Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oGQiGWWsKtJ1kmZzTF7I576DsUU.roa
File:                     oGQiGWWsKtJ1kmZzTF7I576DsUU.roa (raw, json)
Hash identifier:          lHSYPbQ+AeLCnuHZN97jVnN9LmWQ4WK290Ty1b34ugQ=
Subject key identifier:   A0:64:22:19:65:AC:2A:D2:75:92:66:73:4C:5E:C8:E7:BE:83:B1:45
Certificate issuer:       /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial:       0185303A01D61AE83831AE787A1FDFC65446
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oGQiGWWsKtJ1kmZzTF7I576DsUU.roa
Signing time:             Tue 20 Dec 2022 15:49:46 +0000
ROA not before:           Tue 20 Dec 2022 15:49:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        202.22.173.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:30:3a:01:d6:1a:e8:38:31:ae:78:7a:1f:df:c6:54:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
        Validity
            Not Before: Dec 20 15:49:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a064221965ac2ad2759266734c5ec8e7be83b145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3c:dc:98:35:49:f8:5b:9a:69:38:3e:6a:45:
                    d1:9b:04:9f:ec:84:21:db:f4:13:a8:f8:d5:1f:92:
                    da:f9:50:bf:88:22:71:52:d4:62:8b:63:01:7e:78:
                    10:c3:56:42:bb:5f:93:8d:e6:1d:95:8a:06:9b:c7:
                    86:3c:0d:ea:cc:1a:21:50:6f:22:12:85:f6:00:3e:
                    c3:87:07:a1:82:57:31:fb:00:52:c8:1d:97:57:78:
                    90:fc:0f:8c:fd:3c:03:26:3a:4e:ff:06:12:72:44:
                    11:bc:ab:6c:70:17:2a:4b:4f:56:ac:e0:6d:63:45:
                    36:bc:7e:59:68:46:44:01:3c:70:db:0b:83:67:b3:
                    91:6b:fd:94:16:1d:59:35:2c:90:ad:75:cf:d3:14:
                    e2:5a:fd:2b:2b:d2:74:38:fd:6d:4c:aa:63:71:c0:
                    80:1e:9e:c5:5f:32:ab:4d:69:b7:c0:65:27:59:43:
                    9f:56:4a:93:97:a2:a5:99:86:a6:4e:70:e4:d0:33:
                    0a:50:94:33:b5:b5:33:f3:f2:a0:cf:25:55:0b:3d:
                    1a:35:80:86:d0:4b:52:94:a9:8f:09:5c:b2:82:8f:
                    d0:d6:50:35:0d:4b:bd:b9:85:13:f6:14:bf:13:16:
                    fe:2b:15:13:ce:ee:da:2c:f1:80:b0:3b:35:1f:3f:
                    d2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:64:22:19:65:AC:2A:D2:75:92:66:73:4C:5E:C8:E7:BE:83:B1:45
            X509v3 Authority Key Identifier:
                keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/oGQiGWWsKtJ1kmZzTF7I576DsUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.22.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:56:99:7a:bf:c6:e1:dc:25:2f:75:4d:c4:af:90:3d:13:5d:
         08:47:30:e0:da:84:56:6b:f1:7f:7c:f9:cd:ef:6b:cc:dc:e9:
         e4:62:cb:4d:f8:0c:ce:a6:dc:58:7f:25:dd:7b:d1:ad:96:2e:
         bb:d4:71:b5:d2:ef:e4:92:a6:1a:d3:b8:f8:f0:f0:1a:65:8c:
         ba:ce:7d:b0:b4:12:f1:b4:54:ac:87:0d:ea:e8:d2:d1:b7:4d:
         d1:05:8a:21:e1:81:52:00:43:6f:b1:91:83:92:3e:8d:55:f3:
         c3:14:d5:8b:c7:e0:3e:37:9f:4a:79:ed:d1:62:33:ce:14:bb:
         ae:67:45:bf:c3:c5:eb:d2:71:c0:b9:f5:47:b5:9f:90:04:fc:
         73:ca:1d:2d:a9:86:75:6a:1a:94:f6:73:7b:c6:ce:3d:ec:56:
         c8:2c:12:f8:a7:f3:3b:d5:ba:b6:0e:14:62:7a:38:54:91:41:
         fe:6e:c5:1c:94:84:f8:28:5d:81:c6:e8:4a:c8:c3:ac:44:b7:
         bf:0f:66:85:d5:30:ee:0b:df:e6:26:3d:9a:0e:da:4e:34:95:
         44:23:4a:c2:83:a2:75:d3:87:50:1a:ca:7f:ba:e8:37:a8:6f:
         b0:55:86:12:c2:f3:2a:44:60:18:24:84:07:fd:d3:b3:56:c3:
         a1:d7:10:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUwOgHWGug4Ma54eh/fxlRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjIxMjIwMTU0OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY0MjIxOTY1YWMyYWQyNzU5MjY2NzM0YzVlYzhlN2JlODNiMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDzcmDVJ+FuaaTg+akXRmwSf7IQh
2/QTqPjVH5La+VC/iCJxUtRii2MBfngQw1ZCu1+TjeYdlYoGm8eGPA3qzBohUG8i
EoX2AD7Dhwehglcx+wBSyB2XV3iQ/A+M/TwDJjpO/wYSckQRvKtscBcqS09WrOBt
Y0U2vH5ZaEZEATxw2wuDZ7ORa/2UFh1ZNSyQrXXP0xTiWv0rK9J0OP1tTKpjccCA
Hp7FXzKrTWm3wGUnWUOfVkqTl6KlmYamTnDk0DMKUJQztbUz8/KgzyVVCz0aNYCG
0EtSlKmPCVyygo/Q1lA1DUu9uYUT9hS/Exb+KxUTzu7aLPGAsDs1Hz/S8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBkIhllrCrSdZJmc0xeyOe+g7FFMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvb0dRaUdXV3NLdEoxa21aelRGN0k1NzZEc1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhatMA0G
CSqGSIb3DQEBCwUAA4IBAQALVpl6v8bh3CUvdU3Er5A9E10IRzDg2oRWa/F/fPnN
72vM3OnkYstN+AzOptxYfyXde9Gtli671HG10u/kkqYa07j48PAaZYy6zn2wtBLx
tFSshw3q6NLRt03RBYoh4YFSAENvsZGDkj6NVfPDFNWLx+A+N59Kee3RYjPOFLuu
Z0W/w8Xr0nHAufVHtZ+QBPxzyh0tqYZ1ahqU9nN7xs497FbILBL4p/M71bq2DhRi
ejhUkUH+bsUclIT4KF2BxuhKyMOsRLe/D2aF1TDuC9/mJj2aDtpONJVEI0rCg6J1
04dQGsp/uug3qG+wVYYSwvMqRGAYJIQH/dOzVsOh1xAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:34 2024 by rpki-client on console-ams.rpki-client.org