Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zVNULJIWsXTk_6iCwwL-3UunomQ.roa
File:                     zVNULJIWsXTk_6iCwwL-3UunomQ.roa (raw, json)
Hash identifier:          6ZSR+e5PqvFFIxC5O4U8z3m05ftjxiBLpezXI66Ovlg=
Subject key identifier:   CD:53:54:2C:92:16:B1:74:E4:FF:A8:82:C3:02:FE:DD:4B:A7:A2:64
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       018212C9BD6540DFE309ED45F63D9EBFB445
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zVNULJIWsXTk_6iCwwL-3UunomQ.roa
Signing time:             Mon 18 Jul 2022 19:29:47 +0000
ROA not before:           Mon 18 Jul 2022 19:29:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        212.111.220.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:12:c9:bd:65:40:df:e3:09:ed:45:f6:3d:9e:bf:b4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Jul 18 19:29:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd53542c9216b174e4ffa882c302fedd4ba7a264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b7:b0:f4:f8:64:c3:dc:62:c9:85:88:7d:13:
                    aa:2b:e0:a7:7a:5b:13:13:3d:ab:66:9c:26:fb:f5:
                    4e:6b:51:e1:ef:ac:5a:65:bd:ca:88:04:df:17:e3:
                    ab:83:e3:74:36:17:ad:25:24:7e:12:e5:68:9a:d7:
                    46:3e:d8:09:88:dc:a0:07:6e:c9:3d:01:91:e8:53:
                    fc:5c:82:d5:5d:4c:a1:79:fc:78:d5:dc:5b:d2:00:
                    41:b8:15:15:df:28:ed:13:b8:0b:75:af:bd:42:ba:
                    a6:c8:dd:eb:6d:94:de:37:05:cf:ee:82:9d:d3:66:
                    ce:68:8d:fc:24:36:80:87:b2:7c:c5:22:b8:6b:e3:
                    b5:93:00:27:7d:49:81:4e:d1:77:e2:98:32:b1:e3:
                    c1:e3:aa:54:00:f7:11:da:0c:a8:bd:00:42:5b:d6:
                    b0:83:9a:6a:ff:d2:43:43:22:59:5c:78:bb:ac:b0:
                    5e:5d:19:4e:13:3a:03:c8:88:d4:fb:23:01:93:d6:
                    51:7b:df:dc:6a:50:9b:68:af:a5:a7:10:08:ce:d0:
                    b6:78:8d:d6:4b:86:bd:df:a4:2b:a3:c6:76:9c:86:
                    fd:aa:f5:7b:19:a7:3b:8a:c1:21:67:16:2c:10:1c:
                    20:c6:9d:77:df:3a:10:6d:fe:7d:35:86:95:a1:2e:
                    11:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:53:54:2C:92:16:B1:74:E4:FF:A8:82:C3:02:FE:DD:4B:A7:A2:64
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zVNULJIWsXTk_6iCwwL-3UunomQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.111.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:19:67:5f:0d:96:95:52:40:4a:8f:e4:3e:d2:30:7f:36:db:
         82:04:cf:8b:10:68:b0:db:9e:18:7f:58:96:a2:75:b7:d9:98:
         10:a3:c8:02:c8:c8:74:cb:88:d4:9a:54:47:91:a7:78:44:d6:
         86:3e:2b:e7:73:7d:90:cf:55:8a:4e:e2:8a:64:b2:e2:83:47:
         95:c4:f4:2b:50:80:ce:d7:6c:40:90:63:2c:4f:ad:2d:b3:b5:
         cc:66:3e:f2:81:7b:b0:de:05:75:08:07:fa:46:6a:41:3e:66:
         a7:8e:07:a2:19:b4:ff:7f:f2:76:83:24:a5:17:e9:c8:b9:5d:
         76:12:aa:cb:00:cd:b8:bc:39:72:b1:bc:f8:bc:96:6f:ab:e2:
         78:e4:7d:78:fc:05:2b:f8:10:80:fe:37:b9:7d:4f:7c:76:2d:
         83:99:51:ce:b2:6e:d8:4f:21:89:46:57:c0:ac:39:79:b8:fd:
         52:d2:1e:bc:f0:ce:17:d7:6e:2a:1d:55:b0:36:23:cd:50:da:
         12:00:59:67:e2:8c:0a:df:bb:5b:5a:fa:1c:93:18:e6:46:83:
         c6:c3:e9:4a:ac:7b:f1:99:a6:f1:7c:f0:11:02:21:43:bb:dc:
         c1:e6:8f:a0:19:47:d0:81:ac:b9:85:d7:b8:5c:12:a4:90:f5:
         1a:18:40:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYISyb1lQN/jCe1F9j2ev7RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjIwNzE4MTkyOTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDUzNTQyYzkyMTZiMTc0ZTRmZmE4ODJjMzAyZmVkZDRiYTdhMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrew9Phkw9xiyYWIfROqK+CnelsT
Ez2rZpwm+/VOa1Hh76xaZb3KiATfF+Org+N0NhetJSR+EuVomtdGPtgJiNygB27J
PQGR6FP8XILVXUyhefx41dxb0gBBuBUV3yjtE7gLda+9QrqmyN3rbZTeNwXP7oKd
02bOaI38JDaAh7J8xSK4a+O1kwAnfUmBTtF34pgysePB46pUAPcR2gyovQBCW9aw
g5pq/9JDQyJZXHi7rLBeXRlOEzoDyIjU+yMBk9ZRe9/calCbaK+lpxAIztC2eI3W
S4a936Qro8Z2nIb9qvV7Gac7isEhZxYsEBwgxp133zoQbf59NYaVoS4R+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1TVCySFrF05P+ogsMC/t1Lp6JkMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvelZOVUxKSVdzWFRrXzZpQ3d3TC0zVXVub21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1G/cMA0G
CSqGSIb3DQEBCwUAA4IBAQAVGWdfDZaVUkBKj+Q+0jB/NtuCBM+LEGiw254Yf1iW
onW32ZgQo8gCyMh0y4jUmlRHkad4RNaGPivnc32Qz1WKTuKKZLLig0eVxPQrUIDO
12xAkGMsT60ts7XMZj7ygXuw3gV1CAf6RmpBPmanjgeiGbT/f/J2gySlF+nIuV12
EqrLAM24vDlysbz4vJZvq+J45H14/AUr+BCA/je5fU98di2DmVHOsm7YTyGJRlfA
rDl5uP1S0h688M4X124qHVWwNiPNUNoSAFln4owK37tbWvockxjmRoPGw+lKrHvx
mabxfPARAiFDu9zB5o+gGUfQgay5hde4XBKkkPUaGEDn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-fra.rpki-client.org