Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/o_VBXq7eLbF2l1edppZVYGDe9Us.roa
File:                     o_VBXq7eLbF2l1edppZVYGDe9Us.roa (raw, json)
Hash identifier:          0hn0h+JA7xJPAAF+Efkw9xVmEeimxv2+uZQLfXGja+E=
Subject key identifier:   A3:F5:41:5E:AE:DE:2D:B1:76:97:57:9D:A6:96:55:60:60:DE:F5:4B
Certificate issuer:       /CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
Certificate serial:       05201DFC
Authority key identifier: B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/o_VBXq7eLbF2l1edppZVYGDe9Us.roa
Signing time:             Sat 01 Jan 2022 05:01:48 +0000
ROA not before:           Sat 01 Jan 2022 05:01:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60663
IP address blocks:        176.222.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85990908 (0x5201dfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
        Validity
            Not Before: Jan  1 05:01:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3f5415eaede2db17697579da696556060def54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ac:fa:cb:78:1a:67:01:bb:5a:da:38:19:3c:
                    37:c4:a4:e7:51:21:a9:a2:09:b4:38:de:b2:5d:08:
                    bb:40:cf:4e:51:c8:10:83:89:9d:98:b8:04:4b:3d:
                    2f:52:ae:80:b0:56:42:1c:c3:0d:28:f7:7c:62:66:
                    f5:f3:e2:e2:55:19:af:ef:4b:19:16:ce:9c:c2:02:
                    d4:3a:c6:a0:9e:8a:48:b2:bd:3b:18:e5:04:70:79:
                    84:a5:38:84:f8:b6:4f:9f:b1:df:21:c7:04:c2:98:
                    4c:bb:08:c0:3c:2a:3e:d7:e9:6a:f6:3b:20:8d:7b:
                    57:ca:b8:f5:61:69:10:5b:03:e8:8f:fa:09:86:f5:
                    92:9e:ef:0e:d7:3b:86:31:d1:26:3a:e4:68:a2:bf:
                    41:f1:3b:61:f0:e8:48:5a:13:71:f5:0b:14:07:f8:
                    dc:ed:95:96:18:18:62:82:10:a3:2e:07:e2:db:af:
                    93:e4:8b:ed:40:6f:50:9f:d2:30:f7:43:b7:54:c9:
                    77:ad:9f:f3:ea:68:cb:0c:b4:8e:95:53:d2:46:19:
                    b9:43:9f:c8:1d:1e:d3:6f:e3:50:1e:94:78:0c:e9:
                    eb:30:4a:b7:21:f2:de:fb:ae:51:47:c7:dd:f5:a8:
                    3f:83:02:03:d8:ae:8d:a5:38:c0:42:23:c4:65:45:
                    97:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:F5:41:5E:AE:DE:2D:B1:76:97:57:9D:A6:96:55:60:60:DE:F5:4B
            X509v3 Authority Key Identifier:
                keyid:B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/o_VBXq7eLbF2l1edppZVYGDe9Us.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/sKT8KvOK9bT1hh4n_QB-YktfmwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.222.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:e2:7b:41:12:55:70:78:01:4e:82:af:87:e7:4b:3c:e5:39:
         64:d8:6a:04:00:0e:e4:36:5b:c7:26:2f:9b:8a:66:b9:55:bf:
         3b:f1:33:80:d3:bc:a7:49:00:e2:8f:d4:d2:d9:c5:b7:ac:1b:
         e0:5d:50:88:7f:e6:a7:4a:fb:b2:78:4e:cc:a8:1d:5c:7c:14:
         a7:6b:5d:e4:2b:fd:4c:ab:91:03:a2:17:5a:a3:1c:3a:ac:45:
         bc:e1:62:b5:7e:ec:89:11:87:d0:8c:87:9b:54:4b:ae:e0:9b:
         97:b1:f8:3c:1f:fa:5c:36:e8:7c:8d:d7:7f:1d:c4:23:4a:ae:
         00:3e:47:aa:5e:7d:23:1d:96:70:a8:f8:44:e9:18:16:4b:89:
         d5:df:1e:62:a1:e2:d6:be:40:ec:18:03:f0:49:75:13:a1:00:
         9b:5f:4d:63:0c:a5:a9:c0:c1:e1:4d:e0:7a:39:27:2d:1b:48:
         b4:11:86:8f:bb:e5:7f:b4:ec:e2:e2:b7:28:85:4e:e7:a6:e8:
         cb:83:10:60:b1:06:bf:aa:03:b6:e5:d4:fa:18:d4:23:7c:f4:
         20:84:e7:a4:8d:10:98:62:10:1c:fc:51:1e:fc:73:23:6b:cf:
         e1:5a:a8:02:5f:e0:63:4a:cd:0d:e3:ae:c6:f2:bb:85:a3:df:
         e6:61:e8:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSAd/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGE0ZmMyYWYzOGFmNWI0ZjU4NjFlMjdmZDAwN2U2MjRiNWY5YjAyMB4XDTIyMDEw
MTA1MDE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNmNTQxNWVhZWRl
MmRiMTc2OTc1NzlkYTY5NjU1NjA2MGRlZjU0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCs+st4GmcBu1raOBk8N8Sk51EhqaIJtDjesl0Iu0DPTlHI
EIOJnZi4BEs9L1KugLBWQhzDDSj3fGJm9fPi4lUZr+9LGRbOnMIC1DrGoJ6KSLK9
OxjlBHB5hKU4hPi2T5+x3yHHBMKYTLsIwDwqPtfpavY7II17V8q49WFpEFsD6I/6
CYb1kp7vDtc7hjHRJjrkaKK/QfE7YfDoSFoTcfULFAf43O2VlhgYYoIQoy4H4tuv
k+SL7UBvUJ/SMPdDt1TJd62f8+poywy0jpVT0kYZuUOfyB0e02/jUB6UeAzp6zBK
tyHy3vuuUUfH3fWoP4MCA9iujaU4wEIjxGVFlx8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSj9UFert4tsXaXV52mllVgYN71SzAfBgNVHSMEGDAWgBSwpPwq84r1tPWG
Hif9AH5iS1+bAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NLVDhLdk9LOWJUMWhoNG5fUUItWWt0Zm13SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvYTgwZGJmLTVjYjQtNGUyNi1hZGFmLTY4ZmUwODYyMjYxNC8x
L29fVkJYcTdlTGJGMmwxZWRwcFpWWUdEZTlVcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
YTgwZGJmLTVjYjQtNGUyNi1hZGFmLTY4ZmUwODYyMjYxNC8xL3NLVDhLdk9LOWJU
MWhoNG5fUUItWWt0Zm13SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALDePjANBgkqhkiG9w0BAQsFAAOC
AQEAX+J7QRJVcHgBToKvh+dLPOU5ZNhqBAAO5DZbxyYvm4pmuVW/O/EzgNO8p0kA
4o/U0tnFt6wb4F1QiH/mp0r7snhOzKgdXHwUp2td5Cv9TKuRA6IXWqMcOqxFvOFi
tX7siRGH0IyHm1RLruCbl7H4PB/6XDbofI3Xfx3EI0quAD5Hql59Ix2WcKj4ROkY
FkuJ1d8eYqHi1r5A7BgD8El1E6EAm19NYwylqcDB4U3gejknLRtItBGGj7vlf7Ts
4uK3KIVO56boy4MQYLEGv6oDtuXU+hjUI3z0IITnpI0QmGIQHPxRHvxzI2vP4Vqo
Al/gY0rNDeOuxvK7haPf5mHowA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:41 2024 by rpki-client on console-ams.rpki-client.org