Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/J43qkxaS2pbjAo3VEdNtzWY7f8s.roa
File:                     J43qkxaS2pbjAo3VEdNtzWY7f8s.roa (raw, json)
Hash identifier:          YTbuH53C0CyEYM/UESvPsgJr4p5Vgb9Bd9g6zCg4Xqk=
Subject key identifier:   27:8D:EA:93:16:92:DA:96:E3:02:8D:D5:11:D3:6D:CD:66:3B:7F:CB
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       079E68A8
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/J43qkxaS2pbjAo3VEdNtzWY7f8s.roa
Signing time:             Sat 22 Jan 2022 07:04:17 +0000
ROA not before:           Sat 22 Jan 2022 07:04:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        212.115.126.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127821992 (0x79e68a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jan 22 07:04:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=278dea931692da96e3028dd511d36dcd663b7fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:19:15:0c:86:f8:57:ca:08:3b:ff:55:67:fc:
                    fc:ad:31:be:e0:3e:e8:90:c7:8d:f1:4c:70:d6:33:
                    33:43:05:50:8b:a4:01:84:1e:7b:0d:31:d7:f9:e6:
                    49:d5:97:2b:31:51:a9:b0:15:26:86:a4:de:d2:2d:
                    df:1d:58:c1:44:43:d1:78:dc:97:12:ec:1b:09:24:
                    71:52:fa:28:95:57:22:f5:71:60:eb:f0:2c:bd:b2:
                    ee:de:4f:ed:dd:fa:e7:01:c7:0d:b2:d9:88:14:54:
                    60:40:00:d2:22:d6:e5:ac:aa:14:20:2d:55:fc:93:
                    41:b8:5e:1c:38:6d:df:8c:d0:e3:ae:b2:00:7b:bd:
                    f4:8e:b0:bb:92:8e:13:b0:83:90:ef:1d:5e:7d:f3:
                    9d:39:b0:07:7d:3b:9c:6a:e5:6b:ac:cb:94:44:f3:
                    93:ff:7a:e9:7a:31:df:cf:3e:7a:e1:d2:9b:55:14:
                    d3:0e:77:e5:93:cd:2d:d3:6f:d0:40:43:75:d7:0e:
                    fe:50:20:d8:92:ca:a6:cd:85:06:37:75:e0:14:e0:
                    a9:69:99:a0:99:d1:85:14:b7:63:7a:5f:80:48:f2:
                    3b:64:d7:92:44:7f:93:d8:84:91:03:62:bc:4b:89:
                    48:32:33:5d:ff:56:2c:41:15:69:aa:24:7f:21:f2:
                    c4:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:8D:EA:93:16:92:DA:96:E3:02:8D:D5:11:D3:6D:CD:66:3B:7F:CB
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/J43qkxaS2pbjAo3VEdNtzWY7f8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.115.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:7d:e7:df:76:15:af:f9:dd:33:57:0a:fb:c6:00:19:3d:08:
         82:00:eb:a6:85:74:16:11:c0:67:2f:99:77:20:a0:aa:a0:29:
         1d:8f:ef:4b:d5:de:c2:71:01:5e:79:f8:7d:28:23:b5:f3:61:
         05:ec:4d:ee:a7:da:0c:b4:dd:1b:32:19:72:4e:a6:78:57:e9:
         94:ab:b0:e8:e5:ff:c7:d6:07:c5:70:16:dc:65:1a:1e:43:b2:
         23:9f:35:b9:aa:5f:dd:4e:74:02:f2:27:ab:31:01:a3:87:2d:
         37:72:cb:b0:5e:b3:a3:07:6b:b9:87:8d:7e:42:8e:38:0f:19:
         3d:cc:63:40:97:a4:8c:ef:7c:24:bc:c2:c2:93:c9:6f:bb:e6:
         3f:2a:2a:2d:4b:c1:e0:f2:72:25:7a:9c:7e:12:8b:7a:ee:bc:
         94:ae:af:c0:5a:f0:db:5c:d8:3d:b9:ec:80:8b:fd:4a:d5:8a:
         29:2a:68:6c:39:d4:7a:49:9b:ec:db:d5:ce:b6:01:cf:b5:00:
         06:70:3b:c5:ef:79:e9:ef:09:e7:b4:43:5c:8f:e6:2a:64:d3:
         41:34:10:f7:c4:cf:ba:ef:0e:60:61:c7:83:16:20:c0:7c:9c:
         76:e5:89:76:2a:ee:ab:5f:2f:9f:5b:04:ac:b9:2e:42:71:92:
         ad:51:dd:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB55oqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDEy
MjA3MDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjc4ZGVhOTMxNjky
ZGE5NmUzMDI4ZGQ1MTFkMzZkY2Q2NjNiN2ZjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwZFQyG+FfKCDv/VWf8/K0xvuA+6JDHjfFMcNYzM0MFUIuk
AYQeew0x1/nmSdWXKzFRqbAVJoak3tIt3x1YwURD0XjclxLsGwkkcVL6KJVXIvVx
YOvwLL2y7t5P7d365wHHDbLZiBRUYEAA0iLW5ayqFCAtVfyTQbheHDht34zQ466y
AHu99I6wu5KOE7CDkO8dXn3znTmwB307nGrla6zLlETzk/966Xox388+euHSm1UU
0w535ZPNLdNv0EBDddcO/lAg2JLKps2FBjd14BTgqWmZoJnRhRS3Y3pfgEjyO2TX
kkR/k9iEkQNivEuJSDIzXf9WLEEVaaokfyHyxH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQnjeqTFpLaluMCjdUR023NZjt/yzAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L0o0M3FreGFTMnBiakFvM1ZFZE50eldZN2Y4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdRzfjANBgkqhkiG9w0BAQsFAAOC
AQEAPn3n33YVr/ndM1cK+8YAGT0IggDrpoV0FhHAZy+ZdyCgqqApHY/vS9XewnEB
Xnn4fSgjtfNhBexN7qfaDLTdGzIZck6meFfplKuw6OX/x9YHxXAW3GUaHkOyI581
uapf3U50AvInqzEBo4ctN3LLsF6zowdruYeNfkKOOA8ZPcxjQJekjO98JLzCwpPJ
b7vmPyoqLUvB4PJyJXqcfhKLeu68lK6vwFrw21zYPbnsgIv9StWKKSpobDnUekmb
7NvVzrYBz7UABnA7xe956e8J57RDXI/mKmTTQTQQ98TPuu8OYGHHgxYgwHycduWJ
diruq18vn1sErLkuQnGSrVHdQA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org