Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa
File:                     d_cB2KxN631nvhCe8msXm3r_fVs.roa (raw, json)
Hash identifier:          gXdi0c6rd2yadBEw/E5X4xdf0DEseLCOYSMPXfXaPac=
Subject key identifier:   77:F7:01:D8:AC:4D:EB:7D:67:BE:10:9E:F2:6B:17:9B:7A:FF:7D:5B
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       087987A7
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa
Signing time:             Thu 21 Apr 2022 06:40:47 +0000
ROA not before:           Thu 21 Apr 2022 06:40:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        176.105.228.0/22 maxlen: 24
                          45.137.16.0/22 maxlen: 24
                          45.150.52.0/23 maxlen: 24
                          95.214.176.0/22 maxlen: 24
                          91.239.148.0/23 maxlen: 24
                          91.238.92.0/23 maxlen: 24
                          212.115.124.0/22 maxlen: 24
                          45.132.80.0/22 maxlen: 24
                          91.244.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142182311 (0x87987a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Apr 21 06:40:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77f701d8ac4deb7d67be109ef26b179b7aff7d5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d0:13:48:40:32:ff:36:1e:5b:25:57:14:d7:
                    f5:91:5d:56:11:6d:99:60:0f:9d:2d:bc:8a:30:1f:
                    34:a6:ab:61:28:1b:c1:57:72:29:4b:5d:34:fb:56:
                    aa:51:33:c5:e7:d2:e0:7f:4c:9c:d0:96:4d:a2:65:
                    55:04:41:ed:7e:e5:f3:6f:db:f9:9b:0b:19:a4:fe:
                    9c:2a:5c:2b:29:de:d6:94:cb:05:f6:34:20:77:95:
                    74:35:ce:5e:04:42:a1:57:c2:77:8f:ed:1c:f1:e9:
                    85:a8:dd:64:a2:bf:e8:df:26:a6:0b:f5:b0:0d:48:
                    21:a8:a0:91:5b:f3:da:25:65:47:82:d6:fd:8d:98:
                    1d:34:9a:75:05:96:89:ee:2a:db:17:89:66:2a:26:
                    b5:96:61:6f:fe:68:a0:31:5a:70:5d:89:c9:e6:77:
                    f8:5c:57:9f:98:25:82:a1:ea:a3:68:21:f2:4f:3a:
                    28:ca:3c:f9:a2:19:ac:4d:78:cd:ca:7d:87:bb:e7:
                    ea:ca:58:82:7a:69:7c:7e:94:e8:fd:8c:a2:c6:64:
                    d5:8f:b6:42:72:bc:5a:05:c6:c7:5d:a3:91:7b:7c:
                    a6:38:b5:e6:42:20:b2:e7:f2:77:32:39:a7:ce:e8:
                    62:84:78:ba:e1:c1:cd:97:2d:e7:8b:28:67:66:23:
                    4a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:F7:01:D8:AC:4D:EB:7D:67:BE:10:9E:F2:6B:17:9B:7A:FF:7D:5B
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/d_cB2KxN631nvhCe8msXm3r_fVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.80.0/22
                  45.137.16.0/22
                  45.150.52.0/23
                  91.238.92.0/23
                  91.239.148.0/23
                  91.244.199.0/24
                  95.214.176.0/22
                  176.105.228.0/22
                  212.115.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:1c:ce:42:25:41:2c:df:05:dd:48:30:05:49:1e:83:ec:1d:
         a7:61:29:fc:7f:97:cb:61:6e:c9:be:3f:4c:da:60:07:1d:47:
         74:cb:4f:79:39:5c:68:b0:1b:c2:56:59:c5:48:81:27:a3:df:
         19:97:23:48:e3:53:ba:2c:ce:18:73:6c:a1:f0:d8:ca:05:e6:
         85:6d:7d:b3:41:ce:62:cb:9c:85:99:60:9e:98:57:3d:6c:5c:
         47:ee:64:6a:67:e0:57:0f:22:e3:8f:bc:04:88:dc:e3:a7:19:
         46:81:6f:11:a5:59:11:98:73:d2:94:fc:cc:d2:b9:7e:e4:34:
         2d:f6:75:c9:54:7f:6c:6d:4b:26:61:6c:46:ec:7e:88:7f:0f:
         70:f8:52:18:32:66:53:56:d4:b7:08:dd:9d:86:f4:0c:57:fc:
         f5:39:cf:c9:29:95:9b:ed:89:77:73:71:27:0d:b6:6c:66:9a:
         d3:60:9c:6d:8d:65:5e:64:db:6d:9d:ec:9f:e4:3d:c0:3e:4b:
         34:d2:1b:12:4f:ef:a7:66:06:e4:82:fc:25:e9:6c:d5:6d:06:
         f2:6c:ac:88:4d:04:8e:6e:42:d2:ed:69:fd:1c:2a:bf:2f:12:
         f2:15:b3:8a:69:4b:46:f8:37:b0:71:3e:ac:9c:94:7e:9b:36:
         61:77:6b:df
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECHmHpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDQy
MTA2NDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdmNzAxZDhhYzRk
ZWI3ZDY3YmUxMDllZjI2YjE3OWI3YWZmN2Q1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfQE0hAMv82HlslVxTX9ZFdVhFtmWAPnS28ijAfNKarYSgb
wVdyKUtdNPtWqlEzxefS4H9MnNCWTaJlVQRB7X7l82/b+ZsLGaT+nCpcKyne1pTL
BfY0IHeVdDXOXgRCoVfCd4/tHPHphajdZKK/6N8mpgv1sA1IIaigkVvz2iVlR4LW
/Y2YHTSadQWWie4q2xeJZiomtZZhb/5ooDFacF2JyeZ3+FxXn5glgqHqo2gh8k86
KMo8+aIZrE14zcp9h7vn6spYgnppfH6U6P2MosZk1Y+2QnK8WgXGx12jkXt8pji1
5kIgsufydzI5p87oYoR4uuHBzZct54soZ2YjSjkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBR39wHYrE3rfWe+EJ7yaxebev99WzAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L2RfY0IyS3hONjMxbnZoQ2U4bXNYbTNyX2ZWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAi2EUAMEAi2JEAMEAS2WNAMEAVvu
XAMEAVvvlAMEAFv0xwMEAl/WsAMEArBp5AMEAtRzfDANBgkqhkiG9w0BAQsFAAOC
AQEALhzOQiVBLN8F3UgwBUkeg+wdp2Ep/H+Xy2Fuyb4/TNpgBx1HdMtPeTlcaLAb
wlZZxUiBJ6PfGZcjSONTuizOGHNsofDYygXmhW19s0HOYsuchZlgnphXPWxcR+5k
amfgVw8i44+8BIjc46cZRoFvEaVZEZhz0pT8zNK5fuQ0LfZ1yVR/bG1LJmFsRux+
iH8PcPhSGDJmU1bUtwjdnYb0DFf89TnPySmVm+2Jd3NxJw22bGaa02CcbY1lXmTb
bZ3sn+Q9wD5LNNIbEk/vp2YG5IL8Jels1W0G8mysiE0Ejm5C0u1p/Rwqvy8S8hWz
imlLRvg3sHE+rJyUfps2YXdr3w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:12 2023 by rpki-client on console-ams.rpki-client.org