Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/hhunMZJi21am1myWNO5nhvNlIDw.roa
File:                     hhunMZJi21am1myWNO5nhvNlIDw.roa (raw, json)
Hash identifier:          5mnkZ1N/hMOdLwm/Npucm0xq5UZBOmHq6k0+hHCTmKY=
Subject key identifier:   86:1B:A7:31:92:62:DB:56:A6:D6:6C:96:34:EE:67:86:F3:65:20:3C
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       08BFFEA3
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/hhunMZJi21am1myWNO5nhvNlIDw.roa
Signing time:             Thu 19 May 2022 12:57:29 +0000
ROA not before:           Thu 19 May 2022 12:57:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        45.137.16.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146800291 (0x8bffea3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: May 19 12:57:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=861ba7319262db56a6d66c9634ee6786f365203c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:2e:83:6a:d1:19:59:f0:98:06:79:af:79:7d:
                    be:30:24:61:4f:0a:aa:ff:4f:45:7f:b3:a8:e6:93:
                    cd:77:b5:49:e0:0b:15:fa:8b:f5:7c:b9:47:03:b2:
                    28:44:42:a5:65:25:f0:dd:c2:6d:37:a2:69:7b:91:
                    0a:8d:a2:7d:4e:3a:87:46:0c:13:d4:e3:60:f2:0c:
                    da:12:87:87:32:f9:53:9f:9d:a1:e8:9f:57:07:38:
                    cb:b9:3c:4e:a8:a7:8f:70:55:a4:71:d2:10:52:20:
                    60:a3:21:31:1e:98:b2:f8:0c:3f:2e:f9:41:cd:d6:
                    da:89:94:63:30:c4:94:3d:ab:60:75:10:69:54:df:
                    95:9f:90:7d:a6:59:fc:f2:c3:0d:16:d7:92:61:eb:
                    14:1b:ae:46:7e:02:56:a3:82:44:6a:c8:79:af:8d:
                    c8:22:81:9b:a9:63:d9:2f:82:5a:cf:e4:65:90:52:
                    a0:bf:3b:a6:2c:81:cb:45:2b:f9:b9:1a:b9:6e:50:
                    50:53:62:b0:05:a8:6b:e9:f9:f9:eb:37:db:a9:e1:
                    61:f8:d2:fa:c2:6f:8b:21:06:9e:56:19:0b:eb:4e:
                    0c:3e:36:6c:82:e9:90:fa:72:e2:5b:7e:fe:87:8d:
                    37:75:b9:93:b9:14:a7:5a:c4:84:ae:d9:52:19:5c:
                    fb:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:1B:A7:31:92:62:DB:56:A6:D6:6C:96:34:EE:67:86:F3:65:20:3C
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/hhunMZJi21am1myWNO5nhvNlIDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:cc:2d:1e:ff:27:8f:62:99:b5:55:19:59:be:eb:f5:f2:27:
         ee:df:e9:43:84:bb:1c:7a:77:71:aa:d1:c7:77:27:04:5a:e1:
         b5:9c:1d:12:40:6a:3a:11:61:87:b6:77:76:87:54:ea:64:e1:
         22:25:e7:b7:74:5f:b6:21:d5:77:1b:5e:98:db:f1:51:09:7b:
         84:56:26:6d:34:d7:47:39:f9:36:57:39:f3:d4:e9:ba:e8:b9:
         9a:af:fd:b3:93:45:f3:c6:41:c3:c7:68:f3:4e:03:70:c0:5d:
         26:48:0b:67:47:9e:91:aa:f2:29:78:b8:a3:8e:f7:9d:5e:16:
         53:34:f0:2f:40:86:45:ce:b9:74:f7:c3:1f:c6:d4:ff:4b:3e:
         22:0f:82:fc:c4:a1:9a:43:89:4c:98:5a:89:ab:b1:7b:9a:12:
         93:04:cc:c1:4a:ea:5d:5f:47:1c:cc:c2:d7:e9:b2:70:8b:e3:
         dc:96:48:1e:70:68:1e:19:7e:89:10:1a:d0:dc:83:f6:6d:a9:
         92:cf:b3:8d:8c:cb:08:05:61:0f:b7:57:55:f6:ef:9f:10:ea:
         0c:bb:bd:66:6a:47:78:07:b9:ec:d8:17:22:46:06:b8:be:ec:
         70:a7:4a:e9:04:3f:77:56:72:f3:b1:28:cd:06:b7:52:e2:35:
         fd:c5:2b:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECL/+ozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDUx
OTEyNTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYxYmE3MzE5MjYy
ZGI1NmE2ZDY2Yzk2MzRlZTY3ODZmMzY1MjAzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoug2rRGVnwmAZ5r3l9vjAkYU8Kqv9PRX+zqOaTzXe1SeAL
FfqL9Xy5RwOyKERCpWUl8N3CbTeiaXuRCo2ifU46h0YME9TjYPIM2hKHhzL5U5+d
oeifVwc4y7k8Tqinj3BVpHHSEFIgYKMhMR6YsvgMPy75Qc3W2omUYzDElD2rYHUQ
aVTflZ+QfaZZ/PLDDRbXkmHrFBuuRn4CVqOCRGrIea+NyCKBm6lj2S+CWs/kZZBS
oL87piyBy0Ur+bkauW5QUFNisAWoa+n5+es326nhYfjS+sJviyEGnlYZC+tODD42
bILpkPpy4lt+/oeNN3W5k7kUp1rEhK7ZUhlc+2MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGG6cxkmLbVqbWbJY07meG82UgPDAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L2hodW5NWkppMjFhbTFteVdOTzVuaHZObElEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2JEDANBgkqhkiG9w0BAQsFAAOC
AQEAFswtHv8nj2KZtVUZWb7r9fIn7t/pQ4S7HHp3carRx3cnBFrhtZwdEkBqOhFh
h7Z3dodU6mThIiXnt3RftiHVdxtemNvxUQl7hFYmbTTXRzn5Nlc589Tpuui5mq/9
s5NF88ZBw8do804DcMBdJkgLZ0eekaryKXi4o473nV4WUzTwL0CGRc65dPfDH8bU
/0s+Ig+C/MShmkOJTJhaiauxe5oSkwTMwUrqXV9HHMzC1+mycIvj3JZIHnBoHhl+
iRAa0NyD9m2pks+zjYzLCAVhD7dXVfbvnxDqDLu9ZmpHeAe57NgXIkYGuL7scKdK
6QQ/d1Zy87EozQa3UuI1/cUrdQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org