Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa
File:                     NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa (raw, json)
Hash identifier:          ztz+AHx/00zBiGG9WBmjIIWdZtc6S9doSV9z4qVj74Q=
Subject key identifier:   36:9C:2D:3E:70:D9:54:59:27:EB:02:3F:A0:AC:CA:71:DF:29:19:50
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       01841EAD6DC94C1FAF618C99E29689FBE1DE
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa
Signing time:             Fri 28 Oct 2022 12:59:53 +0000
ROA not before:           Fri 28 Oct 2022 12:59:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399989
IP address blocks:        62.182.32.0/23 maxlen: 23
                          62.182.34.0/23 maxlen: 23
                          5.133.100.0/23 maxlen: 23
                          5.133.102.0/23 maxlen: 23
                          31.40.204.0/23 maxlen: 23
                          31.40.206.0/23 maxlen: 23
                          212.107.4.0/23 maxlen: 23
                          212.107.6.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1e:ad:6d:c9:4c:1f:af:61:8c:99:e2:96:89:fb:e1:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Oct 28 12:59:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=369c2d3e70d9545927eb023fa0acca71df291950
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:9b:f5:42:64:93:9d:d7:ea:33:3d:bf:11:21:
                    c1:0e:ec:ef:9a:d2:26:bc:6a:8e:0b:f5:9f:3a:a8:
                    70:a5:c6:da:49:71:01:4e:51:dd:89:90:bf:bc:05:
                    79:d1:a5:d8:e0:08:31:d7:d2:b7:3a:8d:ba:3c:f7:
                    8b:2f:5d:04:2a:c2:eb:a9:c2:42:c7:fa:e6:9e:60:
                    77:63:de:67:7e:5b:14:f6:40:2c:c4:76:27:a6:da:
                    5d:65:6f:37:83:96:44:3a:98:ce:d1:3b:8b:45:46:
                    e5:20:e9:6a:f1:e8:17:8d:0f:3e:b6:86:9d:5d:ef:
                    ce:da:fb:18:e4:d6:73:0c:1c:0c:93:e0:2d:3e:9c:
                    97:cd:01:ff:96:95:0e:0d:e5:0c:f6:1f:51:f1:0f:
                    c5:60:97:ef:4f:92:c6:9a:f2:86:f4:c7:8a:79:6c:
                    74:92:5d:2f:f8:ae:52:c6:49:18:0e:6e:08:d0:f5:
                    c5:27:5b:34:92:ee:6c:0b:db:1c:b9:81:f1:a5:8b:
                    5e:b1:55:15:ee:a2:98:b0:f0:03:3d:d4:78:8b:54:
                    bc:60:bc:d6:ee:12:8a:01:3d:29:94:ce:e5:40:67:
                    18:76:d2:87:5f:61:3f:a9:07:bc:3a:05:8b:27:bc:
                    a6:22:0a:e8:5b:2b:92:80:58:23:41:d3:c1:7b:a7:
                    ec:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:9C:2D:3E:70:D9:54:59:27:EB:02:3F:A0:AC:CA:71:DF:29:19:50
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/NpwtPnDZVFkn6wI_oKzKcd8pGVA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.100.0/22
                  31.40.204.0/22
                  62.182.32.0/22
                  212.107.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:cc:43:4f:83:f1:56:a2:89:09:99:9e:7e:70:21:37:08:02:
         56:02:19:b4:b0:5a:de:82:8e:00:3b:59:92:a1:99:39:45:81:
         bb:8e:0d:e8:ef:94:e0:9e:15:07:8e:e0:fa:63:49:c5:95:79:
         0b:4b:b5:d6:77:01:36:fb:eb:78:cb:ca:a8:6f:63:ca:c0:22:
         ea:75:b3:3b:36:22:47:ac:93:e0:cd:c8:87:4d:93:9d:4c:a1:
         2a:0e:19:dd:4e:8f:5e:ed:fc:48:73:ba:20:36:11:ae:4d:d8:
         0c:62:f7:c5:88:db:a4:30:1b:38:40:c8:82:cb:37:ef:71:52:
         55:16:a1:30:db:88:36:83:ff:9b:6f:03:43:5f:70:71:10:a8:
         b3:6e:fb:f8:40:25:36:e1:f6:cf:83:bf:41:32:d2:bf:7f:0e:
         fe:6e:fa:e9:8b:83:32:03:fd:f9:1b:d3:0c:34:5b:83:ab:4a:
         d6:03:ff:f8:9c:ce:5f:1e:cf:bc:28:bd:16:be:8e:6a:61:8e:
         8b:63:71:1b:a5:8d:fc:4e:ae:e0:5f:dd:b6:02:ac:e4:e5:aa:
         ad:bd:ce:8c:46:7c:dd:12:43:a3:0a:7f:59:43:8b:ac:e4:44:
         58:66:b2:d0:79:3d:6a:6b:27:3f:28:c9:db:17:d2:9d:21:51:
         38:23:f7:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQerW3JTB+vYYyZ4paJ++HeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDI4MTI1OTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjljMmQzZTcwZDk1NDU5MjdlYjAyM2ZhMGFjY2E3MWRmMjkxOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpv1QmSTndfqMz2/ESHBDuzvmtIm
vGqOC/WfOqhwpcbaSXEBTlHdiZC/vAV50aXY4Agx19K3Oo26PPeLL10EKsLrqcJC
x/rmnmB3Y95nflsU9kAsxHYnptpdZW83g5ZEOpjO0TuLRUblIOlq8egXjQ8+toad
Xe/O2vsY5NZzDBwMk+AtPpyXzQH/lpUODeUM9h9R8Q/FYJfvT5LGmvKG9MeKeWx0
kl0v+K5SxkkYDm4I0PXFJ1s0ku5sC9scuYHxpYtesVUV7qKYsPADPdR4i1S8YLzW
7hKKAT0plM7lQGcYdtKHX2E/qQe8OgWLJ7ymIgroWyuSgFgjQdPBe6fsaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDacLT5w2VRZJ+sCP6CsynHfKRlQMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTnB3dFBuRFpWRmtuNndJX29LektjZDhwR1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYVkAwQC
HyjMAwQCPrYgAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQAUzENPg/FWookJmZ5+
cCE3CAJWAhm0sFrego4AO1mSoZk5RYG7jg3o75TgnhUHjuD6Y0nFlXkLS7XWdwE2
++t4y8qob2PKwCLqdbM7NiJHrJPgzciHTZOdTKEqDhndTo9e7fxIc7ogNhGuTdgM
YvfFiNukMBs4QMiCyzfvcVJVFqEw24g2g/+bbwNDX3BxEKizbvv4QCU24fbPg79B
MtK/fw7+bvrpi4MyA/35G9MMNFuDq0rWA//4nM5fHs+8KL0Wvo5qYY6LY3EbpY38
Tq7gX922Aqzk5aqtvc6MRnzdEkOjCn9ZQ4us5ERYZrLQeT1qayc/KMnbF9KdIVE4
I/fw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:28 2023 by rpki-client on console-fra.rpki-client.org