Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/cXbmwp8RmKqLJTR9zuXrQt9su1k.roa
File:                     cXbmwp8RmKqLJTR9zuXrQt9su1k.roa (raw, json)
Hash identifier:          8UrwG3GbQaeamQCUwWmj6XdtOWxarOAOIwqkbiKfc3U=
Subject key identifier:   71:76:E6:C2:9F:11:98:AA:8B:25:34:7D:CE:E5:EB:42:DF:6C:BB:59
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B5C1FF8
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/cXbmwp8RmKqLJTR9zuXrQt9su1k.roa
Signing time:             Sat 01 Jan 2022 08:58:36 +0000
ROA not before:           Sat 01 Jan 2022 08:58:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     38920
IP address blocks:        62.244.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 190586872 (0xb5c1ff8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7176e6c29f1198aa8b25347dcee5eb42df6cbb59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e4:81:01:dd:4e:e9:5b:b4:20:5b:4f:64:24:
                    36:5c:bc:70:02:f4:99:b6:66:ec:a6:bd:82:db:bf:
                    74:9b:9e:e2:77:2e:6b:b7:e5:c4:e0:fc:39:fc:83:
                    cc:0c:80:bc:0c:82:51:19:02:b2:c2:92:f5:38:2c:
                    03:9d:e8:59:95:64:db:5f:06:cb:8e:53:91:54:b0:
                    b8:02:cf:fc:1a:e7:ca:e9:1b:2e:be:02:43:64:11:
                    86:e3:70:d2:46:ad:a7:d7:e1:39:7a:cd:59:45:6c:
                    98:05:c2:2f:d0:13:06:75:59:8a:d1:89:a5:07:71:
                    9c:e5:20:84:32:fe:96:20:54:a7:5b:cd:bb:80:de:
                    fe:d1:46:a2:34:a1:51:04:2e:57:09:25:f4:ab:fa:
                    77:b8:b7:0a:d7:54:61:ea:ae:52:7c:b8:77:fe:84:
                    03:d1:32:31:48:8c:ce:af:62:3d:07:61:95:14:6b:
                    38:bb:34:5a:fc:df:55:97:6b:f9:06:32:37:dd:5c:
                    2b:58:65:61:b2:6e:b7:0b:6d:5a:a8:8f:0e:3a:76:
                    80:81:45:8d:22:39:ee:25:49:50:66:a2:15:40:3c:
                    12:a3:28:ce:61:9d:3f:89:f2:72:5e:b2:ed:88:56:
                    9e:6c:68:1b:b8:d9:7c:ab:a3:df:25:23:2e:bf:a3:
                    12:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:76:E6:C2:9F:11:98:AA:8B:25:34:7D:CE:E5:EB:42:DF:6C:BB:59
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/cXbmwp8RmKqLJTR9zuXrQt9su1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.244.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:3c:c0:43:74:1c:e2:86:31:9b:fe:ad:82:16:a5:41:4c:70:
         1f:6b:61:50:9c:20:d0:37:55:37:34:36:c7:4d:52:15:cc:40:
         9b:da:48:06:9a:42:d0:c7:81:4f:43:b5:26:9d:b0:9d:b5:cf:
         4b:02:a3:bf:28:96:98:eb:ff:9c:8d:05:a9:ba:db:68:72:e5:
         eb:a8:b5:82:49:8b:81:4a:81:53:0c:f1:90:a8:17:cb:b5:d0:
         98:7e:5a:8c:63:96:d6:e5:72:c1:2b:08:b2:36:d3:1b:80:b3:
         b4:e7:fc:92:20:d7:b8:57:22:09:a2:d2:8f:e1:88:06:2b:64:
         fe:1b:14:00:33:a5:e5:69:8f:61:c6:6e:42:48:08:16:00:2d:
         a3:e2:eb:92:99:7a:3d:bd:59:84:ab:a3:24:9f:96:0f:d1:8a:
         8e:5e:9a:c1:af:5c:3e:9e:56:59:07:a4:6d:0d:37:1b:58:d1:
         08:a5:b3:b7:32:bc:6f:0b:b7:29:a6:12:5d:04:3b:9f:f6:1f:
         4a:16:52:78:d7:e3:e6:8a:15:70:b2:2d:ed:81:57:7f:37:db:
         11:08:9c:9c:72:a2:fd:ad:72:6b:e3:23:f7:47:36:cf:dc:01:
         bb:67:ec:f1:eb:41:a8:b7:d7:88:5d:d7:1b:06:72:85:7b:4d:
         c2:d5:73:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC1wf+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE3NmU2YzI5ZjEx
OThhYThiMjUzNDdkY2VlNWViNDJkZjZjYmI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3kgQHdTulbtCBbT2QkNly8cAL0mbZm7Ka9gtu/dJue4ncu
a7flxOD8OfyDzAyAvAyCURkCssKS9TgsA53oWZVk218Gy45TkVSwuALP/Brnyukb
Lr4CQ2QRhuNw0katp9fhOXrNWUVsmAXCL9ATBnVZitGJpQdxnOUghDL+liBUp1vN
u4De/tFGojShUQQuVwkl9Kv6d7i3CtdUYequUny4d/6EA9EyMUiMzq9iPQdhlRRr
OLs0WvzfVZdr+QYyN91cK1hlYbJutwttWqiPDjp2gIFFjSI57iVJUGaiFUA8EqMo
zmGdP4nycl6y7YhWnmxoG7jZfKuj3yUjLr+jEpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxdubCnxGYqoslNH3O5etC32y7WTAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
L2NYYm13cDhSbUtxTEpUUjl6dVhyUXQ5c3Uxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD707TANBgkqhkiG9w0BAQsFAAOC
AQEAGTzAQ3Qc4oYxm/6tghalQUxwH2thUJwg0DdVNzQ2x01SFcxAm9pIBppC0MeB
T0O1Jp2wnbXPSwKjvyiWmOv/nI0FqbrbaHLl66i1gkmLgUqBUwzxkKgXy7XQmH5a
jGOW1uVywSsIsjbTG4CztOf8kiDXuFciCaLSj+GIBitk/hsUADOl5WmPYcZuQkgI
FgAto+Lrkpl6Pb1ZhKujJJ+WD9GKjl6awa9cPp5WWQekbQ03G1jRCKWztzK8bwu3
KaYSXQQ7n/YfShZSeNfj5ooVcLIt7YFXfzfbEQicnHKi/a1ya+Mj90c2z9wBu2fs
8etBqLfXiF3XGwZyhXtNwtVz9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org