Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa
File:                     aTx5V4ozrRJK7raMGolWo11peNc.roa (raw, json)
Hash identifier:          FaMOH9PtpeBwnKm0KRMzWDTs86UoCIt6O7Or4F+n5H0=
Subject key identifier:   69:3C:79:57:8A:33:AD:12:4A:EE:B6:8C:1A:89:56:A3:5D:69:78:D7
Certificate issuer:       /CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Certificate serial:       01149AAC
Authority key identifier: DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa
Signing time:             Wed 09 Feb 2022 11:18:44 +0000
ROA not before:           Wed 09 Feb 2022 11:18:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        62.201.32.0/21 maxlen: 21
                          62.201.40.0/24 maxlen: 24
                          62.201.43.0/24 maxlen: 24
                          62.201.44.0/22 maxlen: 22
                          62.201.41.0/24 maxlen: 24
                          62.201.48.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18127532 (0x1149aac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9c64e170b7f255d7ca30035d6532c8957eb169
        Validity
            Not Before: Feb  9 11:18:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=693c79578a33ad124aeeb68c1a8956a35d6978d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:45:06:cf:42:c0:69:a4:88:29:07:9f:15:f5:
                    e9:e7:7e:ae:fc:a6:f3:a9:74:9d:65:03:28:f1:82:
                    74:7b:67:6c:0d:c9:f9:16:ed:80:c4:15:17:19:8d:
                    da:7c:2d:86:d9:cd:6f:47:49:47:f8:22:10:7f:9d:
                    3f:d2:a7:78:91:e8:a4:5b:ff:bc:dc:86:dd:2c:cb:
                    94:fc:35:50:f8:54:6c:be:1b:63:9e:27:62:ba:f5:
                    65:7c:31:ec:c7:59:41:0d:f3:3f:2f:73:70:47:32:
                    0f:6b:1e:94:86:65:9f:65:65:c0:e8:f0:81:60:b0:
                    a8:3f:fb:04:27:dd:36:d1:ca:dc:a4:0f:8e:15:61:
                    56:f7:31:9e:eb:d3:73:91:fb:53:77:4b:0b:00:e4:
                    8d:3c:3f:a6:84:03:0c:50:a2:e2:d1:c2:96:f7:0a:
                    dd:09:8c:46:f6:6f:c9:89:93:15:34:6b:5d:04:b7:
                    72:18:39:32:60:b0:03:44:10:cd:6c:03:fb:27:18:
                    d1:b2:96:de:eb:76:d9:b3:94:8a:20:81:b7:c2:8b:
                    22:38:f5:5e:0f:43:c9:09:7e:18:95:c8:ca:c8:15:
                    10:53:a2:2c:50:09:b6:83:f9:b9:ef:23:49:a6:28:
                    53:cd:45:ed:71:70:61:ea:c3:52:93:c9:38:b4:99:
                    a2:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:3C:79:57:8A:33:AD:12:4A:EE:B6:8C:1A:89:56:A3:5D:69:78:D7
            X509v3 Authority Key Identifier:
                keyid:DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/35xk4XC38lXXyjADXWUyyJV-sWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.201.32.0-62.201.41.255
                  62.201.43.0-62.201.63.255

    Signature Algorithm: sha256WithRSAEncryption
         a0:f9:67:ec:d0:83:70:46:10:fb:3f:9d:ac:f6:f0:5f:45:3b:
         8b:fd:74:c3:a6:46:ec:a8:b2:86:01:d3:f6:86:ad:d1:26:57:
         eb:07:89:81:66:f0:fe:1e:ca:84:d9:90:74:18:96:00:38:6c:
         52:8d:89:73:7a:0e:62:30:c1:68:73:08:f1:4d:bf:33:a5:05:
         cd:12:41:9c:51:5b:11:f0:d6:0c:ae:de:a7:b8:ab:f0:84:37:
         23:62:50:29:07:64:e1:8d:af:b6:7b:f8:29:03:46:d9:81:80:
         8a:74:f8:bb:68:95:78:29:d8:23:ba:a0:07:f6:30:ba:57:ce:
         2d:f4:45:86:0d:52:d1:31:11:21:09:6b:92:50:04:df:92:7b:
         73:95:cf:c3:d9:3a:83:70:4a:fd:fd:35:44:29:a9:ea:ef:f8:
         3a:33:c7:35:c4:40:3e:37:b2:e9:ab:8b:b7:59:03:79:e4:93:
         56:18:0c:21:98:de:04:7e:70:05:cb:10:c8:d9:c1:35:7c:4d:
         9f:2e:a6:f1:bf:83:63:c3:98:9a:db:66:36:ad:f6:0c:eb:23:
         76:fc:f6:f8:a2:5b:29:27:5e:43:0a:2c:a8:80:b1:b5:b8:3c:
         4a:24:50:18:60:3e:bb:e8:40:b7:08:6a:86:76:6a:a8:92:45:
         a3:68:fb:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEARSarDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjljNjRlMTcwYjdmMjU1ZDdjYTMwMDM1ZDY1MzJjODk1N2ViMTY5MB4XDTIyMDIw
OTExMTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkzYzc5NTc4YTMz
YWQxMjRhZWViNjhjMWE4OTU2YTM1ZDY5NzhkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1FBs9CwGmkiCkHnxX16ed+rvym86l0nWUDKPGCdHtnbA3J
+RbtgMQVFxmN2nwthtnNb0dJR/giEH+dP9KneJHopFv/vNyG3SzLlPw1UPhUbL4b
Y54nYrr1ZXwx7MdZQQ3zPy9zcEcyD2selIZln2VlwOjwgWCwqD/7BCfdNtHK3KQP
jhVhVvcxnuvTc5H7U3dLCwDkjTw/poQDDFCi4tHClvcK3QmMRvZvyYmTFTRrXQS3
chg5MmCwA0QQzWwD+ycY0bKW3ut22bOUiiCBt8KLIjj1Xg9DyQl+GJXIysgVEFOi
LFAJtoP5ue8jSaYoU81F7XFwYerDUpPJOLSZolkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRpPHlXijOtEkrutowaiVajXWl41zAfBgNVHSMEGDAWgBTfnGThcLfyVdfK
MANdZTLIlX6xaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM1eGs0WEMzOGxYWHlqQURYV1V5eUpWLXNXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYWJkMTJmLTFkNjYtNDEyZi05YmUyLTI4Y2IzYmJmMDVhZS8x
L2FUeDVWNG96clJKSzdyYU1Hb2xXbzExcGVOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YWJkMTJmLTFkNjYtNDEyZi05YmUyLTI4Y2IzYmJmMDVhZS8xLzM1eGs0WEMzOGxY
WHlqQURYV1V5eUpWLXNXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQFPskgAwQBPskoMAwDBAA+ySsD
BAY+yQAwDQYJKoZIhvcNAQELBQADggEBAKD5Z+zQg3BGEPs/naz28F9FO4v9dMOm
RuyosoYB0/aGrdEmV+sHiYFm8P4eyoTZkHQYlgA4bFKNiXN6DmIwwWhzCPFNvzOl
Bc0SQZxRWxHw1gyu3qe4q/CENyNiUCkHZOGNr7Z7+CkDRtmBgIp0+LtolXgp2CO6
oAf2MLpXzi30RYYNUtExESEJa5JQBN+Se3OVz8PZOoNwSv39NUQpqerv+DozxzXE
QD43sumri7dZA3nkk1YYDCGY3gR+cAXLEMjZwTV8TZ8upvG/g2PDmJrbZjat9gzr
I3b89viiWyknXkMKLKiAsbW4PEokUBhgPrvoQLcIaoZ2aqiSRaNo+0A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org