Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/jB7MKvY7R16BO-YkbcBKWnB3m0k.roa
File:                     jB7MKvY7R16BO-YkbcBKWnB3m0k.roa (raw, json)
Hash identifier:          iFBEEnKsLcFqGfQ1WT58cbZVqnP67icH5snoMQ62sEY=
Subject key identifier:   8C:1E:CC:2A:F6:3B:47:5E:81:3B:E6:24:6D:C0:4A:5A:70:77:9B:49
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       08C74776
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/jB7MKvY7R16BO-YkbcBKWnB3m0k.roa
Signing time:             Sat 21 May 2022 11:25:29 +0000
ROA not before:           Sat 21 May 2022 11:25:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        45.150.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147277686 (0x8c74776)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: May 21 11:25:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c1ecc2af63b475e813be6246dc04a5a70779b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a6:a2:63:c3:d9:dc:d7:ef:23:5f:81:4b:af:
                    7b:b6:52:03:a5:30:f4:26:58:cb:0a:ff:9d:48:c3:
                    9a:cf:b7:14:b3:0e:27:40:61:70:ec:2b:01:3a:20:
                    9c:13:d3:00:38:ed:61:7e:76:76:a3:c2:87:c1:1c:
                    4e:68:91:32:e4:1e:98:d7:d3:51:4e:56:42:f4:ee:
                    dc:f3:ec:83:c0:c8:63:a6:17:5e:ba:e0:c2:3e:b9:
                    21:ee:93:5b:8e:2c:85:ad:8f:4b:8e:7a:dc:42:74:
                    52:29:9f:7b:6a:c8:14:a6:cb:f8:7e:88:3e:1e:47:
                    40:c4:94:6c:fc:19:a2:3d:ee:e5:04:c6:8d:a1:ce:
                    ee:24:a9:94:f2:8e:5d:b9:dc:30:f4:5e:ec:a3:68:
                    13:8a:bc:dd:69:4e:59:a7:ef:de:c1:b0:5e:22:e5:
                    4f:24:c2:43:82:12:91:53:9e:9e:a2:39:e7:a8:b7:
                    f9:a7:53:63:5a:9c:89:e8:6d:d6:e7:b6:b5:85:85:
                    70:4e:a2:d5:d8:39:3d:96:a4:d4:bb:e7:13:dc:7c:
                    5c:4c:9e:fe:c8:6e:98:f1:5c:1f:0c:66:d6:51:21:
                    d3:62:3c:80:45:e5:43:fb:f7:38:4c:a3:ca:3c:95:
                    c7:59:97:b6:a4:cc:b0:dc:1f:5c:4b:26:f6:6b:ab:
                    9f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:1E:CC:2A:F6:3B:47:5E:81:3B:E6:24:6D:C0:4A:5A:70:77:9B:49
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/jB7MKvY7R16BO-YkbcBKWnB3m0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:ac:0f:c4:e6:29:df:12:84:82:c9:96:d7:3a:f5:98:92:1e:
         19:92:4a:46:37:49:a1:b7:5f:b5:19:1d:d1:d5:c6:4f:21:de:
         ef:94:1f:49:99:13:4e:d8:e8:dd:4a:f7:bc:cc:ad:d9:e7:80:
         d4:ee:44:8f:8d:1e:1b:eb:ea:94:90:2c:d1:c8:ed:8e:96:65:
         3b:7f:e5:1c:86:f9:e4:26:b8:1b:70:dc:42:c2:67:82:6e:02:
         38:a5:75:34:ca:1d:6d:b9:ab:ef:09:d8:48:f8:a7:eb:42:20:
         de:3b:c2:88:56:72:ac:5e:5c:c3:5e:73:0e:4a:a5:cd:ac:e3:
         78:93:84:b1:db:23:a0:dc:90:8a:62:34:71:c1:95:fa:ec:1a:
         33:e3:74:2c:c8:c8:f9:bb:3b:34:07:3c:6b:bc:44:77:3d:fd:
         36:9a:c8:89:42:c4:92:08:86:e3:ce:87:f9:ac:2f:a5:22:31:
         80:45:43:fe:d1:79:1b:a0:c0:28:54:46:d1:a4:9d:dd:a0:8d:
         93:09:d1:5c:fa:ff:d7:43:a2:3a:04:63:64:eb:15:c2:bf:bf:
         f7:e2:74:00:a6:98:f7:07:06:07:45:3a:93:d9:68:7b:3e:4b:
         a5:df:82:26:c7:22:95:81:79:30:ea:d8:bd:e7:e2:05:57:d3:
         06:12:5a:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMdHdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDUy
MTExMjUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMxZWNjMmFmNjNi
NDc1ZTgxM2JlNjI0NmRjMDRhNWE3MDc3OWI0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWmomPD2dzX7yNfgUuve7ZSA6Uw9CZYywr/nUjDms+3FLMO
J0BhcOwrATognBPTADjtYX52dqPCh8EcTmiRMuQemNfTUU5WQvTu3PPsg8DIY6YX
Xrrgwj65Ie6TW44sha2PS4563EJ0Uimfe2rIFKbL+H6IPh5HQMSUbPwZoj3u5QTG
jaHO7iSplPKOXbncMPRe7KNoE4q83WlOWafv3sGwXiLlTyTCQ4ISkVOenqI556i3
+adTY1qcieht1ue2tYWFcE6i1dg5PZak1LvnE9x8XEye/shumPFcHwxm1lEh02I8
gEXlQ/v3OEyjyjyVx1mXtqTMsNwfXEsm9murn/UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSMHswq9jtHXoE75iRtwEpacHebSTAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L2pCN01Ldlk3UjE2Qk8tWWtiY0JLV25CM20way5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2WNDANBgkqhkiG9w0BAQsFAAOC
AQEAf6wPxOYp3xKEgsmW1zr1mJIeGZJKRjdJobdftRkd0dXGTyHe75QfSZkTTtjo
3Ur3vMyt2eeA1O5Ej40eG+vqlJAs0cjtjpZlO3/lHIb55Ca4G3DcQsJngm4COKV1
NModbbmr7wnYSPin60Ig3jvCiFZyrF5cw15zDkqlzazjeJOEsdsjoNyQimI0ccGV
+uwaM+N0LMjI+bs7NAc8a7xEdz39NprIiULEkgiG486H+awvpSIxgEVD/tF5G6DA
KFRG0aSd3aCNkwnRXPr/10OiOgRjZOsVwr+/9+J0AKaY9wcGB0U6k9loez5Lpd+C
JscilYF5MOrYvefiBVfTBhJazA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org