Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8bf5d7-d417-4266-b1ff-90a64dd52606/1/jc0M2TyGxmApupJynHczOODdqR8.roa
File:                     jc0M2TyGxmApupJynHczOODdqR8.roa (raw, json)
Hash identifier:          rCUg8I+mf4ndEKaKPooLK+PQpKoDfTfFXzJEvccOcmA=
Subject key identifier:   8D:CD:0C:D9:3C:86:C6:60:29:BA:92:72:9C:77:33:38:E0:DD:A9:1F
Certificate issuer:       /CN=2efc8763b6992cc5d47b7a3db3d4d4727048d1c7
Certificate serial:       9D84BC
Authority key identifier: 2E:FC:87:63:B6:99:2C:C5:D4:7B:7A:3D:B3:D4:D4:72:70:48:D1:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LvyHY7aZLMXUe3o9s9TUcnBI0cc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8bf5d7-d417-4266-b1ff-90a64dd52606/1/jc0M2TyGxmApupJynHczOODdqR8.roa
Signing time:             Sat 01 Jan 2022 02:56:27 +0000
ROA not before:           Sat 01 Jan 2022 02:56:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        62.233.32.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10323132 (0x9d84bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2efc8763b6992cc5d47b7a3db3d4d4727048d1c7
        Validity
            Not Before: Jan  1 02:56:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8dcd0cd93c86c66029ba92729c773338e0dda91f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ab:58:34:67:ba:d4:e9:a2:c7:a7:a3:af:8f:
                    4e:46:41:93:fa:be:5b:07:64:73:5b:bf:e8:ef:27:
                    0d:04:cb:81:e9:af:cc:3e:c6:15:96:8e:42:ef:75:
                    50:64:11:17:1b:c1:8d:66:2e:39:50:07:76:97:f3:
                    37:c3:41:24:1d:1e:95:9d:b3:25:60:92:cc:d5:bd:
                    6c:da:cc:5e:8b:ac:1f:7f:2f:0a:4b:ee:9c:f6:7b:
                    0c:41:22:ec:7c:e7:ea:81:65:dd:65:bd:d6:51:73:
                    4e:5d:5b:80:f5:b7:5e:d1:42:d6:60:f4:63:80:03:
                    78:53:2a:c7:57:6c:54:54:d1:f5:26:dc:a4:6e:c6:
                    be:4d:e6:a1:d7:8e:5d:b0:db:30:14:74:a5:0b:80:
                    4f:5f:72:66:16:4b:28:ec:83:c3:bb:ec:f3:fc:cc:
                    01:fb:a0:9c:48:b0:1e:96:03:f1:57:72:0f:67:4f:
                    86:b4:c1:68:a8:c7:fa:5a:c7:53:05:67:d5:25:1b:
                    59:6d:f0:3c:88:b9:a6:f4:36:eb:9e:f7:83:60:ef:
                    12:b6:61:9c:7f:b6:d3:49:d8:b3:32:24:6c:02:8e:
                    e4:42:62:11:4d:48:86:d4:4a:3d:bc:32:0f:32:e9:
                    e2:92:04:b1:6d:d9:14:2b:5a:30:7c:ba:15:08:62:
                    d3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:CD:0C:D9:3C:86:C6:60:29:BA:92:72:9C:77:33:38:E0:DD:A9:1F
            X509v3 Authority Key Identifier:
                keyid:2E:FC:87:63:B6:99:2C:C5:D4:7B:7A:3D:B3:D4:D4:72:70:48:D1:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvyHY7aZLMXUe3o9s9TUcnBI0cc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8bf5d7-d417-4266-b1ff-90a64dd52606/1/jc0M2TyGxmApupJynHczOODdqR8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8bf5d7-d417-4266-b1ff-90a64dd52606/1/LvyHY7aZLMXUe3o9s9TUcnBI0cc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.233.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:71:39:98:24:08:59:03:34:d7:8d:5e:7b:a9:5c:31:9f:28:
         96:8c:d2:af:03:ae:a7:c3:e4:05:8c:6a:bd:16:7b:07:7f:74:
         1f:2e:fe:21:c6:32:db:e8:13:2e:40:6d:b1:54:f8:00:76:9b:
         6d:a6:28:2f:0d:c4:63:96:35:9e:16:34:ab:d1:fa:d6:eb:14:
         66:d3:51:63:20:53:c0:aa:45:87:57:3f:5a:29:a8:4c:7f:79:
         83:15:91:39:26:74:e2:2a:b1:3c:16:1e:09:d1:72:ec:a1:a1:
         3f:69:fb:0b:09:02:30:88:67:10:23:ba:29:09:a6:e5:6d:9a:
         13:50:ce:e1:68:15:ba:dc:60:a0:2c:31:22:7a:f2:f8:63:78:
         bf:b4:71:f9:f1:0f:f1:67:d5:8c:3c:4a:6a:72:10:bb:de:a5:
         0a:4e:52:28:4c:01:99:3c:8e:5d:be:df:db:81:19:3f:34:55:
         28:02:01:8a:ac:92:74:8b:9d:ba:4d:a8:21:2c:73:7e:a1:22:
         35:28:12:db:38:7b:d0:99:77:f7:a0:e0:39:e4:2b:70:e1:31:
         24:c7:95:a4:d3:70:94:ee:51:0e:81:15:98:29:a4:0a:2d:70:
         62:35:de:10:9d:8e:ef:12:a3:cc:fb:33:1d:33:d3:8e:ef:d7:
         b8:e8:07:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ2EvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWZjODc2M2I2OTkyY2M1ZDQ3YjdhM2RiM2Q0ZDQ3MjcwNDhkMWM3MB4XDTIyMDEw
MTAyNTYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRjZDBjZDkzYzg2
YzY2MDI5YmE5MjcyOWM3NzMzMzhlMGRkYTkxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALarWDRnutTposeno6+PTkZBk/q+Wwdkc1u/6O8nDQTLgemv
zD7GFZaOQu91UGQRFxvBjWYuOVAHdpfzN8NBJB0elZ2zJWCSzNW9bNrMXousH38v
CkvunPZ7DEEi7Hzn6oFl3WW91lFzTl1bgPW3XtFC1mD0Y4ADeFMqx1dsVFTR9Sbc
pG7Gvk3modeOXbDbMBR0pQuAT19yZhZLKOyDw7vs8/zMAfugnEiwHpYD8VdyD2dP
hrTBaKjH+lrHUwVn1SUbWW3wPIi5pvQ26573g2DvErZhnH+200nYszIkbAKO5EJi
EU1IhtRKPbwyDzLp4pIEsW3ZFCtaMHy6FQhi01sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNzQzZPIbGYCm6knKcdzM44N2pHzAfBgNVHSMEGDAWgBQu/IdjtpksxdR7
ej2z1NRycEjRxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2eUhZN2FaTE1YVWUzbzlzOVRVY25CSTBjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGJmNWQ3LWQ0MTctNDI2Ni1iMWZmLTkwYTY0ZGQ1MjYwNi8x
L2pjME0yVHlHeG1BcHVwSnluSGN6T09EZHFSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGJmNWQ3LWQ0MTctNDI2Ni1iMWZmLTkwYTY0ZGQ1MjYwNi8xL0x2eUhZN2FaTE1Y
VWUzbzlzOVRVY25CSTBjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7pIDANBgkqhkiG9w0BAQsFAAOC
AQEAXHE5mCQIWQM0141ee6lcMZ8olozSrwOup8PkBYxqvRZ7B390Hy7+IcYy2+gT
LkBtsVT4AHabbaYoLw3EY5Y1nhY0q9H61usUZtNRYyBTwKpFh1c/WimoTH95gxWR
OSZ04iqxPBYeCdFy7KGhP2n7CwkCMIhnECO6KQmm5W2aE1DO4WgVutxgoCwxInry
+GN4v7Rx+fEP8WfVjDxKanIQu96lCk5SKEwBmTyOXb7f24EZPzRVKAIBiqySdIud
uk2oISxzfqEiNSgS2zh70Jl396DgOeQrcOExJMeVpNNwlO5RDoEVmCmkCi1wYjXe
EJ2O7xKjzPszHTPTju/XuOgHfw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:12 2023 by rpki-client on console-fra.rpki-client.org