Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/ubBW8NNtiGXGHTCmj7pBUyzWxaY.roa
File:                     ubBW8NNtiGXGHTCmj7pBUyzWxaY.roa (raw, json)
Hash identifier:          c3fVPqLAl67lKleWYaBZR0rZxtguWEzy1e0mast8ehQ=
Subject key identifier:   B9:B0:56:F0:D3:6D:88:65:C6:1D:30:A6:8F:BA:41:53:2C:D6:C5:A6
Certificate issuer:       /CN=a3e6332cc397d338e1d6a1fb86c2b71c92cb2559
Certificate serial:       0107B4B3
Authority key identifier: A3:E6:33:2C:C3:97:D3:38:E1:D6:A1:FB:86:C2:B7:1C:92:CB:25:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o-YzLMOX0zjh1qH7hsK3HJLLJVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/ubBW8NNtiGXGHTCmj7pBUyzWxaY.roa
Signing time:             Sat 01 Jan 2022 00:54:54 +0000
ROA not before:           Sat 01 Jan 2022 00:54:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        94.247.138.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17282227 (0x107b4b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3e6332cc397d338e1d6a1fb86c2b71c92cb2559
        Validity
            Not Before: Jan  1 00:54:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b9b056f0d36d8865c61d30a68fba41532cd6c5a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:67:5d:95:cd:2d:fd:73:b2:4a:da:e3:df:6c:
                    ab:e8:29:90:1a:91:1a:14:7c:aa:10:22:c9:d6:b5:
                    1b:64:75:43:a0:41:5c:0a:f1:ac:9e:c0:71:7e:aa:
                    11:cc:46:cb:25:19:c6:7b:d8:20:eb:84:29:fa:d7:
                    9d:26:54:46:c8:9d:76:38:86:0b:38:96:77:6b:6b:
                    dd:ae:8e:b7:1c:e0:0e:c1:96:2c:3c:eb:9a:16:82:
                    6d:6f:cf:49:2a:77:c4:5e:bc:70:c7:d8:07:25:32:
                    58:78:ce:df:fb:65:f6:2c:e9:d5:5f:92:7f:2c:53:
                    dd:55:ce:84:81:65:57:6a:75:10:55:fd:e6:23:88:
                    af:47:c4:7e:b2:8d:4f:07:99:da:f9:da:63:b1:94:
                    37:2b:2f:41:41:6b:61:73:e0:ff:c3:f2:d0:b6:09:
                    26:ee:3c:16:26:4b:ef:db:6d:31:bd:ca:a2:a6:23:
                    18:29:d4:55:1f:4e:88:02:42:49:76:92:ed:98:f2:
                    19:ca:bf:5e:46:9c:fc:05:fd:d9:7e:92:a4:10:4b:
                    3d:ac:34:f2:bb:0d:c0:18:cf:c8:82:8d:04:39:b9:
                    f1:fa:71:73:c6:22:5e:2f:27:df:bb:3e:27:92:6c:
                    d0:73:49:79:c8:71:a9:5f:ed:3c:04:fe:9c:6e:ff:
                    71:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:B0:56:F0:D3:6D:88:65:C6:1D:30:A6:8F:BA:41:53:2C:D6:C5:A6
            X509v3 Authority Key Identifier:
                keyid:A3:E6:33:2C:C3:97:D3:38:E1:D6:A1:FB:86:C2:B7:1C:92:CB:25:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-YzLMOX0zjh1qH7hsK3HJLLJVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/ubBW8NNtiGXGHTCmj7pBUyzWxaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/o-YzLMOX0zjh1qH7hsK3HJLLJVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.247.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:1b:bd:46:01:9d:dd:48:da:17:da:06:4a:86:a6:88:2b:76:
         40:fa:fe:8e:cf:c0:57:6b:ff:04:05:86:05:02:78:16:c5:83:
         e4:c6:4d:a4:42:6f:2e:1e:72:c2:a6:e8:d3:15:85:84:46:12:
         eb:6f:e6:4c:62:0b:48:18:53:80:fc:6c:16:89:cb:ba:0d:53:
         09:b4:be:89:27:13:e2:c1:35:fc:46:e3:11:b3:52:1e:27:be:
         87:e3:dd:4e:ee:78:f3:04:af:2f:f5:e7:43:4e:f6:5d:64:b1:
         98:32:71:9d:66:eb:29:1d:c6:fd:73:64:ed:54:44:c7:22:57:
         b1:b5:6f:02:2b:6d:cc:2c:66:84:51:2a:93:9f:64:85:21:cf:
         a5:3e:e4:1f:31:e9:d7:28:8e:69:18:a3:f0:6f:d1:c0:3f:93:
         8f:c8:b2:5c:21:c0:61:0c:f5:56:44:70:86:d3:7b:f6:c7:55:
         03:08:61:88:20:37:54:4c:a6:d0:c7:d3:a4:09:28:92:08:a8:
         db:ef:6f:34:ed:d5:78:8a:01:77:f5:42:70:aa:f7:e4:df:2f:
         22:27:55:3d:8d:82:fc:91:05:25:19:53:58:f5:5d:78:66:86:
         5d:14:18:5b:08:f9:f1:45:47:2f:bf:1c:c0:65:82:68:b6:0b:
         5e:26:8a:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQe0szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2U2MzMyY2MzOTdkMzM4ZTFkNmExZmI4NmMyYjcxYzkyY2IyNTU5MB4XDTIyMDEw
MTAwNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjliMDU2ZjBkMzZk
ODg2NWM2MWQzMGE2OGZiYTQxNTMyY2Q2YzVhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRnXZXNLf1zskra499sq+gpkBqRGhR8qhAiyda1G2R1Q6BB
XArxrJ7AcX6qEcxGyyUZxnvYIOuEKfrXnSZURsiddjiGCziWd2tr3a6OtxzgDsGW
LDzrmhaCbW/PSSp3xF68cMfYByUyWHjO3/tl9izp1V+SfyxT3VXOhIFlV2p1EFX9
5iOIr0fEfrKNTweZ2vnaY7GUNysvQUFrYXPg/8Py0LYJJu48FiZL79ttMb3KoqYj
GCnUVR9OiAJCSXaS7ZjyGcq/Xkac/AX92X6SpBBLPaw08rsNwBjPyIKNBDm58fpx
c8YiXi8n37s+J5Js0HNJechxqV/tPAT+nG7/ceMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5sFbw022IZcYdMKaPukFTLNbFpjAfBgNVHSMEGDAWgBSj5jMsw5fTOOHW
ofuGwrccksslWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28tWXpMTU9YMHpqaDFxSDdoc0szSEpMTEpWay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNWVjNTVhLTc0NjEtNDA4ZS1iNDVjLWU1ZjI2YmM0ZDQ2ZS8x
L3ViQlc4Tk50aUdYR0hUQ21qN3BCVXl6V3hhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NWVjNTVhLTc0NjEtNDA4ZS1iNDVjLWU1ZjI2YmM0ZDQ2ZS8xL28tWXpMTU9YMHpq
aDFxSDdoc0szSEpMTEpWay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF73ijANBgkqhkiG9w0BAQsFAAOC
AQEAvRu9RgGd3UjaF9oGSoamiCt2QPr+js/AV2v/BAWGBQJ4FsWD5MZNpEJvLh5y
wqbo0xWFhEYS62/mTGILSBhTgPxsFonLug1TCbS+iScT4sE1/EbjEbNSHie+h+Pd
Tu548wSvL/XnQ072XWSxmDJxnWbrKR3G/XNk7VRExyJXsbVvAittzCxmhFEqk59k
hSHPpT7kHzHp1yiOaRij8G/RwD+Tj8iyXCHAYQz1VkRwhtN79sdVAwhhiCA3VEym
0MfTpAkokgio2+9vNO3VeIoBd/VCcKr35N8vIidVPY2C/JEFJRlTWPVdeGaGXRQY
Wwj58UVHL78cwGWCaLYLXiaKTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:39 2023 by rpki-client on console-ams.rpki-client.org