Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cNazyjL6uzW335CE5WbICro2B7A.roa
File:                     cNazyjL6uzW335CE5WbICro2B7A.roa (raw, json)
Hash identifier:          aG0y5pA60v5nMCGUEya4O1HNbbuNjbXhABCX++7TRB0=
Subject key identifier:   70:D6:B3:CA:32:FA:BB:35:B7:DF:90:84:E5:66:C8:0A:BA:36:07:B0
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       01A6D91A
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cNazyjL6uzW335CE5WbICro2B7A.roa
Signing time:             Sat 01 Jan 2022 00:56:09 +0000
ROA not before:           Sat 01 Jan 2022 00:56:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61185
IP address blocks:        31.223.192.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27711770 (0x1a6d91a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Jan  1 00:56:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70d6b3ca32fabb35b7df9084e566c80aba3607b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ac:30:f2:01:08:4a:44:7c:d6:1f:57:0e:46:
                    df:c0:31:b4:38:66:c7:3d:e3:b4:1e:aa:db:6b:d2:
                    b5:e2:21:6d:f8:d6:cb:74:8f:ae:17:58:9f:b9:8f:
                    51:fc:c2:f3:df:39:9a:d2:6b:a2:f0:c1:13:80:86:
                    5f:20:92:e6:d2:e0:3b:78:71:81:41:57:ea:cc:de:
                    ea:79:55:9a:49:a8:d0:b1:4f:9a:6a:38:52:ca:79:
                    ee:dd:68:f2:f9:44:3f:4c:d1:47:04:ca:c3:a8:55:
                    ae:20:8e:f6:ac:87:6d:26:6e:79:c3:40:9c:11:bd:
                    4d:6f:2b:f1:46:f3:2a:57:2c:bf:99:22:cb:8b:2c:
                    b3:80:f0:48:2e:f0:ec:7b:0e:0c:ba:e4:5c:7b:b2:
                    ee:6a:2f:52:ba:f2:50:ab:aa:d5:90:90:da:ba:4a:
                    c2:bd:84:a9:09:f3:cd:b4:1e:69:bb:1d:cc:3c:ee:
                    92:51:cf:e8:6a:d6:3b:af:d8:fb:f8:5f:d4:4c:c7:
                    6c:15:ec:4a:25:9f:a8:fa:a4:ba:27:3e:70:9c:7f:
                    fa:4a:ad:a9:a7:b1:c6:61:31:a0:53:6f:de:d1:66:
                    c4:70:a0:cf:d7:eb:4d:19:5c:a1:d1:6c:96:1f:06:
                    eb:87:c6:4f:4b:3a:9f:6e:8f:a9:df:62:09:85:9b:
                    57:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D6:B3:CA:32:FA:BB:35:B7:DF:90:84:E5:66:C8:0A:BA:36:07:B0
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/cNazyjL6uzW335CE5WbICro2B7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.223.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9e:07:b8:94:de:a7:1a:44:cf:42:a2:fd:9a:a8:86:21:86:7d:
         d6:bf:c7:e8:5e:63:48:9c:54:93:a4:37:2e:8a:99:cc:bb:48:
         d7:e1:75:33:8d:24:16:f4:a3:42:69:0d:83:b4:cd:1a:79:3c:
         82:7c:be:c1:89:14:e5:50:24:51:63:29:73:7e:67:ab:01:76:
         d4:e2:6c:48:49:8e:88:e3:f0:80:83:30:9b:a1:38:67:85:cf:
         b9:76:86:ad:be:fe:bb:58:20:52:20:91:53:9d:d1:35:30:5d:
         44:54:10:ac:f1:45:00:4b:22:04:9b:a4:90:a9:27:3e:a4:46:
         cd:f5:b8:37:38:3f:5c:d4:79:f9:2b:a3:b6:b9:72:0c:08:a0:
         72:f0:40:b9:4e:a2:73:69:d3:16:28:86:dd:72:36:65:d4:46:
         0e:0e:39:71:75:3a:45:9d:ae:a8:47:1a:1a:b7:fd:4a:49:e9:
         2a:e6:62:86:2c:dc:1b:45:dd:d6:c6:92:a3:df:32:99:5b:ee:
         1d:9c:e1:8b:36:aa:d8:3d:a7:b2:80:42:58:ee:88:32:d4:58:
         e9:f8:62:25:8d:31:54:f5:79:c0:d1:6a:08:f6:ff:26:91:a3:
         5e:26:0a:65:c3:6f:c9:a4:e8:7e:42:74:8f:82:d2:d7:f3:a1:
         3e:06:b4:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAabZGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzI1Mzc2MDFhMzE2OTc0MDQ5MjJkOTU3ZTc0NDUwZjVhOWNiZTczMB4XDTIyMDEw
MTAwNTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBkNmIzY2EzMmZh
YmIzNWI3ZGY5MDg0ZTU2NmM4MGFiYTM2MDdiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+sMPIBCEpEfNYfVw5G38AxtDhmxz3jtB6q22vSteIhbfjW
y3SPrhdYn7mPUfzC8985mtJrovDBE4CGXyCS5tLgO3hxgUFX6sze6nlVmkmo0LFP
mmo4Usp57t1o8vlEP0zRRwTKw6hVriCO9qyHbSZuecNAnBG9TW8r8UbzKlcsv5ki
y4sss4DwSC7w7HsODLrkXHuy7movUrryUKuq1ZCQ2rpKwr2EqQnzzbQeabsdzDzu
klHP6GrWO6/Y+/hf1EzHbBXsSiWfqPqkuic+cJx/+kqtqaexxmExoFNv3tFmxHCg
z9frTRlcodFslh8G64fGT0s6n26Pqd9iCYWbV+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRw1rPKMvq7NbffkITlZsgKujYHsDAfBgNVHSMEGDAWgBQXJTdgGjFpdASS
LZV+dEUPWpy+czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z5VTNZQm94YVhRRWtpMlZmblJGRDFxY3ZuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8x
L2NOYXp5akw2dXpXMzM1Q0U1V2JJQ3JvMkI3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8xL0Z5VTNZQm94YVhR
RWtpMlZmblJGRDFxY3ZuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBB/fwDANBgkqhkiG9w0BAQsFAAOC
AQEAnge4lN6nGkTPQqL9mqiGIYZ91r/H6F5jSJxUk6Q3LoqZzLtI1+F1M40kFvSj
QmkNg7TNGnk8gny+wYkU5VAkUWMpc35nqwF21OJsSEmOiOPwgIMwm6E4Z4XPuXaG
rb7+u1ggUiCRU53RNTBdRFQQrPFFAEsiBJukkKknPqRGzfW4Nzg/XNR5+Sujtrly
DAigcvBAuU6ic2nTFiiG3XI2ZdRGDg45cXU6RZ2uqEcaGrf9SknpKuZihizcG0Xd
1saSo98ymVvuHZzhizaq2D2nsoBCWO6IMtRY6fhiJY0xVPV5wNFqCPb/JpGjXiYK
ZcNvyaTofkJ0j4LS1/OhPga0XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:25 2024 by rpki-client on console-fra.rpki-client.org