Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/ughLdaw7CysOxRmQuwBixeSvR4g.roa
File:                     ughLdaw7CysOxRmQuwBixeSvR4g.roa (raw, json)
Hash identifier:          GaEOypaBKkG8uFq9Mp3HXbSv/+0/b3kbXSJi/LpLi98=
Subject key identifier:   BA:08:4B:75:AC:3B:0B:2B:0E:C5:19:90:BB:00:62:C5:E4:AF:47:88
Certificate issuer:       /CN=06360901ffe4f23c18c45b544ab8759db55292cb
Certificate serial:       9E2466
Authority key identifier: 06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/ughLdaw7CysOxRmQuwBixeSvR4g.roa
Signing time:             Sat 01 Jan 2022 01:03:21 +0000
ROA not before:           Sat 01 Jan 2022 01:03:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        176.97.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10364006 (0x9e2466)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06360901ffe4f23c18c45b544ab8759db55292cb
        Validity
            Not Before: Jan  1 01:03:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba084b75ac3b0b2b0ec51990bb0062c5e4af4788
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:fc:09:04:11:03:8c:eb:2d:c0:9d:fb:f7:d1:
                    94:a7:dd:a5:63:32:1c:20:ee:db:83:ba:d2:52:6a:
                    ff:1e:33:59:dd:03:dd:0a:b8:26:9e:7e:5c:a3:70:
                    e0:25:8a:e4:91:50:68:59:bf:24:01:fd:85:b6:7a:
                    da:1e:36:77:fc:35:29:86:23:17:1d:a4:2c:96:6c:
                    7e:f6:c6:4d:4b:9c:4d:3f:be:c1:f0:2b:f1:5e:7b:
                    7d:b4:12:4b:8d:20:30:32:b1:24:c2:61:fa:46:9e:
                    4b:51:02:1c:c6:1a:fb:cc:34:84:cf:b1:0e:d3:83:
                    d7:a5:65:02:d7:82:81:f5:ac:1f:65:14:6a:f3:68:
                    b6:f2:da:da:58:d9:5f:eb:b8:94:c8:d9:6d:8a:73:
                    c6:16:f6:47:54:7d:4d:2d:44:2c:fd:a2:80:73:c8:
                    05:6e:8d:9d:8c:8c:10:9a:38:2a:ba:a3:8d:1f:67:
                    71:9a:02:eb:d7:df:74:15:02:87:4a:09:ac:c6:f2:
                    aa:9d:e6:1e:0d:19:f5:44:1d:3f:92:79:65:9f:b2:
                    94:e8:38:21:d4:51:a6:bc:19:94:28:32:fc:d8:2e:
                    7c:e3:f2:33:a8:3f:8c:43:66:70:0c:e3:cc:eb:df:
                    d1:ed:67:73:f9:63:40:63:48:81:5a:d1:d7:60:30:
                    41:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:08:4B:75:AC:3B:0B:2B:0E:C5:19:90:BB:00:62:C5:E4:AF:47:88
            X509v3 Authority Key Identifier:
                keyid:06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/ughLdaw7CysOxRmQuwBixeSvR4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/BjYJAf_k8jwYxFtUSrh1nbVSkss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:00:c9:dc:4f:9c:08:3d:37:f7:14:f0:fa:bf:f6:b7:e9:55:
         bb:ed:65:3b:03:e7:0a:e4:a9:eb:13:62:4e:48:93:82:8c:a5:
         00:ba:c4:94:d1:9a:b3:23:91:c6:39:bf:75:09:ba:16:8a:38:
         58:02:c9:d8:4b:e8:94:88:a8:76:29:a1:4a:f8:e7:1e:1b:24:
         31:20:56:0e:99:f3:77:ab:fc:81:75:80:ff:78:65:48:d7:19:
         ed:34:c9:a4:4e:29:94:0d:46:3c:a6:f8:fc:ea:8d:d4:c3:18:
         cb:5d:84:fd:d5:c5:d7:f1:d0:fd:b8:ea:39:ec:d8:96:cf:0e:
         c8:12:1a:5d:9e:ea:da:67:13:ac:75:c7:2e:42:0e:51:3c:b8:
         d2:5d:d6:23:b1:5b:b9:0b:2d:28:d1:60:5c:82:be:77:4c:af:
         69:e9:5e:46:7d:c3:25:13:a1:fd:85:3a:c9:02:08:a2:c6:8a:
         4a:b9:23:2f:c7:08:fd:78:27:7a:e6:1f:80:00:55:df:0f:d3:
         4e:ed:36:dd:d6:66:67:ba:ed:1c:69:c7:3f:9e:f2:72:54:79:
         c8:50:d2:60:ec:40:74:b1:74:7f:45:25:d5:87:80:b3:47:0e:
         b1:ab:96:e0:3d:28:77:c7:6f:76:c3:1b:c7:67:54:b3:1c:d0:
         c3:47:2d:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ4kZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjM2MDkwMWZmZTRmMjNjMThjNDViNTQ0YWI4NzU5ZGI1NTI5MmNiMB4XDTIyMDEw
MTAxMDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmEwODRiNzVhYzNi
MGIyYjBlYzUxOTkwYmIwMDYyYzVlNGFmNDc4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOf8CQQRA4zrLcCd+/fRlKfdpWMyHCDu24O60lJq/x4zWd0D
3Qq4Jp5+XKNw4CWK5JFQaFm/JAH9hbZ62h42d/w1KYYjFx2kLJZsfvbGTUucTT++
wfAr8V57fbQSS40gMDKxJMJh+kaeS1ECHMYa+8w0hM+xDtOD16VlAteCgfWsH2UU
avNotvLa2ljZX+u4lMjZbYpzxhb2R1R9TS1ELP2igHPIBW6NnYyMEJo4KrqjjR9n
cZoC69ffdBUCh0oJrMbyqp3mHg0Z9UQdP5J5ZZ+ylOg4IdRRprwZlCgy/NgufOPy
M6g/jENmcAzjzOvf0e1nc/ljQGNIgVrR12AwQY8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS6CEt1rDsLKw7FGZC7AGLF5K9HiDAfBgNVHSMEGDAWgBQGNgkB/+TyPBjE
W1RKuHWdtVKSyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JqWUpBZl9rOGp3WXhGdFVTcmgxbmJWU2tzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvMTJiNjBjLWU2NDctNDM3NS05ODY5LWQ2ZTFlMmFmMGIzYy8x
L3VnaExkYXc3Q3lzT3hSbVF1d0JpeGVTdlI0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
MTJiNjBjLWU2NDctNDM3NS05ODY5LWQ2ZTFlMmFmMGIzYy8xL0JqWUpBZl9rOGp3
WXhGdFVTcmgxbmJWU2tzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBhxjANBgkqhkiG9w0BAQsFAAOC
AQEAYQDJ3E+cCD039xTw+r/2t+lVu+1lOwPnCuSp6xNiTkiTgoylALrElNGasyOR
xjm/dQm6Foo4WALJ2EvolIiodimhSvjnHhskMSBWDpnzd6v8gXWA/3hlSNcZ7TTJ
pE4plA1GPKb4/OqN1MMYy12E/dXF1/HQ/bjqOezYls8OyBIaXZ7q2mcTrHXHLkIO
UTy40l3WI7FbuQstKNFgXIK+d0yvaeleRn3DJROh/YU6yQIIosaKSrkjL8cI/Xgn
euYfgABV3w/TTu023dZmZ7rtHGnHP57yclR5yFDSYOxAdLF0f0Ul1YeAs0cOsauW
4D0od8dvdsMbx2dUsxzQw0ct2A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:42 2023 by rpki-client on console-fra.rpki-client.org