Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/03b8b4-fd9d-4fdd-adcb-4373e9ca9704/1/bq7lRbo3VfY6Qt4G3OFBDT2mrrI.roa
File:                     bq7lRbo3VfY6Qt4G3OFBDT2mrrI.roa (raw, json)
Hash identifier:          KJnCE3CMEZexW4PMsgwDsnISOF4FVwCXJN8u9tJdDB4=
Subject key identifier:   6E:AE:E5:45:BA:37:55:F6:3A:42:DE:06:DC:E1:41:0D:3D:A6:AE:B2
Certificate issuer:       /CN=7e03dcb666dd224d91429f33c769faebfa951d04
Certificate serial:       0C4F
Authority key identifier: 7E:03:DC:B6:66:DD:22:4D:91:42:9F:33:C7:69:FA:EB:FA:95:1D:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fgPctmbdIk2RQp8zx2n66_qVHQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/03b8b4-fd9d-4fdd-adcb-4373e9ca9704/1/bq7lRbo3VfY6Qt4G3OFBDT2mrrI.roa
Signing time:             Tue 25 Jan 2022 19:32:42 +0000
ROA not before:           Tue 25 Jan 2022 19:32:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399114
IP address blocks:        178.211.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3151 (0xc4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e03dcb666dd224d91429f33c769faebfa951d04
        Validity
            Not Before: Jan 25 19:32:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6eaee545ba3755f63a42de06dce1410d3da6aeb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:29:e0:2f:f5:80:37:23:32:ab:49:df:07:00:
                    49:f3:70:82:1a:3f:9b:7e:06:d1:3c:c2:71:e7:b7:
                    06:53:e1:06:af:e0:11:85:70:89:34:11:0d:d2:87:
                    29:3b:f7:45:78:8d:ba:56:8e:8e:94:d7:9d:17:6d:
                    82:83:b6:07:e8:25:8b:3b:db:58:39:94:2e:73:b8:
                    22:a0:3e:58:29:08:e0:cd:1d:39:da:16:15:4c:72:
                    ad:c9:56:f1:cf:f1:95:7f:b3:c7:df:05:64:ea:d3:
                    27:bd:e9:6c:e0:8b:75:dd:02:d7:c5:2a:63:f3:04:
                    81:ba:83:54:b0:c7:9d:ae:81:a3:9a:c5:6b:2f:19:
                    08:74:50:25:b5:b5:ef:0e:c8:26:55:d3:d6:43:1b:
                    7e:f1:ae:de:fc:f1:1f:1a:e2:53:1e:56:ef:c5:18:
                    b2:8f:7a:99:21:10:a6:39:aa:05:3f:5a:32:07:b5:
                    35:21:29:93:a8:0d:d4:ab:66:cc:e4:95:68:7c:cf:
                    af:c6:1c:89:c7:e1:00:aa:8a:f6:2c:a6:1d:57:37:
                    a4:38:e1:40:4d:2b:89:d0:3b:6d:58:c6:8a:a5:34:
                    44:ad:df:c6:a3:5a:eb:24:1d:0b:09:57:de:1c:d7:
                    75:9f:03:76:ca:fd:20:9b:20:b1:50:34:89:48:95:
                    b5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:AE:E5:45:BA:37:55:F6:3A:42:DE:06:DC:E1:41:0D:3D:A6:AE:B2
            X509v3 Authority Key Identifier:
                keyid:7E:03:DC:B6:66:DD:22:4D:91:42:9F:33:C7:69:FA:EB:FA:95:1D:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgPctmbdIk2RQp8zx2n66_qVHQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/03b8b4-fd9d-4fdd-adcb-4373e9ca9704/1/bq7lRbo3VfY6Qt4G3OFBDT2mrrI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/03b8b4-fd9d-4fdd-adcb-4373e9ca9704/1/fgPctmbdIk2RQp8zx2n66_qVHQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:86:c4:3f:49:67:dd:0d:2e:f4:73:a4:5a:c9:a1:62:94:56:
         0c:32:63:6f:6f:74:52:76:83:2c:fc:5a:35:0b:cc:8f:96:49:
         82:3e:c7:b0:cd:1c:e1:14:da:6c:c0:6e:86:9a:72:11:b6:57:
         36:b5:71:79:8f:63:85:b5:39:4c:42:3d:6f:47:3c:8e:6b:d0:
         4c:ad:24:a5:48:e2:ff:0c:25:02:be:29:49:88:49:de:1d:01:
         a8:fc:55:41:66:f2:ae:e0:13:eb:e0:53:98:9a:77:ea:fb:d8:
         53:2b:f1:d2:ea:83:24:6f:15:c7:99:40:79:38:75:9e:d7:2e:
         21:32:7c:67:37:68:e6:32:7d:04:41:6b:6f:b3:a6:26:87:d7:
         46:d4:90:6d:8d:00:6e:c1:c1:eb:bf:76:2c:4b:37:68:cc:fb:
         ba:ca:07:7d:f3:64:93:15:0b:dd:aa:61:d7:f1:0c:6c:95:f2:
         8a:a9:4e:25:03:87:27:54:15:d0:f5:14:95:95:1b:54:05:9f:
         8d:b2:ec:94:48:3f:2d:b8:f4:af:39:d2:d7:8c:b7:36:2d:0d:
         f8:0f:e5:50:1a:f7:62:36:a5:92:16:b7:81:16:92:70:16:4f:
         1e:b9:d5:69:2e:50:e0:73:c7:5d:06:a3:42:c1:67:26:8f:19:
         30:d2:c8:8f
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICDE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN2Uw
M2RjYjY2NmRkMjI0ZDkxNDI5ZjMzYzc2OWZhZWJmYTk1MWQwNDAeFw0yMjAxMjUx
OTMyNDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZlYWVlNTQ1YmEzNzU1
ZjYzYTQyZGUwNmRjZTE0MTBkM2RhNmFlYjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuKeAv9YA3IzKrSd8HAEnzcIIaP5t+BtE8wnHntwZT4Qav4BGF
cIk0EQ3Shyk790V4jbpWjo6U150XbYKDtgfoJYs721g5lC5zuCKgPlgpCODNHTna
FhVMcq3JVvHP8ZV/s8ffBWTq0ye96Wzgi3XdAtfFKmPzBIG6g1Swx52ugaOaxWsv
GQh0UCW1te8OyCZV09ZDG37xrt788R8a4lMeVu/FGLKPepkhEKY5qgU/WjIHtTUh
KZOoDdSrZszklWh8z6/GHInH4QCqivYsph1XN6Q44UBNK4nQO21YxoqlNESt38aj
WuskHQsJV94c13WfA3bK/SCbILFQNIlIlbWlAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUbq7lRbo3VfY6Qt4G3OFBDT2mrrIwHwYDVR0jBBgwFoAUfgPctmbdIk2RQp8z
x2n66/qVHQQwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9m
Z1BjdG1iZElrMlJRcDh6eDJuNjZfcVZIUVEuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzYyLzAzYjhiNC1mZDlkLTRmZGQtYWRjYi00MzczZTljYTk3MDQvMS9i
cTdsUmJvM1ZmWTZRdDRHM09GQkRUMm1yckkucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYyLzAz
YjhiNC1mZDlkLTRmZGQtYWRjYi00MzczZTljYTk3MDQvMS9mZ1BjdG1iZElrMlJR
cDh6eDJuNjZfcVZIUVEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACy050wDQYJKoZIhvcNAQELBQADggEB
AMGGxD9JZ90NLvRzpFrJoWKUVgwyY29vdFJ2gyz8WjULzI+WSYI+x7DNHOEU2mzA
boaachG2Vza1cXmPY4W1OUxCPW9HPI5r0EytJKVI4v8MJQK+KUmISd4dAaj8VUFm
8q7gE+vgU5iad+r72FMr8dLqgyRvFceZQHk4dZ7XLiEyfGc3aOYyfQRBa2+zpiaH
10bUkG2NAG7Bweu/dixLN2jM+7rKB33zZJMVC92qYdfxDGyV8oqpTiUDhydUFdD1
FJWVG1QFn42y7JRIPy249K850teMtzYtDfgP5VAa92I2pZIWt4EWknAWTx651Wku
UOBzx10Go0LBZyaPGTDSyI8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:00 2023 by rpki-client on console-fra.rpki-client.org