymcsfYl6vhGN
/dj8kGgAiUWOjim3U3usr47gKIR7AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUysa8
dEuQTvU2WdJ3+o06+XcPcUIwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzIwMzg3NUY0M0RCQTExRUVCMEYzRTcyMTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAChe2QwDQYJKoZIhvcNAQELBQAD
ggEBAJVaLWXIWXUs2y7wX06UQI1DbYimkf92nwknKnJNQbouMeM6EB9hwRxKvqON
yMA76ijkvja3OWLCwtc1QKE7SpIrlxPh/pKtuc9QoWHoI6OlX/EUsVJlYnaLr5ed
1iYLIJoCrlramAvm46dk3rfH+UJXp1m1j0zxU5xJi0yUWAgwjMKHQZ7Q06q5pVHs
nv6gnxMDf2apnuKHe3Q+G/3QoAx10IrPaeO5+ZH9yKxfVhlyzz82U5qGhqjlTvqL
39uAnJubFsddF3jyxl3v6gEM/bWRF3dMg8itCv6xBacc4T4rbOi8dWhPenGyQYjF
aZKov8u03u1+P5Hbmw1gZNHJ/98=
-----END CERTIFICATE-----
Generated at Mon Aug 19 05:25:49 2024 by rpki-client on console-fra.rpki-client.org