Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mx5wg5VXQNU46KX4uf2Lb2lgNeo.roa
File:                     mx5wg5VXQNU46KX4uf2Lb2lgNeo.roa (raw, json)
Hash identifier:          9D4jK3HFpUxTAVk68PQmLB0NXDtHgKvSW6WEOAkoC6U=
Subject key identifier:   9B:1E:70:83:95:57:40:D5:38:E8:A5:F8:B9:FD:8B:6F:69:60:35:EA
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       07EB9075
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mx5wg5VXQNU46KX4uf2Lb2lgNeo.roa
Signing time:             Wed 23 Feb 2022 18:55:20 +0000
ROA not before:           Wed 23 Feb 2022 18:55:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197071
IP address blocks:        176.105.229.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132878453 (0x7eb9075)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Feb 23 18:55:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b1e7083955740d538e8a5f8b9fd8b6f696035ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:95:95:a6:e8:aa:08:0f:2f:0a:7b:63:6e:53:
                    7c:f7:54:5d:e2:3f:da:1f:c9:ad:7e:31:e8:72:b7:
                    3d:04:5f:4a:04:b1:0b:e4:ba:c5:a6:7a:f7:29:27:
                    05:6e:27:76:c6:18:cb:01:4e:3e:12:c7:61:60:79:
                    da:dd:f9:65:54:0b:00:00:e8:56:d1:7b:9b:72:f0:
                    37:8e:01:87:9b:1b:14:c2:1a:29:4a:53:d4:0d:32:
                    dd:98:bc:05:16:4d:84:56:eb:67:ae:9d:6e:2c:ed:
                    e7:db:c9:2a:5b:4d:da:7f:2b:a0:30:4e:a0:26:3f:
                    de:71:80:36:50:51:b3:ee:34:c5:a0:28:af:e1:7b:
                    20:3e:a0:6d:99:84:18:a3:33:a8:46:dc:3e:b6:69:
                    ff:b9:7e:06:1a:d2:46:19:e7:1c:2c:7c:0c:3e:02:
                    48:0c:90:2f:ea:30:76:80:00:e3:3c:43:68:db:57:
                    58:19:25:c6:be:bb:5b:28:3e:44:da:be:f0:85:68:
                    df:42:ff:fc:56:6c:cb:cf:c5:4d:ec:30:d3:f7:4d:
                    3a:35:9c:8f:5a:db:3e:5f:45:20:78:41:2a:f2:ba:
                    e3:4f:7e:d1:a8:d6:d0:fb:04:fd:aa:c1:75:44:ae:
                    54:65:50:88:91:ba:fd:75:e8:d6:68:fa:d3:9f:6c:
                    03:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:1E:70:83:95:57:40:D5:38:E8:A5:F8:B9:FD:8B:6F:69:60:35:EA
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mx5wg5VXQNU46KX4uf2Lb2lgNeo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:9b:69:af:d3:d2:a7:8b:10:e9:0f:31:98:70:f4:b5:d6:55:
         2d:d5:16:ee:f8:bc:71:87:87:1a:1b:a1:e1:33:1e:11:e1:c3:
         6f:69:93:c8:cc:02:20:2a:80:02:df:8b:32:e6:4b:be:9e:97:
         b7:02:44:c8:28:ed:26:f6:e1:73:c4:3a:68:a6:b5:d5:d7:17:
         dc:c6:4f:82:c9:aa:e7:cb:5d:cc:08:9b:6d:ca:89:2f:e7:b2:
         36:63:29:89:4a:9c:a7:2d:56:bd:f9:40:60:e1:b5:f3:fc:40:
         09:53:6a:8b:3b:3e:b2:71:56:0f:56:e3:91:c5:36:dc:d6:9f:
         ae:f1:61:f0:ec:5c:f2:30:0c:9a:ca:0e:c7:fa:62:f9:2a:8c:
         97:da:a6:55:2d:66:fb:e6:23:2d:63:d0:4d:58:80:8a:a8:64:
         32:37:e6:e6:59:a3:d2:c2:d8:2b:0d:eb:2c:cb:86:51:e0:62:
         33:a8:93:48:cc:77:46:0f:38:0a:85:77:be:1a:a4:fc:4f:2a:
         ae:57:70:c6:ee:1b:ab:79:9c:ea:26:36:46:c9:d1:c2:54:1a:
         18:c9:5a:2f:04:06:92:22:ec:52:1b:cb:9b:fa:84:56:96:4c:
         3d:38:57:70:97:76:5c:68:a2:7e:a9:c2:d0:16:e2:5a:f6:f7:
         6f:99:e6:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB+uQdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDIy
MzE4NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIxZTcwODM5NTU3
NDBkNTM4ZThhNWY4YjlmZDhiNmY2OTYwMzVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6VlaboqggPLwp7Y25TfPdUXeI/2h/JrX4x6HK3PQRfSgSx
C+S6xaZ69yknBW4ndsYYywFOPhLHYWB52t35ZVQLAADoVtF7m3LwN44Bh5sbFMIa
KUpT1A0y3Zi8BRZNhFbrZ66dbizt59vJKltN2n8roDBOoCY/3nGANlBRs+40xaAo
r+F7ID6gbZmEGKMzqEbcPrZp/7l+BhrSRhnnHCx8DD4CSAyQL+owdoAA4zxDaNtX
WBklxr67Wyg+RNq+8IVo30L//FZsy8/FTeww0/dNOjWcj1rbPl9FIHhBKvK6409+
0ajW0PsE/arBdUSuVGVQiJG6/XXo1mj6059sAxMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSbHnCDlVdA1Tjopfi5/YtvaWA16jAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L214NXdnNVZYUU5VNDZLWDR1ZjJMYjJsZ05lby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBp5TANBgkqhkiG9w0BAQsFAAOC
AQEAS5tpr9PSp4sQ6Q8xmHD0tdZVLdUW7vi8cYeHGhuh4TMeEeHDb2mTyMwCICqA
At+LMuZLvp6XtwJEyCjtJvbhc8Q6aKa11dcX3MZPgsmq58tdzAibbcqJL+eyNmMp
iUqcpy1WvflAYOG18/xACVNqizs+snFWD1bjkcU23NafrvFh8Oxc8jAMmsoOx/pi
+SqMl9qmVS1m++YjLWPQTViAiqhkMjfm5lmj0sLYKw3rLMuGUeBiM6iTSMx3Rg84
CoV3vhqk/E8qrldwxu4bq3mc6iY2RsnRwlQaGMlaLwQGkiLsUhvLm/qEVpZMPThX
cJd2XGiifqnC0BbiWvb3b5nmfQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org