Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EKxI6ha_Fq8HzvlS78PhRHgHIF8.roa
File:                     EKxI6ha_Fq8HzvlS78PhRHgHIF8.roa (raw, json)
Hash identifier:          dvbKVkjo+VGKo5AmPZH0POhJmdr5Xj6R1BgOBmV7WaY=
Subject key identifier:   10:AC:48:EA:16:BF:16:AF:07:CE:F9:52:EF:C3:E1:44:78:07:20:5F
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B5282AD
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EKxI6ha_Fq8HzvlS78PhRHgHIF8.roa
Signing time:             Sat 01 Jan 2022 08:58:28 +0000
ROA not before:           Sat 01 Jan 2022 08:58:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8947
IP address blocks:        62.244.223.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189956781 (0xb5282ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10ac48ea16bf16af07cef952efc3e1447807205f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b7:99:90:f6:8d:df:b9:15:79:7f:35:50:75:
                    02:06:a7:01:d1:7d:09:a3:9e:a5:a0:d6:be:c2:16:
                    19:fc:2d:e2:45:85:80:cd:25:ba:f2:75:e1:ee:bd:
                    f5:f3:16:86:2e:0f:00:96:30:93:a3:49:f0:28:57:
                    11:bb:cb:aa:c5:0a:fa:21:69:a9:5c:25:76:94:45:
                    0d:9f:98:8b:35:a0:77:7e:2d:63:02:12:bc:82:6f:
                    b4:a7:58:ef:4c:26:16:30:ee:ed:fd:96:25:bc:b4:
                    e4:2c:02:8b:dd:94:69:19:48:c5:f7:0c:8c:e0:6d:
                    99:9f:a4:a8:ba:f5:3a:b5:e8:55:63:0a:01:7a:91:
                    1a:de:d8:35:f0:e2:c0:69:ef:21:e6:af:7a:0b:17:
                    f5:59:e3:61:9c:4e:6f:04:7b:13:61:cb:ef:0b:86:
                    5f:3d:fe:a3:e2:a9:dc:89:09:21:59:b8:02:c8:d9:
                    81:97:8c:0e:af:bf:26:5f:35:d3:9b:74:a2:01:77:
                    89:4e:24:74:33:eb:d3:7f:f0:a8:96:80:61:4f:cf:
                    ec:20:1d:5d:87:f2:1b:c2:ec:e1:f5:47:cc:eb:c4:
                    bb:f4:f1:36:ef:5b:47:7f:7e:26:ac:9f:2a:ba:fc:
                    ca:54:ae:33:07:b5:40:aa:a9:0f:a4:e7:f0:05:7c:
                    7a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:AC:48:EA:16:BF:16:AF:07:CE:F9:52:EF:C3:E1:44:78:07:20:5F
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/EKxI6ha_Fq8HzvlS78PhRHgHIF8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.244.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:14:0e:eb:aa:18:c3:0d:04:f3:86:66:e3:e8:bb:de:43:69:
         66:67:e0:35:b1:b1:96:33:4e:d7:ab:dd:65:e8:2f:bd:64:2a:
         0f:a9:75:96:e4:f8:b6:23:9f:9a:af:65:17:5e:e4:c4:28:3a:
         24:24:f8:6b:c4:2b:2e:85:93:2c:19:70:69:07:6b:4e:a7:e1:
         18:f1:f5:c6:b3:68:55:e1:dc:2f:61:2c:0f:94:23:2f:0c:f8:
         89:6a:d0:94:97:4f:0b:f6:9f:28:be:a8:85:e4:6c:56:9b:2d:
         66:77:dc:f5:ee:f5:1c:1f:67:ed:7f:76:51:cf:92:34:45:bf:
         a3:d5:46:49:37:e4:12:19:5d:44:d8:7f:fa:bb:23:00:a7:d0:
         b2:ba:41:7e:a5:e8:30:5f:df:2c:66:93:0e:5f:51:1b:d2:81:
         92:9d:a6:ba:e3:52:59:5d:e8:98:88:38:25:c6:02:3b:ba:3a:
         97:f2:82:90:d2:4a:41:17:58:de:ea:89:5f:1c:69:15:f9:a2:
         72:46:cb:88:3b:de:8d:86:65:0a:1e:55:6d:de:36:29:48:09:
         b5:e5:7e:7f:cd:da:39:7f:d4:83:2a:d0:e1:da:d0:95:29:bc:
         ff:b1:79:c7:48:fe:a3:66:3f:49:dd:15:4e:39:b5:a4:a9:ae:
         44:2a:87:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC1KCrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTgyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBhYzQ4ZWExNmJm
MTZhZjA3Y2VmOTUyZWZjM2UxNDQ3ODA3MjA1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu3mZD2jd+5FXl/NVB1AganAdF9CaOepaDWvsIWGfwt4kWF
gM0luvJ14e699fMWhi4PAJYwk6NJ8ChXEbvLqsUK+iFpqVwldpRFDZ+YizWgd34t
YwISvIJvtKdY70wmFjDu7f2WJby05CwCi92UaRlIxfcMjOBtmZ+kqLr1OrXoVWMK
AXqRGt7YNfDiwGnvIeavegsX9VnjYZxObwR7E2HL7wuGXz3+o+Kp3IkJIVm4AsjZ
gZeMDq+/Jl8105t0ogF3iU4kdDPr03/wqJaAYU/P7CAdXYfyG8Ls4fVHzOvEu/Tx
Nu9bR39+JqyfKrr8ylSuMwe1QKqpD6Tn8AV8eocCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQrEjqFr8WrwfO+VLvw+FEeAcgXzAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
L0VLeEk2aGFfRnE4SHp2bFM3OFBoUkhnSElGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD703zANBgkqhkiG9w0BAQsFAAOC
AQEAlxQO66oYww0E84Zm4+i73kNpZmfgNbGxljNO16vdZegvvWQqD6l1luT4tiOf
mq9lF17kxCg6JCT4a8QrLoWTLBlwaQdrTqfhGPH1xrNoVeHcL2EsD5QjLwz4iWrQ
lJdPC/afKL6oheRsVpstZnfc9e71HB9n7X92Uc+SNEW/o9VGSTfkEhldRNh/+rsj
AKfQsrpBfqXoMF/fLGaTDl9RG9KBkp2muuNSWV3omIg4JcYCO7o6l/KCkNJKQRdY
3uqJXxxpFfmickbLiDvejYZlCh5Vbd42KUgJteV+f83aOX/UgyrQ4drQlSm8/7F5
x0j+o2Y/Sd0VTjm1pKmuRCqHOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org