Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/on8UVNZ0usmzC7_JwMorsCajo5k.roa
File:                     on8UVNZ0usmzC7_JwMorsCajo5k.roa (raw, json)
Hash identifier:          ftA/yAwddOEXFoHfqbwPriyloac3m2rk65HUgkE1sBg=
Subject key identifier:   A2:7F:14:54:D6:74:BA:C9:B3:0B:BF:C9:C0:CA:2B:B0:26:A3:A3:99
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       1764753C
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/on8UVNZ0usmzC7_JwMorsCajo5k.roa
Signing time:             Sat 01 Jan 2022 09:54:04 +0000
ROA not before:           Sat 01 Jan 2022 09:54:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     196676
IP address blocks:        62.228.246.0/24 maxlen: 24
                          62.228.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 392459580 (0x1764753c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Jan  1 09:54:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a27f1454d674bac9b30bbfc9c0ca2bb026a3a399
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:eb:49:18:44:5b:a1:03:cb:71:84:48:4a:c5:
                    2e:56:f7:24:37:20:a1:ae:02:76:30:ed:b4:59:65:
                    98:63:98:50:ce:74:eb:c9:30:2d:00:68:61:27:9a:
                    93:90:85:53:98:d0:cb:45:29:9d:b5:15:6a:f7:40:
                    bb:b0:79:30:65:c5:4e:c3:a0:38:a1:e8:3d:35:40:
                    0e:f8:65:e6:4f:6d:9d:c1:3d:37:39:b5:b7:ed:64:
                    f4:d1:96:07:d9:78:af:f0:ac:71:2f:1b:ba:df:b5:
                    6e:91:9b:41:00:5f:05:56:f7:8e:82:50:4d:b5:83:
                    ec:1d:d2:e4:02:7d:78:ba:40:33:8d:d9:51:63:6a:
                    20:dd:19:62:a0:c4:97:41:2f:56:7b:ce:4f:57:8e:
                    75:4c:74:28:ef:97:0c:c8:ce:36:11:63:38:99:aa:
                    7f:a5:70:ef:da:bf:47:50:bb:08:f7:c7:70:81:b9:
                    a1:5d:e9:b6:20:1e:05:69:df:f5:2e:ec:d2:c1:19:
                    e0:b3:80:c9:be:90:77:cf:4e:27:6e:ac:e3:79:f5:
                    32:d3:0d:a4:7a:bf:87:90:a5:b9:32:86:a8:ec:7e:
                    5b:5f:54:64:7e:db:96:d3:a2:36:de:81:47:f5:af:
                    01:7b:a6:53:45:7a:66:a4:10:d8:d9:49:18:4f:ac:
                    88:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:7F:14:54:D6:74:BA:C9:B3:0B:BF:C9:C0:CA:2B:B0:26:A3:A3:99
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/on8UVNZ0usmzC7_JwMorsCajo5k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.228.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:f1:d3:6d:8d:3e:9d:ac:24:4f:8e:ad:39:8e:79:4e:73:22:
         58:4c:4c:1f:76:c7:aa:fb:fd:9c:f0:e2:7f:62:d7:bf:4a:40:
         69:43:a4:b2:97:04:68:82:83:2d:45:7e:b8:16:27:08:28:0d:
         91:87:d9:39:37:8b:9a:ad:3c:dd:29:82:6a:1e:8d:89:32:e3:
         4f:e1:72:c5:59:8d:6f:8d:23:ec:e8:96:a1:9b:c9:04:de:2b:
         6b:2d:04:02:a0:5a:96:04:8f:9f:c0:d6:71:e7:68:dc:ba:f6:
         d7:c7:a2:4b:76:c5:82:c2:01:89:9e:c1:3f:ee:fd:f5:e4:37:
         57:01:7f:7e:45:86:1b:ba:e1:f5:30:e8:8e:03:c4:cb:46:f0:
         b2:c5:7b:3e:8d:1d:89:d6:02:ee:6e:41:e6:6a:d9:20:f8:0d:
         cc:ad:fc:79:84:55:75:4b:4e:0d:15:63:8c:3f:ed:ad:8c:fc:
         04:14:1c:37:6b:83:9f:3e:8f:e1:99:1b:9c:82:83:37:44:15:
         a7:e0:79:cc:47:8a:e0:01:79:a3:bf:04:21:38:28:be:82:a5:
         2d:b9:52:b1:07:6d:dc:ec:16:43:94:3b:6f:e5:e9:7f:5f:18:
         e7:0d:07:7a:a8:cf:a2:6b:20:c2:a2:4c:1e:7b:7a:0f:a3:a7:
         64:8d:ab:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF2R1PDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDExYWJjNGMwNDY4YWIyODkxZWFhY2FkYmEwZGMwMzc3OTM2ZmQ1MB4XDTIyMDEw
MTA5NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI3ZjE0NTRkNjc0
YmFjOWIzMGJiZmM5YzBjYTJiYjAyNmEzYTM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzrSRhEW6EDy3GESErFLlb3JDcgoa4CdjDttFllmGOYUM50
68kwLQBoYSeak5CFU5jQy0UpnbUVavdAu7B5MGXFTsOgOKHoPTVADvhl5k9tncE9
Nzm1t+1k9NGWB9l4r/CscS8but+1bpGbQQBfBVb3joJQTbWD7B3S5AJ9eLpAM43Z
UWNqIN0ZYqDEl0EvVnvOT1eOdUx0KO+XDMjONhFjOJmqf6Vw79q/R1C7CPfHcIG5
oV3ptiAeBWnf9S7s0sEZ4LOAyb6Qd89OJ26s43n1MtMNpHq/h5CluTKGqOx+W19U
ZH7bltOiNt6BR/WvAXumU0V6ZqQQ2NlJGE+siI0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSifxRU1nS6ybMLv8nAyiuwJqOjmTAfBgNVHSMEGDAWgBTUEavEwEaKsoke
qsrboNwDd5Nv1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFCR3J4TUJHaXJLSkhxcksyNkRjQTNlVGI5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8x
L29uOFVWTlowdXNtekM3X0p3TW9yc0Nham81ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8xLzFCR3J4TUJHaXJL
SkhxcksyNkRjQTNlVGI5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAT7k9jANBgkqhkiG9w0BAQsFAAOC
AQEAYfHTbY0+nawkT46tOY55TnMiWExMH3bHqvv9nPDif2LXv0pAaUOkspcEaIKD
LUV+uBYnCCgNkYfZOTeLmq083SmCah6NiTLjT+FyxVmNb40j7OiWoZvJBN4ray0E
AqBalgSPn8DWcedo3Lr218eiS3bFgsIBiZ7BP+799eQ3VwF/fkWGG7rh9TDojgPE
y0bwssV7Po0didYC7m5B5mrZIPgNzK38eYRVdUtODRVjjD/trYz8BBQcN2uDnz6P
4ZkbnIKDN0QVp+B5zEeK4AF5o78EITgovoKlLblSsQdt3OwWQ5Q7b+Xpf18Y5w0H
eqjPomsgwqJMHnt6D6OnZI2rrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:17 2024 by rpki-client on console-ams.rpki-client.org