Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hc9o-3Ha4hAxL-IygnjgKs08aKw.roa
File:                     hc9o-3Ha4hAxL-IygnjgKs08aKw.roa (raw, json)
Hash identifier:          oQWSLZMNS2TXcbQCFtvm+3oX3RLeeCUwk1rALJlOTz0=
Subject key identifier:   85:CF:68:FB:71:DA:E2:10:31:2F:E2:32:82:78:E0:2A:CD:3C:68:AC
Certificate issuer:       /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial:       01830FA01F3748E966321AA6DBEA05A7B322
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hc9o-3Ha4hAxL-IygnjgKs08aKw.roa
Signing time:             Mon 05 Sep 2022 21:48:15 +0000
ROA not before:           Mon 05 Sep 2022 21:48:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        162.217.251.0/24 maxlen: 24
                          155.254.62.0/24 maxlen: 24
                          107.161.174.0/24 maxlen: 24
                          107.161.175.0/24 maxlen: 24
                          107.181.135.0/24 maxlen: 24
                          2a07:9940:3333::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:0f:a0:1f:37:48:e9:66:32:1a:a6:db:ea:05:a7:b3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
        Validity
            Not Before: Sep  5 21:48:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85cf68fb71dae210312fe2328278e02acd3c68ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b4:14:f1:5d:68:c0:25:93:0f:ce:46:91:2b:
                    3b:22:56:45:4f:b8:6e:75:40:e2:97:ae:c3:35:2f:
                    0c:38:98:fe:ac:02:29:57:27:2c:c2:d1:05:ae:56:
                    e4:e6:6e:d2:a2:8f:e5:21:3d:10:e6:a7:b2:b8:43:
                    c1:7a:c3:84:28:62:3e:18:c8:a4:a8:0d:e2:2b:05:
                    65:26:65:73:cd:f4:94:40:0d:3c:e3:3a:5b:7a:74:
                    04:11:ca:8a:53:b2:05:31:4c:2d:81:5a:8f:2a:19:
                    2a:e5:8c:4b:2f:5d:aa:c8:81:7a:e9:7c:69:7f:04:
                    87:90:b0:04:11:5e:78:cd:b6:8b:c6:d7:78:09:d3:
                    2c:f8:03:3e:04:e0:50:04:80:16:df:bb:ed:df:06:
                    61:6a:a1:a0:f1:92:4d:80:e5:5b:b5:51:fd:a6:e5:
                    8f:6d:54:89:49:98:0e:cb:ed:88:52:ef:46:4a:88:
                    ba:52:7b:f4:b3:5c:ba:d6:44:d9:39:b7:79:49:49:
                    86:13:0a:8c:7a:a2:d6:d1:ed:97:f7:33:26:76:b3:
                    c1:f5:12:44:6e:5d:42:a4:59:34:bc:70:68:66:ba:
                    78:91:64:7b:30:b8:8a:7e:cc:38:59:65:b0:28:8c:
                    f5:7b:de:02:aa:a9:51:d2:8a:9a:85:4e:bf:2a:cb:
                    9f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:CF:68:FB:71:DA:E2:10:31:2F:E2:32:82:78:E0:2A:CD:3C:68:AC
            X509v3 Authority Key Identifier:
                keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hc9o-3Ha4hAxL-IygnjgKs08aKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.161.174.0/23
                  107.181.135.0/24
                  155.254.62.0/24
                  162.217.251.0/24
                IPv6:
                  2a07:9940:3333::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:fc:ea:65:d7:1d:78:fe:57:10:97:dc:2f:bf:dc:1b:9c:8e:
         a1:2c:4f:7b:f7:f8:4f:33:c2:58:f9:68:0d:39:50:f9:d4:e3:
         b2:4c:c9:71:58:95:ac:4a:2a:5e:35:11:ce:86:65:29:fb:ab:
         2b:ce:a5:55:a9:c3:54:06:f5:39:37:ff:1f:de:a2:32:8f:8b:
         9d:d2:62:1f:80:43:cd:22:06:6a:9e:41:36:9f:dc:fa:43:f5:
         96:dd:6d:cd:ae:be:ab:84:ed:41:bb:5d:35:91:c8:d3:b2:ba:
         f5:d1:99:b0:da:3e:c4:2c:9b:cf:29:92:5f:85:10:de:76:9e:
         0b:35:04:be:03:5d:20:18:3a:85:59:81:97:22:53:78:b4:97:
         14:9d:71:70:59:52:b8:52:93:67:ab:c8:4b:67:60:36:2c:78:
         38:db:64:89:d1:6b:f4:04:c5:9f:b2:1b:0e:0d:aa:98:41:0b:
         cc:60:7a:97:ce:44:c2:b2:6a:b9:e0:ea:7a:c9:96:f9:f3:09:
         b7:59:9d:19:19:5e:4e:79:50:e4:4c:05:d9:e2:7f:84:e0:91:
         7f:93:db:47:de:33:75:01:ab:9f:07:ed:0c:c1:07:f2:f7:48:
         97:c6:5c:7a:9e:50:96:82:9d:c9:38:91:d7:0e:9f:9b:b7:ec:
         00:18:95:b9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYMPoB83SOlmMhqm2+oFp7MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIwOTA1MjE0ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNmNjhmYjcxZGFlMjEwMzEyZmUyMzI4Mjc4ZTAyYWNkM2M2OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7QU8V1owCWTD85GkSs7IlZFT7hu
dUDil67DNS8MOJj+rAIpVycswtEFrlbk5m7Soo/lIT0Q5qeyuEPBesOEKGI+GMik
qA3iKwVlJmVzzfSUQA084zpbenQEEcqKU7IFMUwtgVqPKhkq5YxLL12qyIF66Xxp
fwSHkLAEEV54zbaLxtd4CdMs+AM+BOBQBIAW37vt3wZhaqGg8ZJNgOVbtVH9puWP
bVSJSZgOy+2IUu9GSoi6Unv0s1y61kTZObd5SUmGEwqMeqLW0e2X9zMmdrPB9RJE
bl1CpFk0vHBoZrp4kWR7MLiKfsw4WWWwKIz1e94CqqlR0oqahU6/KsufuwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFIXPaPtx2uIQMS/iMoJ44CrNPGisMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvaGM5by0zSGE0aEF4TC1JeWduamdLczA4YUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBa6GuAwQA
a7WHAwQAm/4+AwQAotn7MA8EAgACMAkDBwAqB5lAMzMwDQYJKoZIhvcNAQELBQAD
ggEBAGT86mXXHXj+VxCX3C+/3BucjqEsT3v3+E8zwlj5aA05UPnU47JMyXFYlaxK
Kl41Ec6GZSn7qyvOpVWpw1QG9Tk3/x/eojKPi53SYh+AQ80iBmqeQTaf3PpD9Zbd
bc2uvquE7UG7XTWRyNOyuvXRmbDaPsQsm88pkl+FEN52ngs1BL4DXSAYOoVZgZci
U3i0lxSdcXBZUrhSk2eryEtnYDYseDjbZInRa/QExZ+yGw4NqphBC8xgepfORMKy
arng6nrJlvnzCbdZnRkZXk55UORMBdnif4TgkX+T20feM3UBq58H7QzBB/L3SJfG
XHqeUJaCnck4kdcOn5u37AAYlbk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:14 2023 by rpki-client on console-ams.rpki-client.org