Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xAYI7wp-kylfvAfPnIPAhbOVAPc.roa
File:                     xAYI7wp-kylfvAfPnIPAhbOVAPc.roa (raw, json)
Hash identifier:          uxXpJBlq00RjCuQaqpkRTm4JJpyPCCestojAn5fszEY=
Subject key identifier:   C4:06:08:EF:0A:7E:93:29:5F:BC:07:CF:9C:83:C0:85:B3:95:00:F7
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       0765EDDA
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xAYI7wp-kylfvAfPnIPAhbOVAPc.roa
Signing time:             Sat 01 Jan 2022 03:51:34 +0000
ROA not before:           Sat 01 Jan 2022 03:51:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399641
IP address blocks:        176.105.231.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124120538 (0x765edda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jan  1 03:51:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c40608ef0a7e93295fbc07cf9c83c085b39500f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5b:95:e4:8e:30:aa:3c:b7:0a:48:7c:16:45:
                    22:57:a4:45:fb:06:e0:13:61:7d:70:09:38:b5:01:
                    0a:4e:58:f4:fb:9e:cd:20:b4:bf:4a:90:74:6f:7e:
                    6c:02:a8:50:6f:e5:9c:2b:d3:f3:44:d9:c1:f6:cf:
                    8b:b4:63:bf:51:5b:4c:88:cf:12:53:55:19:e3:22:
                    ba:54:d6:b8:05:80:4e:51:fd:38:c5:61:e7:ba:ff:
                    2f:af:3c:39:da:79:bb:ed:16:c0:72:c5:c8:8d:ac:
                    f9:d0:ac:a1:3d:32:44:8a:58:2b:55:ba:77:bf:ea:
                    90:f0:6b:1e:eb:c5:6b:a6:7e:23:6d:de:a3:d0:be:
                    6c:5c:04:80:89:f7:33:af:75:09:b6:2c:2f:c2:6e:
                    d7:fd:51:de:35:01:31:6e:13:0c:c1:38:f7:5d:83:
                    f5:8f:4b:73:8a:f3:20:47:e3:61:fc:f7:a6:01:a5:
                    79:6c:05:96:fb:79:5f:7c:fd:fe:83:72:01:c7:27:
                    66:20:fa:cb:da:55:80:d9:7c:b6:2c:0e:d4:49:e2:
                    a2:7a:f1:f6:7f:80:99:c9:0d:73:5a:d3:ad:68:d6:
                    d6:2c:c7:7e:30:86:85:5b:0d:a7:68:20:02:ee:5b:
                    7b:d8:d9:e4:9b:16:f7:3d:9c:32:36:2c:74:40:0d:
                    24:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:06:08:EF:0A:7E:93:29:5F:BC:07:CF:9C:83:C0:85:B3:95:00:F7
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/xAYI7wp-kylfvAfPnIPAhbOVAPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:f8:e6:5d:e1:99:c6:86:56:aa:1c:d9:2f:6e:aa:65:9c:f5:
         7a:91:bc:b0:ba:c4:8d:3b:0c:8d:00:83:49:64:c1:b1:53:0e:
         52:b7:a8:bb:e8:5a:e3:67:cc:8c:af:48:27:38:b8:ae:6d:f8:
         6e:f6:9c:29:83:62:a3:22:59:d0:52:1d:6b:c2:74:be:50:e1:
         43:2e:86:d4:4e:65:5a:74:1a:c2:85:51:94:7d:cb:b8:9e:5b:
         03:0c:a6:5b:88:11:f0:e5:84:18:57:b2:63:ac:e3:42:dc:cf:
         75:13:4d:ce:70:6f:fd:d8:5b:1e:8b:a2:05:79:11:54:70:d1:
         3a:9f:07:8d:55:e3:e7:7a:a1:3a:73:cf:03:a5:ef:ec:f4:0c:
         cb:1c:bf:d3:6b:bd:4e:ba:15:2b:1d:e1:59:96:fd:f9:23:76:
         c2:67:8a:40:9a:b0:3c:f7:0b:b8:93:24:bd:d3:ba:11:96:a9:
         71:cc:64:5c:df:d7:9d:74:75:25:4e:4f:f4:03:86:ef:c0:06:
         3d:48:bc:00:dc:4a:f4:e5:41:14:3a:9a:c7:c1:2e:35:92:44:
         b6:8b:35:86:89:ff:9c:42:80:90:25:e7:63:12:72:f5:86:e4:
         2c:d4:13:eb:71:a1:5d:bf:37:c3:8e:0b:46:60:60:2a:70:29:
         cb:9d:ee:61
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB2Xt2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDEw
MTAzNTEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQwNjA4ZWYwYTdl
OTMyOTVmYmMwN2NmOWM4M2MwODViMzk1MDBmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpbleSOMKo8twpIfBZFIlekRfsG4BNhfXAJOLUBCk5Y9Pue
zSC0v0qQdG9+bAKoUG/lnCvT80TZwfbPi7Rjv1FbTIjPElNVGeMiulTWuAWATlH9
OMVh57r/L688Odp5u+0WwHLFyI2s+dCsoT0yRIpYK1W6d7/qkPBrHuvFa6Z+I23e
o9C+bFwEgIn3M691CbYsL8Ju1/1R3jUBMW4TDME4912D9Y9Lc4rzIEfjYfz3pgGl
eWwFlvt5X3z9/oNyAccnZiD6y9pVgNl8tiwO1Enionrx9n+AmckNc1rTrWjW1izH
fjCGhVsNp2ggAu5be9jZ5JsW9z2cMjYsdEANJL0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEBgjvCn6TKV+8B8+cg8CFs5UA9zAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L3hBWUk3d3Ata3lsZnZBZlBuSVBBaGJPVkFQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBp5zANBgkqhkiG9w0BAQsFAAOC
AQEAYPjmXeGZxoZWqhzZL26qZZz1epG8sLrEjTsMjQCDSWTBsVMOUreou+ha42fM
jK9IJzi4rm34bvacKYNioyJZ0FIda8J0vlDhQy6G1E5lWnQawoVRlH3LuJ5bAwym
W4gR8OWEGFeyY6zjQtzPdRNNznBv/dhbHouiBXkRVHDROp8HjVXj53qhOnPPA6Xv
7PQMyxy/02u9TroVKx3hWZb9+SN2wmeKQJqwPPcLuJMkvdO6EZapccxkXN/XnXR1
JU5P9AOG78AGPUi8ANxK9OVBFDqax8EuNZJEtos1hon/nEKAkCXnYxJy9YbkLNQT
63GhXb83w44LRmBgKnApy53uYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org