Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Bq1Vc-KKv2SaUfR-cqRM-8-PmoM.roa
File:                     Bq1Vc-KKv2SaUfR-cqRM-8-PmoM.roa (raw, json)
Hash identifier:          KtXjE2z4a+GmB3vaUg11jo4eNl6Ub7kFZU2PZdyLr0o=
Subject key identifier:   06:AD:55:73:E2:8A:BF:64:9A:51:F4:7E:72:A4:4C:FB:CF:8F:9A:83
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       07B1F93D
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Bq1Vc-KKv2SaUfR-cqRM-8-PmoM.roa
Signing time:             Fri 28 Jan 2022 19:07:02 +0000
ROA not before:           Fri 28 Jan 2022 19:07:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        45.137.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129104189 (0x7b1f93d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jan 28 19:07:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06ad5573e28abf649a51f47e72a44cfbcf8f9a83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:48:59:8e:92:24:64:81:1f:d0:1c:93:b1:38:
                    c7:c7:6c:0a:f2:c1:5c:b0:bf:7b:fb:9f:39:64:b1:
                    71:87:c4:56:c3:ed:2d:9d:83:00:7a:a5:fc:64:f4:
                    db:d6:0c:13:6d:18:07:82:42:9e:e0:fb:12:24:17:
                    47:dc:6d:8d:29:6a:ab:e2:e7:4e:15:a3:39:5e:b1:
                    7d:5c:96:f8:f4:aa:ad:9a:cc:7a:74:a5:9f:1a:4c:
                    09:14:bf:e1:c0:41:2a:b2:0a:67:14:58:16:5b:79:
                    1e:04:c9:3c:2f:89:16:dd:ef:e4:0c:25:75:a8:9c:
                    ee:5b:1e:16:34:11:62:e0:d1:1e:d6:a1:f8:b4:5d:
                    17:be:c0:78:32:34:c4:22:71:b6:c1:9f:94:bb:4f:
                    7e:17:ea:b7:44:6c:12:16:e1:24:0a:51:bd:4b:ce:
                    fe:49:8b:b0:b4:94:e2:e0:0c:57:4b:43:91:4c:eb:
                    a7:5e:d7:e3:6b:b0:13:85:4a:58:74:5f:dd:fd:d6:
                    f4:b2:b3:d4:bc:c3:80:08:49:1f:b3:0c:5d:11:19:
                    5b:1f:16:ac:5a:97:4c:45:a5:44:04:31:c7:bf:60:
                    88:8b:36:1f:d6:2c:ad:ac:69:53:ca:21:a4:33:19:
                    a5:dc:63:4f:4a:b2:87:97:db:f8:bc:c4:4e:69:46:
                    c9:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:AD:55:73:E2:8A:BF:64:9A:51:F4:7E:72:A4:4C:FB:CF:8F:9A:83
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Bq1Vc-KKv2SaUfR-cqRM-8-PmoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:25:57:0c:63:63:a2:d4:40:ed:4d:f0:57:9a:f4:77:63:18:
         b7:a5:31:2a:3e:8d:15:17:24:0f:16:8f:75:d2:5e:60:52:c8:
         19:60:f6:c2:ce:64:ee:b8:14:35:25:96:1e:85:46:04:10:8f:
         43:d9:94:0b:ad:50:df:83:1d:58:c0:b6:9f:f9:db:2b:92:75:
         6b:ae:2e:b7:1b:26:63:d6:14:2c:43:8d:86:c7:fe:f0:ed:da:
         fb:79:17:6e:7a:36:ec:cc:5d:42:3f:b6:a2:23:42:4f:ed:e3:
         1d:2f:c0:17:e6:e8:1f:3b:a7:a4:6f:57:77:88:23:00:90:83:
         ae:99:fa:ce:f3:ce:cb:9a:71:29:8f:f1:d7:19:f3:18:b8:4d:
         1c:a5:55:63:7d:98:08:01:a9:55:ec:98:e5:75:62:60:52:c9:
         4d:ac:8d:f4:ce:74:35:bc:0c:84:35:42:6a:8d:67:05:b1:6e:
         aa:12:e7:2f:8c:27:8a:d9:73:36:c3:e1:b5:25:2b:2a:72:f3:
         6a:1a:b9:b5:2a:88:89:eb:11:aa:04:34:21:95:78:99:b3:ff:
         fc:78:9f:4d:ec:8b:19:bc:bd:dc:48:32:32:3c:5e:41:cf:85:
         8f:bf:48:b3:07:12:f0:e3:62:9c:f5:f0:88:c4:a6:8c:08:fd:
         03:74:0a:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7H5PTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDEy
ODE5MDcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZhZDU1NzNlMjhh
YmY2NDlhNTFmNDdlNzJhNDRjZmJjZjhmOWE4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpIWY6SJGSBH9Ack7E4x8dsCvLBXLC/e/ufOWSxcYfEVsPt
LZ2DAHql/GT029YME20YB4JCnuD7EiQXR9xtjSlqq+LnThWjOV6xfVyW+PSqrZrM
enSlnxpMCRS/4cBBKrIKZxRYFlt5HgTJPC+JFt3v5Awldaic7lseFjQRYuDRHtah
+LRdF77AeDI0xCJxtsGflLtPfhfqt0RsEhbhJApRvUvO/kmLsLSU4uAMV0tDkUzr
p17X42uwE4VKWHRf3f3W9LKz1LzDgAhJH7MMXREZWx8WrFqXTEWlRAQxx79giIs2
H9YsraxpU8ohpDMZpdxjT0qyh5fb+LzETmlGyS0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGrVVz4oq/ZJpR9H5ypEz7z4+agzAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L0JxMVZjLUtLdjJTYVVmUi1jcVJNLTgtUG1vTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2JETANBgkqhkiG9w0BAQsFAAOC
AQEAiiVXDGNjotRA7U3wV5r0d2MYt6UxKj6NFRckDxaPddJeYFLIGWD2ws5k7rgU
NSWWHoVGBBCPQ9mUC61Q34MdWMC2n/nbK5J1a64utxsmY9YULEONhsf+8O3a+3kX
bno27MxdQj+2oiNCT+3jHS/AF+boHzunpG9Xd4gjAJCDrpn6zvPOy5pxKY/x1xnz
GLhNHKVVY32YCAGpVeyY5XViYFLJTayN9M50NbwMhDVCao1nBbFuqhLnL4wnitlz
NsPhtSUrKnLzahq5tSqIiesRqgQ0IZV4mbP//HifTeyLGby93EgyMjxeQc+Fj79I
swcS8ONinPXwiMSmjAj9A3QKeQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:18 2023 by rpki-client on console-fra.rpki-client.org