Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/zJesjyZjd0fwC1rc1gqvCxtoiXY.roa
File:                     zJesjyZjd0fwC1rc1gqvCxtoiXY.roa (raw, json)
Hash identifier:          BSyY5NdcfeJDufsPzCgyqIygAiBxKuDxm75FX6jpHow=
Subject key identifier:   CC:97:AC:8F:26:63:77:47:F0:0B:5A:DC:D6:0A:AF:0B:1B:68:89:76
Certificate issuer:       /CN=62927b36b138f086358938e3acfda4638e56a792
Certificate serial:       01830C3D39B7C640384A1430281F9E62C7A2
Authority key identifier: 62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/zJesjyZjd0fwC1rc1gqvCxtoiXY.roa
Signing time:             Mon 05 Sep 2022 06:01:22 +0000
ROA not before:           Mon 05 Sep 2022 06:01:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207265
IP address blocks:        45.151.128.0/22 maxlen: 22
                          2a10:20c0::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:0c:3d:39:b7:c6:40:38:4a:14:30:28:1f:9e:62:c7:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62927b36b138f086358938e3acfda4638e56a792
        Validity
            Not Before: Sep  5 06:01:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc97ac8f26637747f00b5adcd60aaf0b1b688976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:28:ff:a6:f5:e5:23:47:bc:03:2c:41:6e:1a:
                    7f:6b:0e:ff:36:af:b7:f0:a6:50:e6:cd:c2:06:b1:
                    a5:4f:44:9e:2c:77:2c:11:03:68:c3:ce:e4:1c:39:
                    69:fc:a1:92:03:b3:c8:9e:49:41:42:56:66:46:4a:
                    a6:64:24:be:fc:86:18:91:a8:0f:fc:f4:f7:89:ec:
                    e0:e8:b2:fd:29:e2:26:c7:51:5e:5f:a0:06:81:77:
                    68:51:22:ef:4d:55:d1:f1:b5:0f:0e:a9:39:a9:a9:
                    64:42:96:a2:96:9c:9b:76:68:d7:6c:12:6c:da:ea:
                    e7:ec:f2:d0:d0:5f:f8:36:d9:22:6e:a9:b6:56:91:
                    57:66:3f:5e:7d:6a:95:8a:c5:c4:a3:2b:a6:b6:cd:
                    a5:28:8a:79:ba:15:57:1f:5d:77:e6:b2:0b:f5:4c:
                    61:56:78:6c:8f:80:f5:d5:96:9c:54:39:39:4c:3d:
                    3a:97:b1:19:42:20:09:27:b7:00:ea:ea:c6:df:b2:
                    4c:e8:c0:a6:9b:b1:0a:62:c2:cc:8e:9a:5d:ad:14:
                    03:31:53:3b:18:1d:20:03:35:1b:5f:6c:72:28:93:
                    b2:d6:9e:c6:79:13:0e:33:08:0c:0b:b8:7c:57:f7:
                    00:fd:82:99:29:8e:fa:5a:05:66:42:7d:9e:0a:83:
                    08:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:97:AC:8F:26:63:77:47:F0:0B:5A:DC:D6:0A:AF:0B:1B:68:89:76
            X509v3 Authority Key Identifier:
                keyid:62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/zJesjyZjd0fwC1rc1gqvCxtoiXY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.128.0/22
                IPv6:
                  2a10:20c0::/30

    Signature Algorithm: sha256WithRSAEncryption
         49:0d:99:b9:b6:bd:84:c7:97:3a:ff:58:ee:05:3b:81:9f:2b:
         3c:c6:f5:f3:1e:55:b8:8f:76:95:37:b1:65:ad:7c:cc:be:f2:
         c9:be:fd:a8:e4:b6:c1:c9:e0:5b:12:87:f6:4f:a5:92:6d:c7:
         eb:b6:7a:ca:6b:7d:17:fb:e2:8a:40:28:8e:7c:1a:20:f8:e2:
         a6:5b:13:3e:7c:4a:5d:e6:9c:21:3b:3d:69:7c:e0:4a:8b:8e:
         52:6a:62:9c:8a:e3:a9:e6:b2:26:30:7c:0e:e2:e7:e9:ee:35:
         97:5f:81:98:d8:02:37:09:0d:6b:98:5a:f0:bd:93:55:c7:c4:
         9a:4e:60:63:d3:aa:2e:0e:ef:e6:a0:83:89:67:fa:ab:f8:64:
         0c:d0:39:53:12:87:f4:2f:08:4d:2a:d7:ec:01:a8:09:a0:e4:
         57:90:35:88:37:fc:37:02:a5:f4:41:af:7f:00:aa:42:70:f2:
         1c:d3:d1:ce:f6:45:61:40:9e:bc:57:ad:38:b7:55:7b:5b:16:
         e0:57:06:20:a4:c6:f8:41:19:50:58:c1:46:0a:98:fa:fb:bc:
         0e:2f:df:0f:9c:29:4a:ec:cf:90:ba:05:cc:95:9f:a4:66:a3:
         5c:4c:e5:ef:0d:66:d1:8f:21:a8:69:d2:72:a5:38:58:76:31:
         20:ef:6f:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMMPTm3xkA4ShQwKB+eYseiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOTI3YjM2YjEzOGYwODYzNTg5MzhlM2FjZmRhNDYzOGU1
NmE3OTIwHhcNMjIwOTA1MDYwMTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzk3YWM4ZjI2NjM3NzQ3ZjAwYjVhZGNkNjBhYWYwYjFiNjg4OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yj/pvXlI0e8AyxBbhp/aw7/Nq+3
8KZQ5s3CBrGlT0SeLHcsEQNow87kHDlp/KGSA7PInklBQlZmRkqmZCS+/IYYkagP
/PT3iezg6LL9KeImx1FeX6AGgXdoUSLvTVXR8bUPDqk5qalkQpailpybdmjXbBJs
2urn7PLQ0F/4Ntkibqm2VpFXZj9efWqVisXEoyumts2lKIp5uhVXH1135rIL9Uxh
Vnhsj4D11ZacVDk5TD06l7EZQiAJJ7cA6urG37JM6MCmm7EKYsLMjppdrRQDMVM7
GB0gAzUbX2xyKJOy1p7GeRMOMwgMC7h8V/cA/YKZKY76WgVmQn2eCoMIjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMyXrI8mY3dH8Ata3NYKrwsbaIl2MB8GA1UdIwQY
MBaAFGKSezaxOPCGNYk446z9pGOOVqeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEt
YTk5YzdlZTVjMjg0LzEvekplc2p5WmpkMGZ3QzFyYzFncXZDeHRvaVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEtYTk5YzdlZTVjMjg0
LzEvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZeAMA0E
AgACMAcDBQIqECDAMA0GCSqGSIb3DQEBCwUAA4IBAQBJDZm5tr2Ex5c6/1juBTuB
nys8xvXzHlW4j3aVN7FlrXzMvvLJvv2o5LbByeBbEof2T6WSbcfrtnrKa30X++KK
QCiOfBog+OKmWxM+fEpd5pwhOz1pfOBKi45SamKciuOp5rImMHwO4ufp7jWXX4GY
2AI3CQ1rmFrwvZNVx8SaTmBj06ouDu/moIOJZ/qr+GQM0DlTEof0LwhNKtfsAagJ
oORXkDWIN/w3AqX0Qa9/AKpCcPIc09HO9kVhQJ68V604t1V7WxbgVwYgpMb4QRlQ
WMFGCpj6+7wOL98PnClK7M+QugXMlZ+kZqNcTOXvDWbRjyGoadJypThYdjEg729n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org