Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5B46A2883DBA11EEB64387224AD9E6FC.roa
File:                     5B46A2883DBA11EEB64387224AD9E6FC.roa (raw, json)
Hash identifier:          m7Nw8X04bpkDR2vgHtHK1f3vwt+P6uiiWjS2ypBxiJs=
Subject key identifier:   77:21:F2:91:E9:BA:78:B3:A9:42:C7:AF:97:A8:E5:D6:81:A9:67:4D
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       0BA4
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5B46A2883DBA11EEB64387224AD9E6FC.roa
Signing time:             Fri 18 Aug 2023 11:28:30 +0000
ROA not before:           Fri 18 Aug 2023 11:28:26 +0000
ROA not after:            Sun 18 Aug 2024 11:28:26 +0000
asID:                     203020
IP address blocks:        161.123.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2980 (0xba4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: Aug 18 11:28:26 2023 GMT
            Not After : Aug 18 11:28:26 2024 GMT
        Subject: CN=64df55de-67b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5b:21:99:10:39:b3:d2:f5:22:97:5a:42:be:
                    15:c2:59:b4:8a:8d:03:04:70:7f:11:3c:59:28:27:
                    e8:ea:e4:14:72:15:89:2c:bd:d7:fa:ce:24:ba:a6:
                    50:31:ff:f9:1b:f8:b5:c3:00:0c:b7:f0:33:36:aa:
                    0a:19:59:d0:1e:9c:5b:57:01:91:44:33:05:cb:9f:
                    da:a0:16:53:0c:0e:cf:02:d3:cf:25:26:ee:62:ff:
                    cd:d5:42:e0:cf:e2:f5:26:b2:39:b4:7b:75:2f:6e:
                    48:a2:bb:1d:d7:de:d3:b6:8b:06:eb:75:dd:b1:d4:
                    7c:7b:8d:f3:01:85:99:7e:e9:3a:02:a6:11:7b:ab:
                    bd:82:65:9a:ed:e6:9e:eb:4b:ca:64:fe:41:88:47:
                    e2:ab:b7:ec:a4:9f:00:3a:00:6a:be:fe:13:29:55:
                    ce:76:e8:cb:e4:43:d8:ef:21:e3:f6:14:bd:a6:3c:
                    a9:62:2a:6f:6a:a8:a7:06:ba:60:c0:ce:57:d6:1f:
                    61:28:c3:bc:2d:a7:22:ea:68:57:19:92:04:37:77:
                    01:30:c2:9f:16:7a:94:dd:8a:8e:35:be:d2:62:a8:
                    80:d2:05:2b:0b:64:60:8e:9b:2b:b2:b5:85:94:25:
                    ec:f0:52:ec:fe:fb:4b:b3:68:58:9e:c8:87:43:ce:
                    ab:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:21:F2:91:E9:BA:78:B3:A9:42:C7:AF:97:A8:E5:D6:81:A9:67:4D
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5B46A2883DBA11EEB64387224AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:82:ea:2b:7d:2b:99:a2:6a:e6:19:02:26:f7:67:58:d4:ef:
         e5:18:c1:2d:8a:88:1d:56:b2:69:14:ba:27:14:79:23:41:9e:
         07:61:f4:34:d1:ee:ee:e4:a5:a5:43:58:39:c5:20:b7:04:8d:
         2b:3e:35:d3:1e:d5:62:e3:28:2e:06:af:ee:21:73:1d:3b:a6:
         c0:a3:fe:31:79:16:34:29:5d:38:3c:3d:b2:8b:96:9d:c1:2a:
         db:4c:ea:bd:eb:90:c9:dc:99:8a:c0:1a:5c:d6:2e:19:64:26:
         37:7e:9e:93:c0:eb:3e:f5:50:93:4a:05:a7:41:5d:3f:1a:09:
         7c:50:7d:7e:2b:a0:b4:91:23:3c:d4:7d:ef:72:b9:0a:b1:84:
         c3:da:bb:de:93:bb:58:e3:e5:a5:a3:bb:29:33:f5:6a:16:ed:
         2c:9f:d8:d7:7a:c3:49:6f:82:ea:20:13:14:92:93:da:3f:b6:
         85:87:b5:d3:b0:d3:94:31:d7:2c:b6:43:80:60:c2:e7:91:61:
         75:ef:5e:91:c9:19:9e:38:80:9c:40:dd:e6:28:55:54:1f:2b:
         5f:23:1b:79:28:d3:58:f5:1b:6d:ac:d1:08:e9:c1:09:19:01:
         51:e8:2a:1b:21:c2:08:ca:0d:b7:ba:94:1a:d9:6d:08:dd:dc:
         f6:ef:ba:57
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC6QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA4MTgxMTI4MjZaFw0yNDA4MTgxMTI4MjZaMBgxFjAU
BgNVBAMTDTY0ZGY1NWRlLTY3YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzWyGZEDmz0vUil1pCvhXCWbSKjQMEcH8RPFkoJ+jq5BRyFYksvdf6ziS6
plAx//kb+LXDAAy38DM2qgoZWdAenFtXAZFEMwXLn9qgFlMMDs8C088lJu5i/83V
QuDP4vUmsjm0e3Uvbkiiux3X3tO2iwbrdd2x1Hx7jfMBhZl+6ToCphF7q72CZZrt
5p7rS8pk/kGIR+Krt+yknwA6AGq+/hMpVc526MvkQ9jvIeP2FL2mPKliKm9qqKcG
umDAzlfWH2Eow7wtpyLqaFcZkgQ3dwEwwp8WepTdio41vtJiqIDSBSsLZGCOmyuy
tYWUJezwUuz++0uzaFieyIdDzqsbAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUdyHy
kem6eLOpQsevl6jl1oGpZ00wHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzVCNDZBMjg4M0RCQTExRUVCNjQzODcyMjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAChe2YwDQYJKoZIhvcNAQELBQAD
ggEBAHaC6it9K5miauYZAib3Z1jU7+UYwS2KiB1WsmkUuicUeSNBngdh9DTR7u7k
paVDWDnFILcEjSs+NdMe1WLjKC4Gr+4hcx07psCj/jF5FjQpXTg8PbKLlp3BKttM
6r3rkMncmYrAGlzWLhlkJjd+npPA6z71UJNKBadBXT8aCXxQfX4roLSRIzzUfe9y
uQqxhMPau96Tu1jj5aWjuykz9WoW7Syf2Nd6w0lvguogExSSk9o/toWHtdOw05Qx
1yy2Q4BgwueRYXXvXpHJGZ44gJxA3eYoVVQfK18jG3ko01j1G22s0QjpwQkZAVHo
KhshwgjKDbe6lBrZbQjd3Pbvulc=
-----END CERTIFICATE-----
Generated at Mon Aug 19 05:23:05 2024 by rpki-client on console-ams.rpki-client.org