Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/918257-5feb-4205-9174-f7d74f321ea4/1/DJMF3BpF0Q5Q6Vnat8FbNr_sjpM.roa
File:                     DJMF3BpF0Q5Q6Vnat8FbNr_sjpM.roa (raw, json)
Hash identifier:          UrYjDQzs2VkeRQX9bzyP1T5ft5nrC4DkpREcZLvLUPo=
Subject key identifier:   0C:93:05:DC:1A:45:D1:0E:50:E9:59:DA:B7:C1:5B:36:BF:EC:8E:93
Certificate issuer:       /CN=a63b17080cf7f2a991e9294c1ddb70edb54174ef
Certificate serial:       B7D220
Authority key identifier: A6:3B:17:08:0C:F7:F2:A9:91:E9:29:4C:1D:DB:70:ED:B5:41:74:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pjsXCAz38qmR6SlMHdtw7bVBdO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/918257-5feb-4205-9174-f7d74f321ea4/1/DJMF3BpF0Q5Q6Vnat8FbNr_sjpM.roa
Signing time:             Sat 01 Jan 2022 11:57:29 +0000
ROA not before:           Sat 01 Jan 2022 11:57:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        91.242.233.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12046880 (0xb7d220)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a63b17080cf7f2a991e9294c1ddb70edb54174ef
        Validity
            Not Before: Jan  1 11:57:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c9305dc1a45d10e50e959dab7c15b36bfec8e93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:29:f8:d5:20:e3:9c:22:ba:01:ba:c0:0c:b7:
                    94:03:fc:49:20:93:7e:99:95:23:78:ef:ac:02:76:
                    01:1d:4d:1e:7e:6b:7d:e9:ed:3c:58:4a:b4:a3:2d:
                    56:f5:5b:3b:e0:7e:d5:04:ff:10:c0:74:18:bd:df:
                    48:d1:a5:90:68:26:c6:57:fd:43:36:5c:50:5e:ae:
                    9c:37:fe:43:bc:51:91:4a:88:61:24:f2:80:ad:eb:
                    8c:a6:1e:4b:f3:76:44:3a:56:b5:8d:c3:af:3e:63:
                    af:40:63:75:45:37:86:98:e7:49:22:e7:85:0f:eb:
                    1d:63:65:55:6f:f4:c3:34:32:d7:4e:42:95:f5:69:
                    79:e9:42:0c:c8:c4:d1:95:66:9a:f3:e8:ab:dd:67:
                    d0:ea:a8:0b:f5:98:a7:f6:7a:13:64:8f:8a:b1:10:
                    49:00:3b:5f:85:76:6a:1e:c9:2f:42:23:70:db:84:
                    45:87:5b:96:88:69:cf:dc:66:b7:d5:37:0a:bb:2b:
                    0c:53:07:ba:8b:30:17:c9:a6:f0:81:5b:74:40:bb:
                    7e:94:31:e3:06:66:13:57:b1:e6:e8:d7:e8:8f:e0:
                    e7:af:dd:c1:5a:5b:57:5a:d4:f9:0f:35:5f:32:32:
                    b9:e2:71:43:e1:d5:bb:64:72:bd:79:2a:82:5f:e0:
                    fe:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:93:05:DC:1A:45:D1:0E:50:E9:59:DA:B7:C1:5B:36:BF:EC:8E:93
            X509v3 Authority Key Identifier:
                keyid:A6:3B:17:08:0C:F7:F2:A9:91:E9:29:4C:1D:DB:70:ED:B5:41:74:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjsXCAz38qmR6SlMHdtw7bVBdO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/918257-5feb-4205-9174-f7d74f321ea4/1/DJMF3BpF0Q5Q6Vnat8FbNr_sjpM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/918257-5feb-4205-9174-f7d74f321ea4/1/pjsXCAz38qmR6SlMHdtw7bVBdO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:3d:2c:d5:16:16:d1:f5:3f:58:24:a2:09:96:c9:c0:e3:d9:
         e5:eb:e6:9c:82:52:4d:81:7a:4b:b8:5c:96:0e:1d:92:e4:c5:
         20:a9:db:47:10:09:f0:bb:f0:f2:b4:15:9f:94:93:4d:59:57:
         9a:55:31:c1:97:27:6c:9a:94:ad:52:14:91:0b:dd:8d:a8:95:
         90:03:34:1e:4b:22:cf:46:d0:f3:07:a2:a6:40:b2:ab:5b:fc:
         92:d3:c4:e6:40:49:2b:98:54:43:82:b7:43:ba:4f:15:47:84:
         0a:ce:86:38:2e:78:ec:d1:39:53:22:99:2f:fd:42:fd:57:f9:
         44:47:67:c1:91:ba:e5:46:0d:b8:ac:88:b8:2e:f4:6f:e1:f7:
         4a:3c:ed:11:bf:60:f8:cf:bb:a6:42:ca:8e:f7:71:8f:46:33:
         e9:db:88:e5:69:d0:07:71:16:04:27:14:6a:cf:f8:95:e4:b3:
         24:64:21:38:a6:e5:32:2e:fc:d2:bb:5a:db:34:36:fc:99:35:
         17:36:37:61:84:9e:d8:1d:4b:9d:4c:0d:ca:46:e3:3e:bf:2f:
         76:35:61:7f:3e:66:77:06:31:42:df:a9:69:b8:c5:6e:5c:9a:
         8c:f5:a1:a6:15:6e:38:9e:58:f9:1a:72:36:fe:c4:1f:8a:cd:
         4c:d2:ea:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALfSIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjNiMTcwODBjZjdmMmE5OTFlOTI5NGMxZGRiNzBlZGI1NDE3NGVmMB4XDTIyMDEw
MTExNTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM5MzA1ZGMxYTQ1
ZDEwZTUwZTk1OWRhYjdjMTViMzZiZmVjOGU5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsp+NUg45wiugG6wAy3lAP8SSCTfpmVI3jvrAJ2AR1NHn5r
fentPFhKtKMtVvVbO+B+1QT/EMB0GL3fSNGlkGgmxlf9QzZcUF6unDf+Q7xRkUqI
YSTygK3rjKYeS/N2RDpWtY3Drz5jr0BjdUU3hpjnSSLnhQ/rHWNlVW/0wzQy105C
lfVpeelCDMjE0ZVmmvPoq91n0OqoC/WYp/Z6E2SPirEQSQA7X4V2ah7JL0IjcNuE
RYdblohpz9xmt9U3CrsrDFMHuoswF8mm8IFbdEC7fpQx4wZmE1ex5ujX6I/g56/d
wVpbV1rU+Q81XzIyueJxQ+HVu2RyvXkqgl/g/tMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMkwXcGkXRDlDpWdq3wVs2v+yOkzAfBgNVHSMEGDAWgBSmOxcIDPfyqZHp
KUwd23DttUF07zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Bqc1hDQXozOHFtUjZTbE1IZHR3N2JWQmRPOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvOTE4MjU3LTVmZWItNDIwNS05MTc0LWY3ZDc0ZjMyMWVhNC8x
L0RKTUYzQnBGMFE1UTZWbmF0OEZiTnJfc2pwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
OTE4MjU3LTVmZWItNDIwNS05MTc0LWY3ZDc0ZjMyMWVhNC8xL3Bqc1hDQXozOHFt
UjZTbE1IZHR3N2JWQmRPOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvy6TANBgkqhkiG9w0BAQsFAAOC
AQEABD0s1RYW0fU/WCSiCZbJwOPZ5evmnIJSTYF6S7hclg4dkuTFIKnbRxAJ8Lvw
8rQVn5STTVlXmlUxwZcnbJqUrVIUkQvdjaiVkAM0Hksiz0bQ8weipkCyq1v8ktPE
5kBJK5hUQ4K3Q7pPFUeECs6GOC547NE5UyKZL/1C/Vf5REdnwZG65UYNuKyIuC70
b+H3SjztEb9g+M+7pkLKjvdxj0Yz6duI5WnQB3EWBCcUas/4leSzJGQhOKblMi78
0rta2zQ2/Jk1FzY3YYSe2B1LnUwNykbjPr8vdjVhfz5mdwYxQt+pabjFblyajPWh
phVuOJ5Y+RpyNv7EH4rNTNLqNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-fra.rpki-client.org