Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/jmOOOB_uGkjIv_nRl7pCnWaBfn8.roa
File:                     jmOOOB_uGkjIv_nRl7pCnWaBfn8.roa (raw, json)
Hash identifier:          3XhnRywoz71IqYcJC1Nzz2fz3EcPdDxI1W0/0bLCIoE=
Subject key identifier:   8E:63:8E:38:1F:EE:1A:48:C8:BF:F9:D1:97:BA:42:9D:66:81:7E:7F
Certificate issuer:       /CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
Certificate serial:       07B28987
Authority key identifier: 6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/jmOOOB_uGkjIv_nRl7pCnWaBfn8.roa
Signing time:             Sat 01 Jan 2022 12:03:11 +0000
ROA not before:           Sat 01 Jan 2022 12:03:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.145.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129141127 (0x7b28987)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
        Validity
            Not Before: Jan  1 12:03:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e638e381fee1a48c8bff9d197ba429d66817e7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f9:41:d6:5e:4c:72:02:91:b1:fe:58:13:87:
                    55:df:8a:ea:14:ce:0b:78:15:83:fa:43:e6:1d:d0:
                    c8:3d:e3:ee:62:be:03:6b:54:00:8e:9b:26:50:a2:
                    68:80:b9:80:45:04:e3:31:78:45:5d:1b:15:53:67:
                    bc:ca:01:b8:d3:dc:bb:4f:23:a2:ef:3d:a5:75:a5:
                    30:b8:4d:4f:8f:47:16:e5:a9:18:12:4a:d8:6d:65:
                    b4:a2:bc:e6:74:42:86:73:3f:78:f9:ef:30:eb:b4:
                    c7:b2:e9:71:b1:d1:b1:4d:22:5f:9f:c0:ed:ef:96:
                    3c:bf:4f:9f:1f:b4:18:10:74:89:48:b5:46:25:c1:
                    75:3a:ef:ae:f9:ae:4d:79:63:0c:b3:64:42:bd:99:
                    a0:08:b6:fb:86:ee:26:59:4a:d9:78:13:7d:fb:f3:
                    f3:49:5f:f4:c5:44:88:35:90:08:c6:14:1d:fb:ce:
                    2e:f2:27:79:7d:c1:07:20:85:90:18:97:18:d0:db:
                    d7:db:d0:8e:8d:fb:b6:16:01:f4:b6:c2:d9:e8:93:
                    de:3a:53:3d:8d:32:bd:ea:6e:a3:6f:46:bc:6e:c2:
                    8d:60:39:0c:f9:5c:b4:f2:c9:42:55:cf:99:35:39:
                    ad:61:35:0f:f8:88:8f:c8:8a:44:01:d5:fb:29:ba:
                    f4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:63:8E:38:1F:EE:1A:48:C8:BF:F9:D1:97:BA:42:9D:66:81:7E:7F
            X509v3 Authority Key Identifier:
                keyid:6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/jmOOOB_uGkjIv_nRl7pCnWaBfn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/ag9YMNvEu6u2gnd-vThD11BInsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:e9:05:17:91:e1:c4:64:a4:20:29:44:ca:b0:f7:91:a1:e9:
         c6:89:55:a7:2d:ad:1f:34:25:c3:14:20:ad:42:5b:bf:db:16:
         12:b4:34:de:e8:7d:dd:ee:31:e0:de:dc:27:08:7a:18:28:c7:
         d7:bf:c2:58:78:f6:3c:81:04:38:ca:0f:04:fb:dd:c0:4d:fb:
         a5:fa:1b:e4:af:2e:42:de:33:09:b7:4b:95:8c:41:9c:08:72:
         25:8d:99:36:24:6d:b8:ca:da:0f:f5:6e:76:21:07:e5:4d:56:
         0a:44:29:56:81:fc:f2:ab:d8:1c:11:9a:0f:15:2f:06:74:df:
         e8:0e:d8:e4:5a:ab:14:2c:4b:0d:90:6d:2a:ea:4e:c5:d2:11:
         ba:f2:36:b5:1a:44:f6:01:f3:7e:fb:9a:73:8e:f2:10:48:52:
         cf:8f:c0:14:f9:c0:92:76:91:81:9f:c1:d4:e5:37:4d:96:a0:
         42:aa:cf:28:4b:c1:0e:bc:f2:35:55:ce:97:eb:19:c7:1a:e1:
         ba:51:32:e3:d1:5d:59:17:66:c3:0f:ac:d0:95:1e:92:6f:ad:
         19:d1:aa:14:1b:5a:2b:6f:7d:e5:02:6a:21:0d:46:f0:21:d3:
         b8:16:44:0d:a1:fa:13:70:ac:0e:44:e4:65:81:81:ff:60:72:
         96:bf:2d:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7KJhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YTBmNTgzMGRiYzRiYmFiYjY4Mjc3N2ViZDM4NDNkNzUwNDg5ZWM4MB4XDTIyMDEw
MTEyMDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU2MzhlMzgxZmVl
MWE0OGM4YmZmOWQxOTdiYTQyOWQ2NjgxN2U3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJn5QdZeTHICkbH+WBOHVd+K6hTOC3gVg/pD5h3QyD3j7mK+
A2tUAI6bJlCiaIC5gEUE4zF4RV0bFVNnvMoBuNPcu08jou89pXWlMLhNT49HFuWp
GBJK2G1ltKK85nRChnM/ePnvMOu0x7LpcbHRsU0iX5/A7e+WPL9Pnx+0GBB0iUi1
RiXBdTrvrvmuTXljDLNkQr2ZoAi2+4buJllK2XgTffvz80lf9MVEiDWQCMYUHfvO
LvIneX3BByCFkBiXGNDb19vQjo37thYB9LbC2eiT3jpTPY0yvepuo29GvG7CjWA5
DPlctPLJQlXPmTU5rWE1D/iIj8iKRAHV+ym69F0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOY444H+4aSMi/+dGXukKdZoF+fzAfBgNVHSMEGDAWgBRqD1gw28S7q7aC
d369OEPXUEieyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FnOVlNTnZFdTZ1MmduZC12VGhEMTFCSW5zZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvOGEzMGI4LTFjMWQtNDFjMi05OTRlLTU2NjZjMjgzYjMwNi8x
L2ptT09PQl91R2tqSXZfblJsN3BDbldhQmZuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
OGEzMGI4LTFjMWQtNDFjMi05OTRlLTU2NjZjMjgzYjMwNi8xL2FnOVlNTnZFdTZ1
MmduZC12VGhEMTFCSW5zZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2ReDANBgkqhkiG9w0BAQsFAAOC
AQEAuukFF5HhxGSkIClEyrD3kaHpxolVpy2tHzQlwxQgrUJbv9sWErQ03uh93e4x
4N7cJwh6GCjH17/CWHj2PIEEOMoPBPvdwE37pfob5K8uQt4zCbdLlYxBnAhyJY2Z
NiRtuMraD/VudiEH5U1WCkQpVoH88qvYHBGaDxUvBnTf6A7Y5FqrFCxLDZBtKupO
xdIRuvI2tRpE9gHzfvuac47yEEhSz4/AFPnAknaRgZ/B1OU3TZagQqrPKEvBDrzy
NVXOl+sZxxrhulEy49FdWRdmww+s0JUekm+tGdGqFBtaK2995QJqIQ1G8CHTuBZE
DaH6E3CsDkTkZYGB/2Bylr8t2w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:07 2023 by rpki-client on console-ams.rpki-client.org