Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cmh_UorgWB7THubw0AZw8qbD214.roa
File:                     cmh_UorgWB7THubw0AZw8qbD214.roa (raw, json)
Hash identifier:          httr7s53oqjbUNZk4DVbVPIJ2jvX0tLj2fZ89avEf1M=
Subject key identifier:   72:68:7F:52:8A:E0:58:1E:D3:1E:E6:F0:D0:06:70:F2:A6:C3:DB:5E
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0183FFF6E43A1A37A7241E1556AC27558B87
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cmh_UorgWB7THubw0AZw8qbD214.roa
Signing time:             Sat 22 Oct 2022 13:51:53 +0000
ROA not before:           Sat 22 Oct 2022 13:51:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204914
IP address blocks:        2.56.165.0/24 maxlen: 24
                          77.83.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ff:f6:e4:3a:1a:37:a7:24:1e:15:56:ac:27:55:8b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Oct 22 13:51:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72687f528ae0581ed31ee6f0d00670f2a6c3db5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3d:60:5a:f5:a4:7f:97:44:99:19:fd:de:23:
                    c5:a5:f9:50:00:79:9b:dd:b2:25:1b:ff:75:35:71:
                    1a:f4:28:3a:4e:a5:be:d0:9f:ea:43:83:11:74:da:
                    c5:30:cd:cf:53:dc:69:75:be:a9:87:2c:e3:49:9d:
                    33:c7:67:88:94:24:7c:d1:fa:bf:85:9b:d8:11:cd:
                    d6:9a:f5:b8:d3:f4:e3:ef:47:37:cd:92:10:67:e9:
                    40:8a:cc:14:f8:2f:57:e7:aa:2a:b1:b6:c6:a8:e2:
                    f3:90:1b:66:be:59:7e:3f:f0:c5:ae:da:2d:78:72:
                    8b:5d:52:d4:2f:0c:67:0d:4d:14:e8:d4:13:81:0b:
                    c3:68:5d:32:21:4f:44:f9:ee:93:99:74:55:fb:24:
                    0d:ac:3e:5f:33:18:d8:29:b9:58:6c:ec:cf:5a:d2:
                    2a:a2:26:a2:2c:d2:94:50:85:a0:cc:6f:35:82:46:
                    98:18:ad:d1:75:eb:60:b5:d8:97:dc:16:a9:df:91:
                    42:d5:6f:20:ed:47:92:5a:f5:04:fe:6d:fa:3c:43:
                    51:9a:47:e1:50:b9:01:3e:9c:63:cb:9a:33:16:07:
                    60:8f:42:58:a1:c1:86:62:47:88:75:db:41:80:18:
                    e1:49:84:f9:03:d0:49:8b:2e:e9:7c:a4:b8:00:f3:
                    15:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:68:7F:52:8A:E0:58:1E:D3:1E:E6:F0:D0:06:70:F2:A6:C3:DB:5E
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/cmh_UorgWB7THubw0AZw8qbD214.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.165.0/24
                  77.83.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         db:99:df:3e:4d:83:9f:c1:e0:3a:1e:da:e5:88:67:68:ec:b9:
         68:c5:27:93:2e:59:c6:73:72:4b:db:b4:44:91:89:c9:36:27:
         40:5e:77:71:2b:f0:7a:87:6a:0f:71:0a:af:f3:b3:b2:b3:2f:
         cb:90:65:54:4d:95:39:27:43:f1:87:a4:ed:c4:b9:7d:76:c7:
         a0:6b:59:be:bb:cb:a9:5e:80:d5:ad:8c:f7:84:24:e6:22:6c:
         72:70:38:10:90:ae:67:73:71:87:a8:91:82:62:dc:d5:1a:c5:
         40:be:dc:fc:f3:55:ee:1f:4a:9a:75:5b:82:88:44:fb:31:8d:
         ac:a3:69:b3:73:7b:79:d2:2a:19:67:3a:ab:9c:d6:64:21:b5:
         e3:d0:db:38:df:71:ea:8c:da:0d:a4:68:ef:8f:a8:f9:5b:29:
         cc:d4:fc:bd:dd:60:9c:be:80:66:e7:ea:e8:82:83:64:8f:f7:
         38:42:07:30:df:a5:97:3e:56:38:13:54:ba:dc:80:39:be:f0:
         04:d6:1e:e4:19:72:13:a8:51:0b:3a:01:3f:b6:74:4c:08:d8:
         48:72:10:b7:31:86:f7:16:a0:9f:3d:a2:90:84:09:95:d8:00:
         9e:63:d1:d1:b7:56:44:1a:76:96:58:5d:d4:f1:40:e8:2a:41:
         77:7a:00:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP/9uQ6GjenJB4VVqwnVYuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMDIyMTM1MTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjY4N2Y1MjhhZTA1ODFlZDMxZWU2ZjBkMDA2NzBmMmE2YzNkYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j1gWvWkf5dEmRn93iPFpflQAHmb
3bIlG/91NXEa9Cg6TqW+0J/qQ4MRdNrFMM3PU9xpdb6phyzjSZ0zx2eIlCR80fq/
hZvYEc3WmvW40/Tj70c3zZIQZ+lAiswU+C9X56oqsbbGqOLzkBtmvll+P/DFrtot
eHKLXVLULwxnDU0U6NQTgQvDaF0yIU9E+e6TmXRV+yQNrD5fMxjYKblYbOzPWtIq
oiaiLNKUUIWgzG81gkaYGK3RdetgtdiX3Bap35FC1W8g7UeSWvUE/m36PENRmkfh
ULkBPpxjy5ozFgdgj0JYocGGYkeIddtBgBjhSYT5A9BJiy7pfKS4APMVjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJof1KK4Fge0x7m8NAGcPKmw9teMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvY21oX1VvcmdXQjdUSHVidzBBWnc4cWJEMjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjilAwQA
TVPyMA0GCSqGSIb3DQEBCwUAA4IBAQDbmd8+TYOfweA6HtrliGdo7LloxSeTLlnG
c3JL27REkYnJNidAXndxK/B6h2oPcQqv87Oysy/LkGVUTZU5J0Pxh6TtxLl9dseg
a1m+u8upXoDVrYz3hCTmImxycDgQkK5nc3GHqJGCYtzVGsVAvtz881XuH0qadVuC
iET7MY2so2mzc3t50ioZZzqrnNZkIbXj0Ns433HqjNoNpGjvj6j5WynM1Py93WCc
voBm5+rogoNkj/c4Qgcw36WXPlY4E1S63IA5vvAE1h7kGXITqFELOgE/tnRMCNhI
chC3MYb3FqCfPaKQhAmV2ACeY9HRt1ZEGnaWWF3U8UDoKkF3egB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org