Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/856F6DD6DB7F11ECA38AE1E5F1222468.roa
File:                     856F6DD6DB7F11ECA38AE1E5F1222468.roa (raw, json)
Hash identifier:          Zag2Po12KeRSKah5OCh3yHzjtAuMytU8HCoZzI+dEbU=
Subject key identifier:   08:77:3F:8A:F8:60:7A:2A:EB:DD:AF:AC:0F:7F:81:E7:C8:F0:C5:C8
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       06D5
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/856F6DD6DB7F11ECA38AE1E5F1222468.roa
Signing time:             Tue 24 May 2022 16:35:29 +0000
ROA not before:           Tue 24 May 2022 16:35:24 +0000
ROA not after:            Wed 24 May 2023 16:35:24 +0000
asID:                     400377
IP address blocks:        161.123.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1749 (0x6d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: May 24 16:35:24 2022 GMT
            Not After : May 24 16:35:24 2023 GMT
        Subject: CN=628d0951-5517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:47:05:c7:fc:40:4e:42:95:df:2d:ad:4d:21:
                    eb:1a:52:9f:e2:cd:d0:9b:c4:d9:42:d6:b7:f3:6c:
                    76:c3:00:2d:27:f0:70:14:83:56:b0:f4:76:73:53:
                    2c:3d:1d:02:3e:5c:5c:8c:f2:f4:7a:7b:ed:8f:e8:
                    1b:0c:f7:3f:2e:76:d5:b7:21:40:0b:fd:d2:6e:50:
                    55:b4:06:b5:b2:7f:32:55:17:53:3a:59:27:56:ab:
                    e6:66:26:de:86:ba:c1:86:03:a5:9b:e4:00:ea:21:
                    02:f0:39:3a:94:66:0e:9f:07:3b:48:38:3f:f2:77:
                    8c:f8:7f:e4:5e:91:ba:41:26:99:b2:6e:93:aa:5f:
                    37:db:b3:5a:b2:6a:da:f1:a9:d2:36:05:68:38:74:
                    31:78:35:74:d8:97:db:e2:75:7c:fb:96:d8:00:1f:
                    92:82:7d:8b:c8:67:2e:08:b5:32:11:e0:a6:8f:81:
                    7d:8a:35:28:3a:d3:33:80:be:d1:7f:22:c8:c5:95:
                    8a:96:2d:7b:13:4a:d5:27:d3:0a:8f:a6:12:92:91:
                    34:66:e8:64:f2:ba:b1:47:d3:8a:c9:6f:8d:2e:2e:
                    77:8b:5e:e1:be:45:7b:b8:e1:63:0e:8a:05:8e:52:
                    98:bf:82:8b:7f:e2:21:a0:b1:42:bc:84:dc:fe:84:
                    c6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:77:3F:8A:F8:60:7A:2A:EB:DD:AF:AC:0F:7F:81:E7:C8:F0:C5:C8
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/856F6DD6DB7F11ECA38AE1E5F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:53:28:09:20:90:cc:26:f8:68:2f:69:1d:bc:b0:c0:62:34:
         fc:b6:9c:48:f1:2c:31:04:c5:f3:f1:78:be:2d:14:88:55:20:
         0e:3d:75:51:f8:dd:2c:c7:e8:82:75:d4:dd:b9:81:81:22:22:
         4a:c3:e4:e6:9b:5a:d6:5b:90:8c:e8:03:0b:f7:f7:8a:2c:b0:
         e1:ad:12:8f:f9:55:9d:fd:fe:0a:71:66:43:81:f5:ca:fd:20:
         6f:f7:78:07:9c:18:2c:76:38:55:f5:24:e2:85:de:71:46:b3:
         ab:06:13:01:e6:d2:be:0a:cf:20:0e:36:cb:85:26:90:22:4e:
         d4:c7:c3:af:9d:0e:1b:42:3f:5f:6a:05:8f:f6:16:97:87:69:
         b0:57:3d:a2:44:f2:9f:d0:48:0c:f1:28:24:7e:92:9e:11:40:
         63:c7:e6:55:17:fb:bd:2a:ad:d7:d0:f8:1d:6f:aa:fb:b8:77:
         55:93:ee:2b:b7:db:4a:0d:39:1d:48:e0:04:a4:ab:b4:bd:7a:
         31:05:85:1f:b4:f3:c7:22:e6:03:96:33:e0:06:6d:0b:af:eb:
         84:0b:cc:53:78:47:e7:5a:92:38:30:d7:57:bc:32:98:42:1a:
         80:13:20:ad:31:e6:5b:c2:8e:d9:10:f8:e4:13:a7:b5:7e:c7:
         80:6d:00:ae
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBtUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMjA1MjQxNjM1MjRaFw0yMzA1MjQxNjM1MjRaMBgxFjAU
BgNVBAMMDTYyOGQwOTUxLTU1MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9RwXH/EBOQpXfLa1NIesaUp/izdCbxNlC1rfzbHbDAC0n8HAUg1aw9HZz
Uyw9HQI+XFyM8vR6e+2P6BsM9z8udtW3IUAL/dJuUFW0BrWyfzJVF1M6WSdWq+Zm
Jt6GusGGA6Wb5ADqIQLwOTqUZg6fBztIOD/yd4z4f+RekbpBJpmybpOqXzfbs1qy
atrxqdI2BWg4dDF4NXTYl9vidXz7ltgAH5KCfYvIZy4ItTIR4KaPgX2KNSg60zOA
vtF/IsjFlYqWLXsTStUn0wqPphKSkTRm6GTyurFH04rJb40uLneLXuG+RXu44WMO
igWOUpi/got/4iGgsUK8hNz+hMabAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUCHc/
ivhgeirr3a+sD3+B58jwxcgwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4Lzg1NkY2REQ2REI3RjExRUNBMzhBRTFFNUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACheygwDQYJKoZIhvcNAQELBQAD
ggEBAL9TKAkgkMwm+GgvaR28sMBiNPy2nEjxLDEExfPxeL4tFIhVIA49dVH43SzH
6IJ11N25gYEiIkrD5OabWtZbkIzoAwv394ossOGtEo/5VZ39/gpxZkOB9cr9IG/3
eAecGCx2OFX1JOKF3nFGs6sGEwHm0r4KzyAONsuFJpAiTtTHw6+dDhtCP19qBY/2
FpeHabBXPaJE8p/QSAzxKCR+kp4RQGPH5lUX+70qrdfQ+B1vqvu4d1WT7iu320oN
OR1I4ASkq7S9ejEFhR+088ci5gOWM+AGbQuv64QLzFN4R+dakjgw11e8MphCGoAT
IK0x5lvCjtkQ+OQTp7V+x4BtAK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:53 2024 by rpki-client on console-fra.rpki-client.org