Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08a9de-c88d-4a45-958e-a277898293b9/1/f7DJeogLhbmD8UEAzWzvtHr3-SY.roa
File:                     f7DJeogLhbmD8UEAzWzvtHr3-SY.roa (raw, json)
Hash identifier:          QEIvplZ7w9P6ERVT0kCXX1XFrAbk7KT3Ok96UMmRQtk=
Subject key identifier:   7F:B0:C9:7A:88:0B:85:B9:83:F1:41:00:CD:6C:EF:B4:7A:F7:F9:26
Certificate issuer:       /CN=0fe732e6b249093e79a1a507cbcd8196f01817fa
Certificate serial:       021D9CDE
Authority key identifier: 0F:E7:32:E6:B2:49:09:3E:79:A1:A5:07:CB:CD:81:96:F0:18:17:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D-cy5rJJCT55oaUHy82BlvAYF_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/08a9de-c88d-4a45-958e-a277898293b9/1/f7DJeogLhbmD8UEAzWzvtHr3-SY.roa
Signing time:             Wed 26 Jan 2022 15:02:05 +0000
ROA not before:           Wed 26 Jan 2022 15:02:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        157.239.128.0/24 maxlen: 24
                          157.239.129.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35495134 (0x21d9cde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fe732e6b249093e79a1a507cbcd8196f01817fa
        Validity
            Not Before: Jan 26 15:02:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fb0c97a880b85b983f14100cd6cefb47af7f926
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f4:ae:8b:f7:17:67:ea:04:f1:ea:3c:1c:b3:
                    3b:aa:24:59:2e:42:83:fb:59:cf:30:30:f1:9b:7e:
                    09:7b:94:d5:9e:ea:a8:0a:3b:71:f4:a1:1e:2a:fe:
                    8d:20:7d:24:db:e5:58:31:2b:b4:12:4a:97:b0:ed:
                    7f:b5:41:f4:d3:7b:d5:33:17:a6:5c:af:46:87:21:
                    f8:0b:ea:6c:da:52:b0:db:59:3c:02:c2:13:fe:f8:
                    00:3f:5e:e0:e2:d8:c3:f0:72:e1:41:27:38:a3:ee:
                    37:65:9d:5d:3b:4b:e1:a3:d3:3b:8c:6f:c2:10:42:
                    5f:65:98:c7:73:77:ea:dd:46:62:7d:20:bf:d9:5b:
                    38:88:16:26:ce:76:ab:9e:6f:63:5d:fc:e5:a5:fe:
                    36:98:32:e8:22:8a:ed:f6:0e:e9:4b:e4:0d:8a:04:
                    6f:38:25:b7:dc:c3:b5:83:11:e3:4c:c1:7f:fc:5e:
                    3b:b6:e2:fb:a7:46:c0:19:24:e9:94:60:66:f3:4d:
                    fb:51:60:73:d1:c6:1d:d7:af:8e:c6:9e:9f:f2:d1:
                    53:1f:ea:0a:d0:1b:67:0c:d4:1f:7c:bd:80:30:03:
                    93:10:3c:a2:5d:44:a5:bb:c1:0c:ae:3e:f0:b4:84:
                    aa:cb:f0:68:41:4a:33:a6:f1:b4:c9:c9:9f:4e:27:
                    e6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:B0:C9:7A:88:0B:85:B9:83:F1:41:00:CD:6C:EF:B4:7A:F7:F9:26
            X509v3 Authority Key Identifier:
                keyid:0F:E7:32:E6:B2:49:09:3E:79:A1:A5:07:CB:CD:81:96:F0:18:17:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-cy5rJJCT55oaUHy82BlvAYF_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08a9de-c88d-4a45-958e-a277898293b9/1/f7DJeogLhbmD8UEAzWzvtHr3-SY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08a9de-c88d-4a45-958e-a277898293b9/1/D-cy5rJJCT55oaUHy82BlvAYF_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.239.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:f3:e8:de:97:0c:65:53:87:fa:63:d0:ad:ea:00:37:ed:55:
         ca:83:59:48:cd:6c:fb:11:a5:a7:1c:e4:0f:7b:9f:4b:e3:bd:
         14:83:b1:e8:20:52:d7:d3:be:32:bb:34:b5:3f:18:d3:fc:b6:
         b5:9b:99:67:d8:ac:6f:be:95:88:a2:15:d8:1a:1c:d7:73:6c:
         e3:75:37:57:ba:5e:98:1d:98:87:fb:39:e0:a0:71:b6:de:c0:
         f0:ef:68:ca:90:ac:f6:c9:88:75:55:cc:21:6c:98:21:a8:29:
         c8:8b:47:92:da:cb:c8:e8:7d:82:9a:d4:36:d4:65:ed:b1:fc:
         a6:0b:df:ec:7e:72:b4:9e:a4:66:7f:ff:11:1d:6c:c3:6f:d5:
         8c:96:a0:9e:89:e3:a5:a1:b9:b5:55:8e:f0:9c:d4:ec:a1:ab:
         ab:bb:67:7b:fe:c9:23:02:82:c3:2c:a6:43:1c:02:a1:06:a6:
         e2:80:15:36:c6:12:e3:5a:47:de:33:63:03:5f:b1:14:51:f2:
         50:d6:26:f1:10:4f:c2:96:e5:dc:53:9c:b4:b1:c6:2a:a0:d2:
         0a:41:76:4a:30:b8:f9:0e:60:1b:21:90:14:21:55:08:95:76:
         95:ac:da:2f:c5:01:8e:81:29:ba:d7:9c:0d:8f:d1:73:36:d2:
         9e:f9:d4:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAh2c3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmU3MzJlNmIyNDkwOTNlNzlhMWE1MDdjYmNkODE5NmYwMTgxN2ZhMB4XDTIyMDEy
NjE1MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZiMGM5N2E4ODBi
ODViOTgzZjE0MTAwY2Q2Y2VmYjQ3YWY3ZjkyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMr0rov3F2fqBPHqPByzO6okWS5Cg/tZzzAw8Zt+CXuU1Z7q
qAo7cfShHir+jSB9JNvlWDErtBJKl7Dtf7VB9NN71TMXplyvRoch+AvqbNpSsNtZ
PALCE/74AD9e4OLYw/By4UEnOKPuN2WdXTtL4aPTO4xvwhBCX2WYx3N36t1GYn0g
v9lbOIgWJs52q55vY1385aX+Npgy6CKK7fYO6UvkDYoEbzglt9zDtYMR40zBf/xe
O7bi+6dGwBkk6ZRgZvNN+1Fgc9HGHdevjsaen/LRUx/qCtAbZwzUH3y9gDADkxA8
ol1EpbvBDK4+8LSEqsvwaEFKM6bxtMnJn04n5jUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/sMl6iAuFuYPxQQDNbO+0evf5JjAfBgNVHSMEGDAWgBQP5zLmskkJPnmh
pQfLzYGW8BgX+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QtY3k1ckpKQ1Q1NW9hVUh5ODJCbHZBWUZfby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDhhOWRlLWM4OGQtNGE0NS05NThlLWEyNzc4OTgyOTNiOS8x
L2Y3REplb2dMaGJtRDhVRUF6V3p2dEhyMy1TWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDhhOWRlLWM4OGQtNGE0NS05NThlLWEyNzc4OTgyOTNiOS8xL0QtY3k1ckpKQ1Q1
NW9hVUh5ODJCbHZBWUZfby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ3vgDANBgkqhkiG9w0BAQsFAAOC
AQEACfPo3pcMZVOH+mPQreoAN+1VyoNZSM1s+xGlpxzkD3ufS+O9FIOx6CBS19O+
Mrs0tT8Y0/y2tZuZZ9isb76ViKIV2Boc13Ns43U3V7pemB2Yh/s54KBxtt7A8O9o
ypCs9smIdVXMIWyYIagpyItHktrLyOh9gprUNtRl7bH8pgvf7H5ytJ6kZn//ER1s
w2/VjJagnonjpaG5tVWO8JzU7KGrq7tne/7JIwKCwyymQxwCoQam4oAVNsYS41pH
3jNjA1+xFFHyUNYm8RBPwpbl3FOctLHGKqDSCkF2SjC4+Q5gGyGQFCFVCJV2laza
L8UBjoEputecDY/RczbSnvnU3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:10 2024 by rpki-client on console-ams.rpki-client.org