Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5fea8b-5228-42f7-8256-c815e50ec5e7/1/7z-vbw1BiQkCSXUWZLhD9NgDivA.roa
File:                     7z-vbw1BiQkCSXUWZLhD9NgDivA.roa (raw, json)
Hash identifier:          FAAX214mjzj2r3kRk+xjOFBt27Z3Qie78bt0O3YhVo4=
Subject key identifier:   EF:3F:AF:6F:0D:41:89:09:02:49:75:16:64:B8:43:F4:D8:03:8A:F0
Certificate issuer:       /CN=ecf4f9db30b19c75e35ae803793f4e1b4aaa1487
Certificate serial:       03FFC5CB
Authority key identifier: EC:F4:F9:DB:30:B1:9C:75:E3:5A:E8:03:79:3F:4E:1B:4A:AA:14:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PT52zCxnHXjWugDeT9OG0qqFIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/5fea8b-5228-42f7-8256-c815e50ec5e7/1/7z-vbw1BiQkCSXUWZLhD9NgDivA.roa
Signing time:             Sat 01 Jan 2022 01:57:21 +0000
ROA not before:           Sat 01 Jan 2022 01:57:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15432
IP address blocks:        212.126.160.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67093963 (0x3ffc5cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf4f9db30b19c75e35ae803793f4e1b4aaa1487
        Validity
            Not Before: Jan  1 01:57:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef3faf6f0d4189090249751664b843f4d8038af0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:99:a6:36:16:d4:26:63:53:af:0a:f1:16:6c:
                    3f:2b:27:a5:61:4f:27:51:4b:be:6f:c0:80:fd:62:
                    de:07:1e:2a:f1:09:9d:3a:99:f3:3d:cf:d7:3f:d9:
                    38:52:c7:cc:60:73:28:1b:0e:5e:83:2a:af:94:32:
                    b2:19:56:8b:49:b5:ee:c1:67:d5:cf:a3:4c:54:fe:
                    3c:79:5a:bc:e9:c6:f3:ea:ad:8b:ef:58:77:9f:30:
                    93:68:bd:74:81:7c:30:91:95:33:d5:80:00:83:34:
                    4b:ed:1a:6e:fc:f3:8f:1b:ec:71:bd:4f:bc:d1:b4:
                    09:a8:5d:9e:8d:7d:11:c6:24:30:2a:fe:dc:99:3a:
                    54:5a:0b:d3:6d:0d:55:4b:3d:76:85:7a:87:55:1e:
                    9c:c6:8a:04:c6:2f:37:d1:09:54:8a:dd:f2:a8:3d:
                    59:d1:99:52:68:a4:c9:1b:f3:6d:60:f9:e1:c8:f1:
                    3c:39:6c:fe:38:4b:9f:9f:61:80:d9:35:97:ad:1f:
                    b7:bb:df:70:25:77:be:00:a7:a1:77:c2:77:8a:f9:
                    ba:88:b1:4a:48:4b:7a:d5:1e:35:f4:43:e9:13:ba:
                    92:1a:3f:96:49:7a:22:a1:d7:1d:42:e8:bf:35:5e:
                    fc:be:82:e2:37:c8:20:43:73:51:bb:8b:81:3a:20:
                    5a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:3F:AF:6F:0D:41:89:09:02:49:75:16:64:B8:43:F4:D8:03:8A:F0
            X509v3 Authority Key Identifier:
                keyid:EC:F4:F9:DB:30:B1:9C:75:E3:5A:E8:03:79:3F:4E:1B:4A:AA:14:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PT52zCxnHXjWugDeT9OG0qqFIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fea8b-5228-42f7-8256-c815e50ec5e7/1/7z-vbw1BiQkCSXUWZLhD9NgDivA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fea8b-5228-42f7-8256-c815e50ec5e7/1/7PT52zCxnHXjWugDeT9OG0qqFIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.126.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         28:41:2f:f3:9b:08:05:37:aa:c1:7b:2d:d5:8e:fa:ef:b0:d4:
         9d:18:77:73:c4:62:ab:f3:7c:d0:85:1f:7e:b8:72:17:36:79:
         08:d8:b3:76:b6:b3:b4:1e:50:03:1e:1c:27:1c:a0:a6:dd:5e:
         1d:df:5f:b7:ef:18:8f:2c:8c:86:9a:26:15:43:0b:ba:be:04:
         5f:23:39:71:3f:2a:35:33:66:2e:1e:fb:48:8a:ab:c9:bc:c9:
         c2:09:15:55:cf:5d:29:48:6a:ea:82:61:bd:ab:67:96:fd:62:
         97:a0:e4:6e:91:1b:42:8f:87:af:af:a7:60:d8:6e:be:43:42:
         6d:8c:44:99:c0:6a:99:a5:3d:33:79:09:c3:97:ac:fd:04:23:
         95:22:0f:5d:5e:cb:a2:66:a1:bd:4e:05:3a:eb:12:04:75:54:
         2d:a5:a2:99:95:21:6f:36:a0:81:76:3c:69:f3:c5:13:18:fe:
         48:88:1b:a9:1a:cf:0b:97:4d:12:65:b6:06:99:6e:7b:2d:1a:
         58:28:b6:54:fd:6d:a5:2d:9e:d3:a1:f1:05:57:9e:1c:0e:af:
         da:32:fe:5a:c0:18:e5:18:1d:03:2d:b1:aa:97:95:0d:11:4e:
         de:2c:06:66:3b:8e:0e:d2:9e:14:d4:d8:95:68:66:6a:97:cc:
         33:27:b8:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA//FyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2Y0ZjlkYjMwYjE5Yzc1ZTM1YWU4MDM3OTNmNGUxYjRhYWExNDg3MB4XDTIyMDEw
MTAxNTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYzZmFmNmYwZDQx
ODkwOTAyNDk3NTE2NjRiODQzZjRkODAzOGFmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCZpjYW1CZjU68K8RZsPysnpWFPJ1FLvm/AgP1i3gceKvEJ
nTqZ8z3P1z/ZOFLHzGBzKBsOXoMqr5QyshlWi0m17sFn1c+jTFT+PHlavOnG8+qt
i+9Yd58wk2i9dIF8MJGVM9WAAIM0S+0abvzzjxvscb1PvNG0Cahdno19EcYkMCr+
3Jk6VFoL020NVUs9doV6h1UenMaKBMYvN9EJVIrd8qg9WdGZUmikyRvzbWD54cjx
PDls/jhLn59hgNk1l60ft7vfcCV3vgCnoXfCd4r5uoixSkhLetUeNfRD6RO6kho/
lkl6IqHXHULovzVe/L6C4jfIIENzUbuLgTogWvcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvP69vDUGJCQJJdRZkuEP02AOK8DAfBgNVHSMEGDAWgBTs9PnbMLGcdeNa
6AN5P04bSqoUhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdQVDUyekN4bkhYald1Z0RlVDlPRzBxcUZJYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNWZlYThiLTUyMjgtNDJmNy04MjU2LWM4MTVlNTBlYzVlNy8x
Lzd6LXZidzFCaVFrQ1NYVVdaTGhEOU5nRGl2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NWZlYThiLTUyMjgtNDJmNy04MjU2LWM4MTVlNTBlYzVlNy8xLzdQVDUyekN4bkhY
ald1Z0RlVDlPRzBxcUZJYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdR+oDANBgkqhkiG9w0BAQsFAAOC
AQEAKEEv85sIBTeqwXst1Y7677DUnRh3c8Riq/N80IUffrhyFzZ5CNizdraztB5Q
Ax4cJxygpt1eHd9ft+8YjyyMhpomFUMLur4EXyM5cT8qNTNmLh77SIqrybzJwgkV
Vc9dKUhq6oJhvatnlv1il6DkbpEbQo+Hr6+nYNhuvkNCbYxEmcBqmaU9M3kJw5es
/QQjlSIPXV7LomahvU4FOusSBHVULaWimZUhbzaggXY8afPFExj+SIgbqRrPC5dN
EmW2Bpluey0aWCi2VP1tpS2e06HxBVeeHA6v2jL+WsAY5RgdAy2xqpeVDRFO3iwG
ZjuODtKeFNTYlWhmapfMMye4aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:36 2024 by rpki-client on console-ams.rpki-client.org