Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Elzff-MGo9hViP_gOmAvpgf3vMI.roa
File:                     Elzff-MGo9hViP_gOmAvpgf3vMI.roa (raw, json)
Hash identifier:          fBWx5QjFKGl54DoTO0M+nMH7kWTyANQSVvhAfgLxY90=
Subject key identifier:   12:5C:DF:7F:E3:06:A3:D8:55:88:FF:E0:3A:60:2F:A6:07:F7:BC:C2
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01829FFB9B772DC74F81F29378BDBB813777
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Elzff-MGo9hViP_gOmAvpgf3vMI.roa
Signing time:             Mon 15 Aug 2022 05:30:42 +0000
ROA not before:           Mon 15 Aug 2022 05:30:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56309
IP address blocks:        203.159.92.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:9f:fb:9b:77:2d:c7:4f:81:f2:93:78:bd:bb:81:37:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Aug 15 05:30:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=125cdf7fe306a3d85588ffe03a602fa607f7bcc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:42:a6:8f:47:11:82:96:84:6c:cc:b7:c6:7f:
                    14:11:7b:19:81:0d:48:4f:75:d6:59:b6:18:7e:6c:
                    0b:56:d3:22:ce:9b:ff:5a:9c:66:64:09:52:26:8f:
                    4d:5e:51:b8:53:e3:1e:c3:e0:ab:18:f0:f8:bf:77:
                    08:93:52:41:6a:f2:56:19:ee:00:0c:00:7f:6a:00:
                    f9:26:5d:71:7e:2c:d7:85:bc:5e:20:f6:ea:8b:8b:
                    63:2a:85:85:ed:f2:d6:7e:a0:91:bf:6c:1f:0d:2a:
                    8a:b4:47:43:7a:ad:a9:c0:52:5e:ae:4c:bc:c0:de:
                    58:cd:ae:9a:a3:9f:93:b3:96:58:5a:5a:96:53:43:
                    47:60:9f:64:69:5b:83:bd:ac:e4:1c:34:77:5f:5f:
                    cd:9f:96:d0:f9:50:ba:20:4d:e9:43:1c:4a:26:50:
                    87:6f:ae:36:a3:4a:ed:fe:67:c5:cd:65:ee:f8:33:
                    65:2d:70:5a:0c:67:0b:1d:be:84:c6:42:10:af:5a:
                    39:16:f9:6d:6a:8a:fd:a4:1b:19:ce:e2:db:ef:35:
                    48:06:c3:a7:87:6d:60:da:0b:73:29:91:25:1d:fa:
                    3c:fc:37:d5:6a:0b:eb:51:fe:11:74:09:9d:7e:4d:
                    a6:b1:a1:89:6f:be:7c:1a:1d:6c:80:5b:82:0a:6a:
                    cb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:5C:DF:7F:E3:06:A3:D8:55:88:FF:E0:3A:60:2F:A6:07:F7:BC:C2
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Elzff-MGo9hViP_gOmAvpgf3vMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.159.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:97:5a:67:6f:33:52:19:42:bb:58:7c:f5:d9:b4:4e:b0:ce:
         d0:7b:df:4e:7b:4d:59:fe:fc:08:3e:73:27:90:32:76:89:43:
         93:68:39:06:c3:ae:e6:39:04:c6:c1:ac:cb:70:1f:9d:64:9b:
         7a:a0:c0:ed:56:04:94:a6:41:53:18:f8:89:fe:91:cf:6c:a6:
         dc:cd:d9:86:44:98:d2:52:96:6a:9a:82:b6:14:b4:24:c2:d1:
         dd:8f:16:e6:7b:e6:3d:d5:de:e5:eb:52:06:80:ba:b4:f6:c0:
         a2:26:c7:db:d6:07:0a:13:3e:5d:38:a8:4c:44:0e:f7:67:82:
         97:d1:f7:55:81:bf:00:73:ca:5e:a4:aa:cc:7a:7f:24:d0:06:
         bd:56:5b:98:c5:3e:4f:2a:9a:f4:56:54:fe:a5:1f:09:6e:ca:
         a6:3b:b6:05:17:c2:bc:36:84:03:bd:5a:e5:a3:84:60:6c:25:
         d8:5d:91:9a:82:4e:65:3b:27:ba:b5:b6:20:47:9a:af:24:58:
         34:52:9d:94:dd:3a:c5:2f:ba:99:aa:a9:e5:79:b8:41:1f:9e:
         8d:41:df:df:54:96:02:35:a2:be:bc:dc:cb:1b:7e:9b:f5:45:
         6e:c5:5d:98:3d:d9:c0:d8:51:e4:d5:ec:f5:2f:61:20:5e:06:
         68:f9:c2:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKf+5t3LcdPgfKTeL27gTd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODE1MDUzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjVjZGY3ZmUzMDZhM2Q4NTU4OGZmZTAzYTYwMmZhNjA3ZjdiY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0Kmj0cRgpaEbMy3xn8UEXsZgQ1I
T3XWWbYYfmwLVtMizpv/WpxmZAlSJo9NXlG4U+Mew+CrGPD4v3cIk1JBavJWGe4A
DAB/agD5Jl1xfizXhbxeIPbqi4tjKoWF7fLWfqCRv2wfDSqKtEdDeq2pwFJerky8
wN5Yza6ao5+Ts5ZYWlqWU0NHYJ9kaVuDvazkHDR3X1/Nn5bQ+VC6IE3pQxxKJlCH
b642o0rt/mfFzWXu+DNlLXBaDGcLHb6ExkIQr1o5Fvltaor9pBsZzuLb7zVIBsOn
h21g2gtzKZElHfo8/DfVagvrUf4RdAmdfk2msaGJb758Gh1sgFuCCmrLXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJc33/jBqPYVYj/4DpgL6YH97zCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRWx6ZmYtTUdvOWhWaVBfZ09tQXZwZ2Yzdk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCy59cMA0G
CSqGSIb3DQEBCwUAA4IBAQCJl1pnbzNSGUK7WHz12bROsM7Qe99Oe01Z/vwIPnMn
kDJ2iUOTaDkGw67mOQTGwazLcB+dZJt6oMDtVgSUpkFTGPiJ/pHPbKbczdmGRJjS
UpZqmoK2FLQkwtHdjxbme+Y91d7l61IGgLq09sCiJsfb1gcKEz5dOKhMRA73Z4KX
0fdVgb8Ac8pepKrMen8k0Aa9VluYxT5PKpr0VlT+pR8JbsqmO7YFF8K8NoQDvVrl
o4RgbCXYXZGagk5lOye6tbYgR5qvJFg0Up2U3TrFL7qZqqnlebhBH56NQd/fVJYC
NaK+vNzLG36b9UVuxV2YPdnA2FHk1ez1L2EgXgZo+cJa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org