Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa
File:                     9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa (raw, json)
Hash identifier:          ytTDd7YmmIRq9cxVuLHolsPkjsTxtWHiNO6c+orpx8I=
Subject key identifier:   F7:0E:A9:FA:13:4E:F8:A4:39:76:89:91:89:A0:16:17:D8:8E:CB:B6
Certificate issuer:       /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial:       0A64B496
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa
Signing time:             Sat 01 Jan 2022 06:01:14 +0000
ROA not before:           Sat 01 Jan 2022 06:01:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198949
IP address blocks:        145.219.11.0/24 maxlen: 24
                          145.219.8.0/24 maxlen: 24
                          145.219.10.0/24 maxlen: 24
                          145.219.9.0/24 maxlen: 24
                          145.219.15.0/24 maxlen: 24
                          145.219.17.0/24 maxlen: 24
                          145.219.16.0/24 maxlen: 24
                          145.219.12.0/24 maxlen: 24
                          145.219.14.0/24 maxlen: 24
                          145.219.13.0/24 maxlen: 24
                          2a04:b0c0::/45 maxlen: 45
                          2a04:b0c0:8::/45 maxlen: 45

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174371990 (0xa64b496)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
        Validity
            Not Before: Jan  1 06:01:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f70ea9fa134ef8a43976899189a01617d88ecbb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:59:44:db:45:da:3a:6f:59:2d:a5:1a:45:fa:
                    e2:0d:36:4a:12:c0:2d:ef:12:58:0d:a7:df:58:70:
                    3f:3a:60:96:da:07:9f:a2:4c:28:d5:2b:16:e4:66:
                    29:24:4e:da:89:f5:4a:92:70:0d:e3:7b:e6:43:a0:
                    f3:48:c0:99:33:33:73:0d:5c:df:25:42:4b:b4:31:
                    da:bb:9e:e5:41:e8:a3:29:c8:ca:29:0b:bc:c4:01:
                    91:dd:88:d3:80:cb:06:51:a9:2f:b5:df:2d:da:a0:
                    b5:18:bb:fe:6a:b8:51:c7:64:3b:bf:4c:60:2d:e8:
                    72:64:87:9c:63:30:08:28:7d:0b:9a:16:52:be:7c:
                    d0:17:3c:d7:54:36:ac:d6:d9:8b:f2:60:2f:f9:09:
                    97:c3:20:d8:15:ec:be:ff:14:d7:ec:f0:8a:b4:8c:
                    15:0d:cd:e0:b4:cf:e0:d6:ba:23:d6:16:a2:69:d5:
                    1e:e6:02:99:e2:0a:ed:ae:87:a2:55:91:f1:50:20:
                    a8:00:b1:fa:e2:8c:f4:e9:ad:7e:ff:a1:f7:18:d7:
                    c5:44:5d:ca:ce:18:59:37:5f:0e:e4:49:0f:b6:9c:
                    5e:d0:a4:19:2a:7e:c2:ff:d6:6f:eb:c5:a9:bc:3f:
                    37:aa:d9:b3:c3:05:3d:c2:8f:78:5f:a5:f8:bf:35:
                    17:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:0E:A9:FA:13:4E:F8:A4:39:76:89:91:89:A0:16:17:D8:8E:CB:B6
            X509v3 Authority Key Identifier:
                keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.219.8.0-145.219.17.255
                IPv6:
                  2a04:b0c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         38:62:da:11:5b:b1:97:25:66:dc:7c:d7:05:3b:2b:e9:31:ed:
         d8:78:40:02:95:b0:63:0c:7b:f7:9c:24:9e:74:2c:b2:88:4d:
         d5:1f:4c:92:4f:6a:f2:29:9f:97:e3:91:2a:29:a4:80:62:73:
         02:43:a4:e0:d3:24:82:47:d4:a0:9d:5f:2f:be:47:b3:5a:fc:
         44:9b:a4:ba:1c:5c:dd:dd:90:65:3c:f1:41:9b:3b:fb:51:52:
         7d:45:48:66:4e:52:1a:a2:f1:0b:eb:12:32:ae:5a:e3:85:56:
         a1:47:34:00:6f:84:88:f5:73:38:57:71:2f:b5:89:fd:97:09:
         9b:c7:35:6c:39:07:52:fe:5b:42:8e:30:37:04:a3:5a:84:64:
         03:1a:e5:50:a7:6e:95:9b:6e:35:ee:7e:5a:28:7b:e3:54:1b:
         2f:44:6b:c8:f1:ee:05:93:50:d1:36:6c:f3:c2:e6:24:6a:ea:
         b0:9b:38:46:e2:1a:e3:9c:64:19:e8:a7:17:c3:6a:b6:bb:3b:
         aa:6b:8e:53:08:22:d9:7f:3c:b0:7e:99:d6:d2:b2:ef:7f:76:
         f9:5e:41:cf:90:7f:81:e0:ea:13:3b:34:6e:aa:bb:dc:b8:a5:
         d7:e2:28:77:c8:61:f5:79:b9:ad:7d:3b:ca:c2:0f:9d:8d:87:
         22:cd:3d:63
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECmS0ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTZkN2JjYWJmY2MzMDhkNDIwMDUzYzQ4MmEwZDU5ZmIxMjgyZTMwMB4XDTIyMDEw
MTA2MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcwZWE5ZmExMzRl
ZjhhNDM5NzY4OTkxODlhMDE2MTdkODhlY2JiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJZRNtF2jpvWS2lGkX64g02ShLALe8SWA2n31hwPzpgltoH
n6JMKNUrFuRmKSRO2on1SpJwDeN75kOg80jAmTMzcw1c3yVCS7Qx2rue5UHooynI
yikLvMQBkd2I04DLBlGpL7XfLdqgtRi7/mq4UcdkO79MYC3ocmSHnGMwCCh9C5oW
Ur580Bc811Q2rNbZi/JgL/kJl8Mg2BXsvv8U1+zwirSMFQ3N4LTP4Na6I9YWomnV
HuYCmeIK7a6HolWR8VAgqACx+uKM9Omtfv+h9xjXxURdys4YWTdfDuRJD7acXtCk
GSp+wv/Wb+vFqbw/N6rZs8MFPcKPeF+l+L81F9UCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT3Dqn6E074pDl2iZGJoBYX2I7LtjAfBgNVHSMEGDAWgBRubXvKv8wwjUIA
U8SCoNWfsSguMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JtMTd5cl9NTUkxQ0FGUEVncURWbjdFb0xqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNDVjNjg5LWFmYWEtNGRhMy1hOTQyLTkzMTk0ZWI2MTA4ZC8x
Lzl3NnAtaE5PLUtRNWRvbVJpYUFXRjlpT3k3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NDVjNjg5LWFmYWEtNGRhMy1hOTQyLTkzMTk0ZWI2MTA4ZC8xL2JtMTd5cl9NTUkx
Q0FGUEVncURWbjdFb0xqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQDkdsIAwQBkdsQMA8EAgACMAkD
BwQqBLDAAAAwDQYJKoZIhvcNAQELBQADggEBADhi2hFbsZclZtx81wU7K+kx7dh4
QAKVsGMMe/ecJJ50LLKITdUfTJJPavIpn5fjkSoppIBicwJDpODTJIJH1KCdXy++
R7Na/ESbpLocXN3dkGU88UGbO/tRUn1FSGZOUhqi8QvrEjKuWuOFVqFHNABvhIj1
czhXcS+1if2XCZvHNWw5B1L+W0KOMDcEo1qEZAMa5VCnbpWbbjXuflooe+NUGy9E
a8jx7gWTUNE2bPPC5iRq6rCbOEbiGuOcZBnopxfDara7O6prjlMIItl/PLB+mdbS
su9/dvleQc+Qf4Hg6hM7NG6qu9y4pdfiKHfIYfV5ua19O8rCD52NhyLNPWM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:32 2023 by rpki-client on console-ams.rpki-client.org