Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/kHwA4RVvbwaQ_beeLFa6jFXcv_0.roa
File:                     kHwA4RVvbwaQ_beeLFa6jFXcv_0.roa (raw, json)
Hash identifier:          BdHMtfsvwV3VvxK2aDJSONYgACKAfyEkYhwfomX9wxw=
Subject key identifier:   90:7C:00:E1:15:6F:6F:06:90:FD:B7:9E:2C:56:BA:8C:55:DC:BF:FD
Certificate issuer:       /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial:       3DEF7C6A
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/kHwA4RVvbwaQ_beeLFa6jFXcv_0.roa
Signing time:             Sat 01 Jan 2022 06:58:05 +0000
ROA not before:           Sat 01 Jan 2022 06:58:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12684
IP address blocks:        62.202.160.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1039105130 (0x3def7c6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
        Validity
            Not Before: Jan  1 06:58:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=907c00e1156f6f0690fdb79e2c56ba8c55dcbffd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:67:aa:b6:28:de:8b:73:ea:2f:e8:63:c1:c6:
                    6f:d5:db:a0:21:45:4c:f9:ac:5f:7c:b5:a1:d1:b1:
                    10:33:46:46:82:42:fc:b9:9f:82:8a:b7:94:cd:3c:
                    42:f6:d5:49:85:b3:bd:38:a7:41:ee:06:79:a0:dd:
                    d8:f2:15:c2:c8:25:03:52:13:71:df:1d:9f:b1:f7:
                    1b:4f:c7:55:83:32:6b:c9:33:bd:9e:0c:2b:26:cd:
                    ed:56:23:53:24:12:3a:11:d2:3f:6c:2e:a3:63:b2:
                    0a:9d:f0:45:0e:85:ad:b4:4d:b9:28:30:b2:22:7e:
                    f1:ae:4c:a5:6e:f9:7f:7f:f4:d8:e3:de:9a:95:b2:
                    81:65:bc:75:d4:b4:45:65:0b:31:66:92:1b:77:59:
                    63:85:9a:ed:8c:7b:bb:44:ef:ad:3c:97:7e:33:69:
                    19:1c:29:89:2b:7b:78:08:44:fa:f3:72:a2:9d:c1:
                    0a:82:29:c3:20:d4:20:e3:54:af:a6:53:c5:8b:7a:
                    2d:9e:6f:a3:95:8f:2c:6b:61:03:8f:96:21:14:2e:
                    94:d1:20:98:6a:b8:61:49:29:e5:5b:17:21:4c:06:
                    33:28:8f:e9:63:bf:39:12:b6:cb:0e:f2:50:4e:af:
                    46:ef:5d:01:fe:52:33:0d:c6:fd:9b:64:fc:14:9b:
                    c1:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:7C:00:E1:15:6F:6F:06:90:FD:B7:9E:2C:56:BA:8C:55:DC:BF:FD
            X509v3 Authority Key Identifier:
                keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/kHwA4RVvbwaQ_beeLFa6jFXcv_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.202.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         40:25:08:17:00:a9:0f:39:29:64:ea:b1:f2:f3:17:ef:bd:c7:
         c4:e3:f9:d7:55:fb:d9:62:ee:57:eb:4a:b8:4c:60:24:fa:94:
         fe:92:12:f5:8d:bd:81:41:0a:04:3b:5d:e5:35:00:98:b1:bc:
         ef:df:2d:76:0d:93:8f:88:ee:22:4c:e7:10:b8:7d:c5:6a:c4:
         a7:a8:fa:24:06:c7:0c:15:12:20:82:16:44:54:96:90:77:f1:
         51:fc:4b:5f:98:82:2a:aa:f2:10:74:4e:d5:8d:39:0a:7a:f2:
         6c:4f:c2:f5:31:67:06:b8:9a:79:b4:55:9f:ec:1c:a5:95:b6:
         b4:46:ba:07:56:42:46:44:0b:c0:5e:88:95:52:e2:60:7a:e8:
         0f:dd:bf:97:b1:39:57:df:16:5f:98:72:55:76:a3:b8:30:27:
         01:f3:cd:3b:b7:66:8a:eb:00:2c:c2:3e:10:44:84:50:40:bf:
         4e:e2:89:4f:5c:fe:64:f5:e0:45:4a:ee:0d:e1:09:eb:16:30:
         80:fe:82:2f:a0:0e:d7:12:b4:aa:29:73:95:40:7b:fb:f6:75:
         28:21:48:96:2d:1d:55:d4:8e:46:27:30:8d:c6:74:f3:f1:84:
         08:8c:6d:ce:4a:db:f8:c2:59:e0:44:e2:91:98:a8:b9:d0:50:
         35:4c:fa:38
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPe98ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDNlM2Y0ODU2ZGFjMmEwMDVjM2E1MjM0NzExNGRlYzQ1MzkzNGI4MB4XDTIyMDEw
MTA2NTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA3YzAwZTExNTZm
NmYwNjkwZmRiNzllMmM1NmJhOGM1NWRjYmZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJnqrYo3otz6i/oY8HGb9XboCFFTPmsX3y1odGxEDNGRoJC
/Lmfgoq3lM08QvbVSYWzvTinQe4GeaDd2PIVwsglA1ITcd8dn7H3G0/HVYMya8kz
vZ4MKybN7VYjUyQSOhHSP2wuo2OyCp3wRQ6FrbRNuSgwsiJ+8a5MpW75f3/02OPe
mpWygWW8ddS0RWULMWaSG3dZY4Wa7Yx7u0TvrTyXfjNpGRwpiSt7eAhE+vNyop3B
CoIpwyDUIONUr6ZTxYt6LZ5vo5WPLGthA4+WIRQulNEgmGq4YUkp5VsXIUwGMyiP
6WO/ORK2yw7yUE6vRu9dAf5SMw3G/Ztk/BSbwVUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQfADhFW9vBpD9t54sVrqMVdy//TAfBgNVHSMEGDAWgBSUPj9IVtrCoAXD
pSNHEU3sRTk0uDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xENF9TRmJhd3FBRnc2VWpSeEZON0VVNU5MZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvOGMxNTQ0LTdjZjItNDg3MS1hMWRmLTAyNTNkMDRmYjhmZi8x
L2tId0E0UlZ2YndhUV9iZWVMRmE2akZYY3ZfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
OGMxNTQ0LTdjZjItNDg3MS1hMWRmLTAyNTNkMDRmYjhmZi8xL2xENF9TRmJhd3FB
Rnc2VWpSeEZON0VVNU5MZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBD7KoDANBgkqhkiG9w0BAQsFAAOC
AQEAQCUIFwCpDzkpZOqx8vMX773HxOP511X72WLuV+tKuExgJPqU/pIS9Y29gUEK
BDtd5TUAmLG8798tdg2Tj4juIkznELh9xWrEp6j6JAbHDBUSIIIWRFSWkHfxUfxL
X5iCKqryEHRO1Y05CnrybE/C9TFnBriaebRVn+wcpZW2tEa6B1ZCRkQLwF6IlVLi
YHroD92/l7E5V98WX5hyVXajuDAnAfPNO7dmiusALMI+EESEUEC/TuKJT1z+ZPXg
RUruDeEJ6xYwgP6CL6AO1xK0qilzlUB7+/Z1KCFIli0dVdSORicwjcZ08/GECIxt
zkrb+MJZ4ETikZioudBQNUz6OA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:32 2023 by rpki-client on console-fra.rpki-client.org