Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/CcPf7kU63CcdBOVKgpY_DzmoLSA.roa
File:                     CcPf7kU63CcdBOVKgpY_DzmoLSA.roa (raw, json)
Hash identifier:          p6qvUjP/gzdOaP7S84MH9hWscadCXgdsmr9MUowdTpM=
Subject key identifier:   09:C3:DF:EE:45:3A:DC:27:1D:04:E5:4A:82:96:3F:0F:39:A8:2D:20
Certificate issuer:       /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial:       365712DA
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/CcPf7kU63CcdBOVKgpY_DzmoLSA.roa
Signing time:             Sat 01 Jan 2022 03:59:11 +0000
ROA not before:           Sat 01 Jan 2022 03:59:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211513
IP address blocks:        202.164.206.0/24 maxlen: 24
                          202.164.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 911676122 (0x365712da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
        Validity
            Not Before: Jan  1 03:59:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=09c3dfee453adc271d04e54a82963f0f39a82d20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f0:18:7b:83:46:d2:f0:62:97:2c:9e:fe:50:
                    19:a7:9d:63:91:ec:b3:d7:89:ec:6e:57:17:88:f8:
                    ac:3c:56:f1:b4:9a:d1:e7:d1:2c:40:f5:23:eb:ed:
                    93:8f:88:3f:80:e6:84:5d:f5:d4:8c:3d:85:22:5d:
                    90:4c:c3:1c:1b:5e:93:ca:89:7f:2c:5b:c2:fb:c4:
                    22:40:96:f2:fc:e1:72:14:fa:ae:6d:85:22:03:f7:
                    eb:43:b2:05:c5:a3:79:1e:87:00:7f:3b:b9:e0:a2:
                    cb:9c:8d:ca:e2:50:40:f1:d9:b1:dd:8d:27:3e:46:
                    e7:39:0a:f0:9e:bb:e8:9b:d0:dc:7f:46:44:8a:70:
                    7e:1b:c4:18:65:8d:bf:71:c3:9e:78:11:d1:6e:40:
                    5b:2d:d4:2d:6b:a2:37:dd:ac:d4:a0:10:28:82:c5:
                    e2:b1:8b:7d:b5:19:9b:d6:63:56:21:28:db:d4:f3:
                    7b:e4:2f:90:83:00:89:5c:28:fa:71:57:97:b7:c9:
                    01:ff:20:ef:c7:96:ba:7c:c9:29:c6:a4:70:c5:e7:
                    30:42:37:b3:17:e5:56:15:44:fb:08:cd:7a:37:aa:
                    b8:07:55:c4:e0:25:ff:02:b7:8b:45:08:5f:b4:7d:
                    3f:6e:df:6a:51:72:50:e9:eb:b5:e8:f6:dd:3f:ee:
                    79:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C3:DF:EE:45:3A:DC:27:1D:04:E5:4A:82:96:3F:0F:39:A8:2D:20
            X509v3 Authority Key Identifier:
                keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/CcPf7kU63CcdBOVKgpY_DzmoLSA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.164.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:55:31:7a:87:b2:7e:5c:b9:13:e3:0d:fc:08:2e:d0:b8:df:
         0c:3a:b3:7d:2b:ae:1f:b3:04:0d:e1:e3:5f:a5:f8:b7:80:8b:
         32:c6:83:0f:03:28:41:d7:7a:ce:76:5e:0e:45:d6:3e:cb:79:
         52:e7:d5:b8:0c:9d:e4:a9:df:2e:2d:a1:b2:12:bf:da:f5:b6:
         a8:47:84:31:d7:90:d3:7b:df:5c:25:e7:35:b5:af:a4:60:d9:
         6a:b0:50:45:48:48:82:ae:a1:8f:f1:14:16:9f:9b:e4:06:2e:
         2f:c1:e5:ec:35:7d:0f:3b:8e:91:dd:2b:3a:0e:bb:4b:28:0a:
         1c:b5:7f:75:e8:ad:57:21:7c:72:f5:7c:a3:b6:48:53:7d:88:
         88:fb:93:3f:7f:df:c5:3c:c4:14:75:4b:0a:27:a4:d1:a4:30:
         2c:6a:56:f2:de:bc:f8:97:13:5d:94:37:77:f0:18:97:c2:1c:
         48:d5:b6:67:82:29:54:52:65:d5:2f:3c:5b:fb:67:e1:af:ee:
         79:22:c5:43:97:60:27:dc:24:4f:1e:9f:59:01:76:81:67:6b:
         7b:75:c5:82:07:99:9c:f5:4b:a4:42:94:5f:c9:95:0b:e0:80:
         ba:3a:d3:c7:01:e2:e1:c4:65:24:38:d1:1f:dd:de:33:fa:72:
         4f:ba:96:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENlcS2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MTA5OGExOTA1YmJkMzM4MTUzMzgyOGY2YjdmZDIyNzE3MDQzMWVmMB4XDTIyMDEw
MTAzNTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDljM2RmZWU0NTNh
ZGMyNzFkMDRlNTRhODI5NjNmMGYzOWE4MmQyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrwGHuDRtLwYpcsnv5QGaedY5Hss9eJ7G5XF4j4rDxW8bSa
0efRLED1I+vtk4+IP4DmhF311Iw9hSJdkEzDHBtek8qJfyxbwvvEIkCW8vzhchT6
rm2FIgP360OyBcWjeR6HAH87ueCiy5yNyuJQQPHZsd2NJz5G5zkK8J676JvQ3H9G
RIpwfhvEGGWNv3HDnngR0W5AWy3ULWuiN92s1KAQKILF4rGLfbUZm9ZjViEo29Tz
e+QvkIMAiVwo+nFXl7fJAf8g78eWunzJKcakcMXnMEI3sxflVhVE+wjNejequAdV
xOAl/wK3i0UIX7R9P27falFyUOnrtej23T/ueVUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJw9/uRTrcJx0E5UqClj8POagtIDAfBgNVHSMEGDAWgBTBCYoZBbvTOBUz
go9rf9InFwQx7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dRbUtHUVc3MHpnVk00S1BhM19TSnhjRU1lOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMmVlZDcxLTQ2NjUtNDk0OC1hM2M1LWIyYTcxM2QyZWFiMi8x
L0NjUGY3a1U2M0NjZEJPVktncFlfRHptb0xTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MmVlZDcxLTQ2NjUtNDk0OC1hM2M1LWIyYTcxM2QyZWFiMi8xL3dRbUtHUVc3MHpn
Vk00S1BhM19TSnhjRU1lOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcqkzjANBgkqhkiG9w0BAQsFAAOC
AQEApVUxeoeyfly5E+MN/Agu0LjfDDqzfSuuH7MEDeHjX6X4t4CLMsaDDwMoQdd6
znZeDkXWPst5UufVuAyd5KnfLi2hshK/2vW2qEeEMdeQ03vfXCXnNbWvpGDZarBQ
RUhIgq6hj/EUFp+b5AYuL8Hl7DV9DzuOkd0rOg67SygKHLV/deitVyF8cvV8o7ZI
U32IiPuTP3/fxTzEFHVLCiek0aQwLGpW8t68+JcTXZQ3d/AYl8IcSNW2Z4IpVFJl
1S88W/tn4a/ueSLFQ5dgJ9wkTx6fWQF2gWdre3XFggeZnPVLpEKUX8mVC+CAujrT
xwHi4cRlJDjRH93eM/pyT7qWZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:50 2024 by rpki-client on console-ams.rpki-client.org