Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/V5KT0UtCIMvCNvOh_0a8IbqOxx0.roa
File:                     V5KT0UtCIMvCNvOh_0a8IbqOxx0.roa (raw, json)
Hash identifier:          irX1aiIlso3GeMl1+MRriGcpMicmpfPRz39RHpegyzk=
Subject key identifier:   57:92:93:D1:4B:42:20:CB:C2:36:F3:A1:FF:46:BC:21:BA:8E:C7:1D
Certificate issuer:       /CN=75620e5666518bb700409fb4087a875c99f37211
Certificate serial:       B5371F
Authority key identifier: 75:62:0E:56:66:51:8B:B7:00:40:9F:B4:08:7A:87:5C:99:F3:72:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dWIOVmZRi7cAQJ-0CHqHXJnzchE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/V5KT0UtCIMvCNvOh_0a8IbqOxx0.roa
Signing time:             Sat 01 Jan 2022 06:58:16 +0000
ROA not before:           Sat 01 Jan 2022 06:58:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        62.106.82.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11876127 (0xb5371f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75620e5666518bb700409fb4087a875c99f37211
        Validity
            Not Before: Jan  1 06:58:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=579293d14b4220cbc236f3a1ff46bc21ba8ec71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e1:29:7d:9d:38:0d:0c:2f:12:55:df:5e:ca:
                    c1:b8:03:a5:50:75:34:04:f2:79:a2:b0:77:b9:df:
                    30:83:0d:01:b7:e1:97:c6:d5:61:db:e6:1e:38:66:
                    d1:8d:bd:57:99:38:ac:ce:df:16:40:b5:fd:aa:1a:
                    0f:ce:a0:e9:48:5e:78:ca:2c:d3:dd:ce:d8:c5:b0:
                    6a:30:7d:a4:a9:ed:7f:45:28:b0:c1:22:f1:d6:c7:
                    83:0f:1e:c5:f3:94:ed:6b:c7:fe:c1:ac:f1:da:4e:
                    c6:64:8e:3e:a1:4d:0c:4e:f3:fc:f3:e5:8b:50:cc:
                    fe:29:16:ac:e8:20:b5:df:2a:63:55:57:99:af:f1:
                    df:31:96:a1:a4:a0:c0:88:fa:5e:f0:20:e7:a7:17:
                    41:ca:28:53:7e:78:e4:e4:1f:1a:19:0b:5e:8a:91:
                    99:34:f2:ae:35:12:7d:13:8a:18:1b:6d:6e:ec:1c:
                    d5:41:79:c1:a5:65:c9:79:c9:63:df:b3:33:82:3a:
                    f3:bd:19:3c:1d:b2:98:0d:30:b9:85:72:2c:69:9c:
                    52:ce:4b:16:6f:02:9c:3a:01:da:a0:c6:3a:76:5d:
                    09:41:af:ef:37:f7:17:b1:87:e4:0a:aa:51:1f:d2:
                    f2:79:21:ea:ef:5d:7e:db:d1:e9:04:b8:f0:a7:e5:
                    0e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:92:93:D1:4B:42:20:CB:C2:36:F3:A1:FF:46:BC:21:BA:8E:C7:1D
            X509v3 Authority Key Identifier:
                keyid:75:62:0E:56:66:51:8B:B7:00:40:9F:B4:08:7A:87:5C:99:F3:72:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dWIOVmZRi7cAQJ-0CHqHXJnzchE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/V5KT0UtCIMvCNvOh_0a8IbqOxx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/dWIOVmZRi7cAQJ-0CHqHXJnzchE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.106.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:85:7f:8c:80:12:72:6e:f8:a2:4e:93:c7:1f:42:be:81:c3:
         8e:46:b8:2d:81:d4:29:94:2a:82:43:69:3b:06:10:8d:79:14:
         0b:bb:60:f2:22:1f:3d:5a:d4:fb:b8:f4:2a:bb:ce:1b:86:af:
         57:b1:0b:37:a2:04:c5:f4:c2:0f:2f:00:05:4d:4e:10:50:7c:
         a7:95:e9:d7:04:53:c0:15:6c:a8:59:c0:6d:b3:87:03:0f:a1:
         4d:28:e9:54:68:56:ae:bf:7d:dd:a6:8e:e3:aa:d5:bf:68:bd:
         be:67:23:bd:93:81:e2:9e:6b:2f:25:ba:54:79:a4:cf:f7:fd:
         74:5c:6f:9e:98:16:78:62:b8:07:b1:fb:90:08:c7:9c:2b:ac:
         7b:46:dd:a8:64:bb:72:ba:7b:a2:e2:e5:97:b7:b0:b5:fb:29:
         3e:10:34:ca:60:35:b6:bb:a8:8f:9a:be:9f:5c:73:ce:5d:82:
         cf:43:ed:2c:a2:06:0d:8b:12:51:1d:f7:4c:e8:c3:b2:e2:03:
         3d:74:c4:ca:1e:7c:92:b0:42:15:23:d0:78:61:a5:f7:f1:60:
         8c:1d:da:fc:2a:79:bd:6f:3d:05:4b:da:20:9c:01:ff:6d:91:
         6a:29:3e:ab:95:b7:a1:1c:ed:e0:76:82:b9:ac:ad:5c:c6:48:
         bd:28:92:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALU3HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTYyMGU1NjY2NTE4YmI3MDA0MDlmYjQwODdhODc1Yzk5ZjM3MjExMB4XDTIyMDEw
MTA2NTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTc5MjkzZDE0YjQy
MjBjYmMyMzZmM2ExZmY0NmJjMjFiYThlYzcxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbhKX2dOA0MLxJV317KwbgDpVB1NATyeaKwd7nfMIMNAbfh
l8bVYdvmHjhm0Y29V5k4rM7fFkC1/aoaD86g6UheeMos093O2MWwajB9pKntf0Uo
sMEi8dbHgw8exfOU7WvH/sGs8dpOxmSOPqFNDE7z/PPli1DM/ikWrOggtd8qY1VX
ma/x3zGWoaSgwIj6XvAg56cXQcooU3545OQfGhkLXoqRmTTyrjUSfROKGBttbuwc
1UF5waVlyXnJY9+zM4I6870ZPB2ymA0wuYVyLGmcUs5LFm8CnDoB2qDGOnZdCUGv
7zf3F7GH5AqqUR/S8nkh6u9dftvR6QS48KflDlkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRXkpPRS0Igy8I286H/Rrwhuo7HHTAfBgNVHSMEGDAWgBR1Yg5WZlGLtwBA
n7QIeodcmfNyETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RXSU9WbVpSaTdjQVFKLTBDSHFIWEpuemNoRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvOWE3ODdjLTZhOWQtNDY4OS1iOTc5LWM5YmFlZGEwNjUxNS8x
L1Y1S1QwVXRDSU12Q052T2hfMGE4SWJxT3h4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
OWE3ODdjLTZhOWQtNDY4OS1iOTc5LWM5YmFlZGEwNjUxNS8xL2RXSU9WbVpSaTdj
QVFKLTBDSHFIWEpuemNoRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5qUjANBgkqhkiG9w0BAQsFAAOC
AQEAkoV/jIAScm74ok6Txx9CvoHDjka4LYHUKZQqgkNpOwYQjXkUC7tg8iIfPVrU
+7j0KrvOG4avV7ELN6IExfTCDy8ABU1OEFB8p5Xp1wRTwBVsqFnAbbOHAw+hTSjp
VGhWrr993aaO46rVv2i9vmcjvZOB4p5rLyW6VHmkz/f9dFxvnpgWeGK4B7H7kAjH
nCuse0bdqGS7crp7ouLll7ewtfspPhA0ymA1truoj5q+n1xzzl2Cz0PtLKIGDYsS
UR33TOjDsuIDPXTEyh58krBCFSPQeGGl9/FgjB3a/Cp5vW89BUvaIJwB/22Raik+
q5W3oRzt4HaCuaytXMZIvSiSAA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:35 2023 by rpki-client on console-ams.rpki-client.org