Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5EB7E7E8E80A11EDA03FCC7E4AD9E6FC.roa
File:                     5EB7E7E8E80A11EDA03FCC7E4AD9E6FC.roa (raw, json)
Hash identifier:          TVUqjISNtf+kVcHyl50ihGY4NEprp/BHvG6L/okphwg=
Subject key identifier:   89:2C:14:12:2A:F4:64:F3:45:D6:31:1E:88:1E:00:52:10:5D:09:E0
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       0A8F
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5EB7E7E8E80A11EDA03FCC7E4AD9E6FC.roa
Signing time:             Mon 01 May 2023 10:24:36 +0000
ROA not before:           Mon 01 May 2023 10:24:32 +0000
ROA not after:            Fri 01 Sep 2023 10:24:32 +0000
asID:                     400377
IP address blocks:        161.123.155.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2703 (0xa8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: May  1 10:24:32 2023 GMT
            Not After : Sep  1 10:24:32 2023 GMT
        Subject: CN=644f9363-bc0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:87:01:13:4b:3e:04:b8:db:ac:29:57:29:e5:
                    9d:cd:29:e8:87:71:c5:b0:28:4c:64:d4:6f:04:a1:
                    ca:c7:c2:bf:3f:84:a2:2c:9b:18:a6:ac:16:b5:40:
                    c4:3a:a3:f0:ee:72:09:98:aa:10:7e:f2:21:dd:d5:
                    b6:0f:7a:d7:b1:0c:1e:af:89:3f:b3:af:01:96:3d:
                    c2:d3:4e:4d:6d:b1:ef:56:00:29:c7:fe:d9:36:23:
                    c2:73:8f:5b:2f:25:f1:e2:d3:23:e6:34:ba:3b:2d:
                    22:34:bd:47:3b:64:07:db:f4:1a:ed:cc:ac:58:01:
                    85:f4:08:9e:54:90:ec:b6:8e:b3:4a:84:89:a8:64:
                    16:85:a1:3a:00:18:e6:36:08:96:58:8f:34:dc:67:
                    0e:23:23:bd:4b:e6:ee:39:97:25:7c:3a:29:18:89:
                    3f:bb:a5:58:e3:2a:9f:d1:45:09:c4:8b:c3:da:96:
                    b8:2c:40:9e:29:b7:a5:41:18:3e:1c:fb:15:a4:d8:
                    71:41:0a:93:1b:cb:9a:10:32:78:ab:0f:23:fc:18:
                    f1:d3:89:b5:de:f4:23:93:13:47:fa:be:fe:6a:ef:
                    59:a0:50:2c:e5:fb:f2:ef:a0:b4:89:55:22:bf:58:
                    59:e8:0c:3d:16:b3:56:26:b1:6c:8f:46:a3:98:de:
                    48:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:2C:14:12:2A:F4:64:F3:45:D6:31:1E:88:1E:00:52:10:5D:09:E0
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/5EB7E7E8E80A11EDA03FCC7E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:ec:fa:98:96:eb:c9:2e:d4:bd:3e:2d:f6:7e:ea:c8:94:6c:
         54:51:b5:c1:dc:5a:ec:cd:74:7a:bf:7b:9c:32:56:b8:3e:e5:
         b4:ce:d0:7f:02:fd:3d:37:53:d8:c3:04:be:bb:d8:67:03:f8:
         95:c1:c8:b4:3d:25:c5:bf:0e:c9:eb:43:89:3b:c5:ba:b1:ea:
         6c:3a:4e:e1:78:5a:8e:b4:4d:b4:e0:53:25:71:5a:84:c8:8c:
         3f:bc:e5:88:96:99:ad:e0:a1:10:c8:35:fb:c9:30:61:6d:ef:
         d4:41:58:cf:b7:82:ad:90:dc:42:1e:15:bf:53:cf:a7:d7:f5:
         cf:49:bb:ef:e7:ec:24:bb:6b:f3:79:47:a9:7d:c2:e3:dc:16:
         b2:ef:8e:f8:f7:99:a9:97:59:71:47:00:d1:f1:65:41:fe:fb:
         b8:f1:58:73:66:6e:8a:d7:76:6b:5d:3d:04:98:05:8f:d4:68:
         a8:ad:05:ae:51:10:ce:89:ff:3e:37:c0:4e:0c:07:3e:1b:e1:
         1a:1d:42:4f:f1:eb:8f:40:5e:b4:c3:b7:63:a7:f4:bf:65:dd:
         4f:8c:da:f8:27:fd:a8:f0:e5:45:ce:d6:ae:15:22:ed:88:c0:
         84:65:7f:ee:74:3b:f8:3b:2e:b6:7a:a0:23:ee:02:12:69:61:
         5e:f0:c4:02
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCo8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA1MDExMDI0MzJaFw0yMzA5MDExMDI0MzJaMBgxFjAU
BgNVBAMTDTY0NGY5MzYzLWJjMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDhwETSz4EuNusKVcp5Z3NKeiHccWwKExk1G8EocrHwr8/hKIsmximrBa1
QMQ6o/DucgmYqhB+8iHd1bYPetexDB6viT+zrwGWPcLTTk1tse9WACnH/tk2I8Jz
j1svJfHi0yPmNLo7LSI0vUc7ZAfb9BrtzKxYAYX0CJ5UkOy2jrNKhImoZBaFoToA
GOY2CJZYjzTcZw4jI71L5u45lyV8OikYiT+7pVjjKp/RRQnEi8PalrgsQJ4pt6VB
GD4c+xWk2HFBCpMby5oQMnirDyP8GPHTibXe9COTE0f6vv5q71mgUCzl+/LvoLSJ
VSK/WFnoDD0Ws1YmsWyPRqOY3kiZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUiSwU
Eir0ZPNF1jEeiB4AUhBdCeAwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzVFQjdFN0U4RTgwQTExRURBMDNGQ0M3RTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAChe5swDQYJKoZIhvcNAQELBQAD
ggEBACjs+piW68ku1L0+LfZ+6siUbFRRtcHcWuzNdHq/e5wyVrg+5bTO0H8C/T03
U9jDBL672GcD+JXByLQ9JcW/DsnrQ4k7xbqx6mw6TuF4Wo60TbTgUyVxWoTIjD+8
5YiWma3goRDINfvJMGFt79RBWM+3gq2Q3EIeFb9Tz6fX9c9Ju+/n7CS7a/N5R6l9
wuPcFrLvjvj3mamXWXFHANHxZUH++7jxWHNmborXdmtdPQSYBY/UaKitBa5REM6J
/z43wE4MBz4b4RodQk/x649AXrTDt2On9L9l3U+M2vgn/ajw5UXO1q4VIu2IwIRl
f+50O/g7LrZ6oCPuAhJpYV7wxAI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:53 2024 by rpki-client on console-fra.rpki-client.org