Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OrdZbnyHiHckUcYwLCzVa1lRpgU.roa
File:                     OrdZbnyHiHckUcYwLCzVa1lRpgU.roa (raw, json)
Hash identifier:          wPxAXwFdnJeSgL8CZxZCqpohSQHT+dVRpk2Ec8s0m94=
Subject key identifier:   3A:B7:59:6E:7C:87:88:77:24:51:C6:30:2C:2C:D5:6B:59:51:A6:05
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01852E31FC8882D1FF55727A1A693EA3D654
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OrdZbnyHiHckUcYwLCzVa1lRpgU.roa
Signing time:             Tue 20 Dec 2022 06:21:45 +0000
ROA not before:           Tue 20 Dec 2022 06:21:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52209
IP address blocks:        62.60.200.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2e:31:fc:88:82:d1:ff:55:72:7a:1a:69:3e:a3:d6:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Dec 20 06:21:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ab7596e7c8788772451c6302c2cd56b5951a605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3f:37:19:9e:b5:03:52:cc:09:0b:e6:e1:36:
                    d1:b9:98:c0:8e:01:63:b6:b3:b4:e7:a6:fc:89:0d:
                    fe:6f:56:d6:d5:da:c0:40:9f:0e:0d:e3:bf:23:a6:
                    9d:d7:1e:10:b8:fd:df:19:53:58:a8:fe:ca:19:20:
                    a7:08:d8:43:3c:a7:eb:f0:9f:90:51:05:8a:11:96:
                    2c:4d:64:f8:11:93:b8:89:47:1c:2e:f9:05:58:82:
                    b8:67:d8:be:6e:b4:8f:a0:22:c6:a7:62:95:ff:c7:
                    24:61:b7:9f:72:5b:5e:cb:22:dc:18:e6:74:de:52:
                    65:a6:fb:4a:90:f0:47:cc:21:cf:27:b5:94:0b:a7:
                    89:9e:60:fe:ac:ed:7b:46:22:00:85:0c:8c:fb:d6:
                    0b:f9:4b:51:fa:43:27:18:29:6c:76:d8:ff:98:d9:
                    68:6d:8c:3a:1a:77:57:47:c4:b1:93:cd:a9:4b:f7:
                    45:e4:81:4d:88:7c:04:fe:58:1a:13:f4:64:30:90:
                    48:64:10:cd:5b:7d:73:de:b9:df:41:85:76:76:94:
                    0e:47:c8:8a:ba:47:54:e9:de:1f:1f:ed:0b:fa:63:
                    d4:83:85:ec:d8:c9:77:fa:24:4a:1a:85:f0:db:5b:
                    71:8b:a3:81:c4:86:94:26:1e:cb:b4:1f:2a:06:b8:
                    08:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B7:59:6E:7C:87:88:77:24:51:C6:30:2C:2C:D5:6B:59:51:A6:05
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/OrdZbnyHiHckUcYwLCzVa1lRpgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8b:2e:8d:5b:71:e6:bb:24:2c:7d:3c:ac:cf:d4:b4:2a:12:4b:
         bf:98:c3:3a:c2:60:0a:69:79:6b:61:1f:c3:5b:fc:ac:95:37:
         98:11:dd:0f:7e:c5:33:cf:6e:ba:4d:17:87:4e:d0:25:47:3d:
         87:a6:c2:06:d4:ac:d5:91:30:d1:d2:fe:87:dc:57:f1:e0:d9:
         69:e5:42:f0:e2:54:2b:bf:1e:f2:bf:4a:25:62:98:09:1d:fd:
         10:56:4f:27:8c:43:02:0e:81:55:c6:ed:d3:9b:26:5a:88:64:
         ca:36:ff:70:a8:60:af:81:b5:d0:64:05:bf:92:5a:3b:68:5a:
         f8:a5:a9:03:95:c3:e6:94:7c:79:43:ec:18:f3:1e:b5:c6:c7:
         dc:ea:21:f1:84:f9:ec:78:04:f2:ce:22:e2:36:dc:a8:55:de:
         7b:75:30:25:5d:8e:65:69:a5:f8:3c:47:13:9f:e2:70:5b:c7:
         f3:f9:47:c6:bf:c1:d4:21:9a:55:0c:fb:2c:d7:99:2e:35:14:
         d6:16:58:34:de:5f:af:cb:d5:5e:09:7c:76:b4:e9:55:03:b6:
         1b:63:7c:32:b0:4d:b7:d6:b3:32:ce:fe:1b:ff:c5:34:ce:7a:
         48:70:ba:9c:53:a5:cf:aa:fd:61:cd:18:b9:5e:2e:55:4c:f9:
         e9:5e:8d:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUuMfyIgtH/VXJ6Gmk+o9ZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjIwMDYyMTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3NTk2ZTdjODc4ODc3MjQ1MWM2MzAyYzJjZDU2YjU5NTFhNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT83GZ61A1LMCQvm4TbRuZjAjgFj
trO056b8iQ3+b1bW1drAQJ8ODeO/I6ad1x4QuP3fGVNYqP7KGSCnCNhDPKfr8J+Q
UQWKEZYsTWT4EZO4iUccLvkFWIK4Z9i+brSPoCLGp2KV/8ckYbefclteyyLcGOZ0
3lJlpvtKkPBHzCHPJ7WUC6eJnmD+rO17RiIAhQyM+9YL+UtR+kMnGClsdtj/mNlo
bYw6GndXR8Sxk82pS/dF5IFNiHwE/lgaE/RkMJBIZBDNW31z3rnfQYV2dpQOR8iK
ukdU6d4fH+0L+mPUg4Xs2Ml3+iRKGoXw21txi6OBxIaUJh7LtB8qBrgIDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq3WW58h4h3JFHGMCws1WtZUaYFMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvT3JkWmJueUhpSGNrVWNZd0xDelZhMWxScGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPjzIMA0G
CSqGSIb3DQEBCwUAA4IBAQCLLo1bcea7JCx9PKzP1LQqEku/mMM6wmAKaXlrYR/D
W/yslTeYEd0PfsUzz266TReHTtAlRz2HpsIG1KzVkTDR0v6H3Ffx4Nlp5ULw4lQr
vx7yv0olYpgJHf0QVk8njEMCDoFVxu3TmyZaiGTKNv9wqGCvgbXQZAW/klo7aFr4
pakDlcPmlHx5Q+wY8x61xsfc6iHxhPnseATyziLiNtyoVd57dTAlXY5laaX4PEcT
n+JwW8fz+UfGv8HUIZpVDPss15kuNRTWFlg03l+vy9VeCXx2tOlVA7YbY3wysE23
1rMyzv4b/8U0znpIcLqcU6XPqv1hzRi5Xi5VTPnpXo3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org