Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/ZoeAwXocpZjVugUC97Dnuzm-w5s.roa
File:                     ZoeAwXocpZjVugUC97Dnuzm-w5s.roa (raw, json)
Hash identifier:          O+a0C5tiFhh87PhcUTVJVUfZpEzrkT5AYuTcBNHPY/0=
Subject key identifier:   66:87:80:C1:7A:1C:A5:98:D5:BA:05:02:F7:B0:E7:BB:39:BE:C3:9B
Certificate issuer:       /CN=9ce94757ac3f70b40f369307d365ebc9657bab69
Certificate serial:       0B5DCEB8
Authority key identifier: 9C:E9:47:57:AC:3F:70:B4:0F:36:93:07:D3:65:EB:C9:65:7B:AB:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOlHV6w_cLQPNpMH02XryWV7q2k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/ZoeAwXocpZjVugUC97Dnuzm-w5s.roa
Signing time:             Sat 01 Jan 2022 10:57:46 +0000
ROA not before:           Sat 01 Jan 2022 10:57:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3215
IP address blocks:        156.28.6.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 190697144 (0xb5dceb8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce94757ac3f70b40f369307d365ebc9657bab69
        Validity
            Not Before: Jan  1 10:57:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=668780c17a1ca598d5ba0502f7b0e7bb39bec39b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:58:3a:2a:6a:62:ca:82:7f:6a:fd:5c:7a:f7:
                    ba:51:0f:aa:85:ad:32:92:12:51:5e:8d:77:92:70:
                    d6:38:ef:26:29:1f:17:8a:96:30:2d:cb:5c:2a:f7:
                    31:0e:c0:ff:25:85:31:06:19:47:89:10:64:50:e3:
                    6e:28:60:b9:2c:56:ac:e0:5b:4c:0e:ca:ae:a8:31:
                    46:fc:31:25:7c:e1:e3:11:ce:38:71:95:fd:81:13:
                    5a:27:1b:69:36:65:01:b4:0c:e2:22:1c:a3:8b:51:
                    77:f6:66:ce:1e:e9:36:1e:ff:c8:8c:df:df:21:3d:
                    2c:22:13:3f:27:eb:4e:70:cd:cb:d0:5e:e8:9b:99:
                    0e:7d:f4:1d:c8:33:46:29:b3:58:09:61:58:0d:a3:
                    e2:47:34:b0:fe:87:de:b8:60:08:52:04:3d:2a:f1:
                    ab:2f:f8:bd:42:4f:7a:c8:ba:80:a9:6b:f0:e5:e5:
                    c6:c9:4e:12:4a:0a:f4:e7:df:6d:e4:42:ac:97:91:
                    1d:89:17:60:aa:de:dd:88:8d:91:bf:dc:95:ed:d0:
                    c9:cd:8b:12:7c:fb:49:e5:24:cc:62:3c:a7:72:b5:
                    2a:f4:f9:ad:bf:f4:fd:33:6e:e4:c7:6c:a1:65:46:
                    35:90:b6:5e:08:bc:78:d3:4e:2e:af:ca:09:72:3e:
                    e6:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:87:80:C1:7A:1C:A5:98:D5:BA:05:02:F7:B0:E7:BB:39:BE:C3:9B
            X509v3 Authority Key Identifier:
                keyid:9C:E9:47:57:AC:3F:70:B4:0F:36:93:07:D3:65:EB:C9:65:7B:AB:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOlHV6w_cLQPNpMH02XryWV7q2k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/ZoeAwXocpZjVugUC97Dnuzm-w5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/481269-dbdb-425e-9642-e1ea41c9a2e6/1/nOlHV6w_cLQPNpMH02XryWV7q2k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.28.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         19:74:4e:5f:b3:92:71:12:d5:3b:87:50:f4:00:63:c7:40:bf:
         90:49:d1:73:45:21:6f:c7:36:27:35:b1:f2:3c:e4:06:25:26:
         10:3d:67:4c:0c:bb:f9:2a:c8:25:0f:3a:6e:fd:c8:d3:d4:f5:
         02:d7:3d:6b:c0:c5:fe:18:e9:24:ef:5c:a1:d9:eb:64:5c:d2:
         8d:6c:dd:c8:e4:8f:b6:bf:24:ab:0d:22:7b:e5:63:b7:57:91:
         99:11:c5:88:5d:54:b6:56:8d:f4:57:6c:72:4b:d0:fa:b6:85:
         4a:31:02:cb:a7:67:54:e3:93:ca:97:71:a4:39:e7:95:dc:44:
         b7:1a:15:0b:5c:4b:51:b0:4c:de:f1:84:84:86:e1:8a:4d:65:
         d7:98:5c:db:e6:80:57:8b:ba:14:59:b3:f8:43:d5:1f:63:4d:
         77:a7:55:cf:ae:e3:d8:f1:7f:2c:f8:44:46:07:b9:03:9e:d0:
         9b:0b:c0:ef:1f:25:a8:a6:35:f2:a9:c0:97:55:8c:27:8a:56:
         8e:29:05:41:9f:1c:b8:f1:f4:e7:ef:ac:aa:91:5a:00:6c:77:
         cb:3a:41:75:ae:a2:e8:d5:df:88:61:c5:db:d4:f9:c1:4d:15:
         21:ef:76:17:1a:c7:77:0f:c9:ab:d9:fb:94:fe:f4:27:de:c9:
         9e:5f:68:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC13OuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2U5NDc1N2FjM2Y3MGI0MGYzNjkzMDdkMzY1ZWJjOTY1N2JhYjY5MB4XDTIyMDEw
MTEwNTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4NzgwYzE3YTFj
YTU5OGQ1YmEwNTAyZjdiMGU3YmIzOWJlYzM5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBYOipqYsqCf2r9XHr3ulEPqoWtMpISUV6Nd5Jw1jjvJikf
F4qWMC3LXCr3MQ7A/yWFMQYZR4kQZFDjbihguSxWrOBbTA7KrqgxRvwxJXzh4xHO
OHGV/YETWicbaTZlAbQM4iIco4tRd/Zmzh7pNh7/yIzf3yE9LCITPyfrTnDNy9Be
6JuZDn30HcgzRimzWAlhWA2j4kc0sP6H3rhgCFIEPSrxqy/4vUJPesi6gKlr8OXl
xslOEkoK9OffbeRCrJeRHYkXYKre3YiNkb/cle3Qyc2LEnz7SeUkzGI8p3K1KvT5
rb/0/TNu5MdsoWVGNZC2Xgi8eNNOLq/KCXI+5n0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmh4DBehylmNW6BQL3sOe7Ob7DmzAfBgNVHSMEGDAWgBSc6UdXrD9wtA82
kwfTZevJZXuraTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25PbEhWNndfY0xRUE5wTUgwMlhyeVdWN3Eyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNDgxMjY5LWRiZGItNDI1ZS05NjQyLWUxZWE0MWM5YTJlNi8x
L1pvZUF3WG9jcFpqVnVnVUM5N0RudXptLXc1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NDgxMjY5LWRiZGItNDI1ZS05NjQyLWUxZWE0MWM5YTJlNi8xL25PbEhWNndfY0xR
UE5wTUgwMlhyeVdWN3Eyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZwcBjANBgkqhkiG9w0BAQsFAAOC
AQEAGXROX7OScRLVO4dQ9ABjx0C/kEnRc0Uhb8c2JzWx8jzkBiUmED1nTAy7+SrI
JQ86bv3I09T1Atc9a8DF/hjpJO9codnrZFzSjWzdyOSPtr8kqw0ie+Vjt1eRmRHF
iF1UtlaN9FdsckvQ+raFSjECy6dnVOOTypdxpDnnldxEtxoVC1xLUbBM3vGEhIbh
ik1l15hc2+aAV4u6FFmz+EPVH2NNd6dVz67j2PF/LPhERge5A57QmwvA7x8lqKY1
8qnAl1WMJ4pWjikFQZ8cuPH05++sqpFaAGx3yzpBda6i6NXfiGHF29T5wU0VIe92
FxrHdw/Jq9n7lP70J97Jnl9ooA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:34 2024 by rpki-client on console-ams.rpki-client.org