Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/c9OE8Du4svt1dxobZDHHkRAFs1s.roa
File:                     c9OE8Du4svt1dxobZDHHkRAFs1s.roa (raw, json)
Hash identifier:          2V1pLKWw2UKbtm9v/GVdWYX1MoJkXi4NUW6guPwrW90=
Subject key identifier:   73:D3:84:F0:3B:B8:B2:FB:75:77:1A:1B:64:31:C7:91:10:05:B3:5B
Certificate issuer:       /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial:       018346FAD4DD2AAA273028627F5E99103E63
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/c9OE8Du4svt1dxobZDHHkRAFs1s.roa
Signing time:             Fri 16 Sep 2022 15:46:27 +0000
ROA not before:           Fri 16 Sep 2022 15:46:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28716
IP address blocks:        212.104.56.0/21 maxlen: 24
                          212.104.48.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:46:fa:d4:dd:2a:aa:27:30:28:62:7f:5e:99:10:3e:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
        Validity
            Not Before: Sep 16 15:46:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=73d384f03bb8b2fb75771a1b6431c7911005b35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:cb:ca:af:04:7e:b2:6b:bd:43:7f:f8:00:ce:
                    a2:d4:0a:f7:ec:a6:06:c7:9d:2c:1d:74:05:f8:68:
                    78:67:f5:f4:90:9d:08:d3:94:1b:0b:4c:c1:6c:95:
                    34:d8:7e:9d:c6:66:16:18:5b:96:20:ad:d1:c0:65:
                    00:38:00:30:44:ad:3b:fe:59:d0:51:ae:9a:31:77:
                    75:9d:b4:dd:3f:a0:02:ff:a0:7d:75:fe:32:68:f9:
                    4b:e1:ea:f1:5f:c8:87:00:5c:b9:7c:d1:30:f1:f7:
                    8c:3f:00:27:c6:b0:42:84:7a:ce:dc:01:7c:50:bb:
                    80:54:1c:e0:6d:db:22:f3:77:a4:43:05:2b:03:57:
                    1b:b1:94:af:16:d8:be:a1:11:bd:13:cb:c8:bb:e1:
                    c3:57:9c:3e:ba:75:35:5c:b1:1a:8b:f1:e0:93:5d:
                    f8:be:c6:51:2d:4c:4c:b4:c5:18:ea:db:a4:a2:1f:
                    ba:7e:72:a8:51:6c:b6:45:00:a9:fc:53:b8:85:10:
                    d1:63:39:b5:e0:f9:bb:e8:8c:31:8d:88:ee:3a:a0:
                    21:c2:c7:02:a7:ff:49:e6:a5:9c:3c:d4:39:2e:ce:
                    66:e3:cd:cd:00:a3:e0:d2:0e:c0:6a:f5:76:c5:66:
                    15:88:4d:77:2e:60:34:ff:b4:cb:29:68:cb:15:e8:
                    a4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:D3:84:F0:3B:B8:B2:FB:75:77:1A:1B:64:31:C7:91:10:05:B3:5B
            X509v3 Authority Key Identifier:
                keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/c9OE8Du4svt1dxobZDHHkRAFs1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.104.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b0:34:84:ae:bb:96:6d:fb:60:92:21:5c:6c:11:54:7d:47:e1:
         63:af:dd:e2:9c:e8:4f:0c:be:c7:19:ec:10:ea:bb:a7:4d:dc:
         95:c3:9c:85:83:a7:13:8a:39:6e:48:2e:b7:11:70:25:ac:7e:
         c7:71:24:23:1f:03:c8:87:c5:9e:99:ef:c4:dc:97:15:e4:b8:
         35:b4:fa:c6:24:04:49:a3:97:cd:74:76:78:6f:6d:8f:b4:ea:
         3e:0f:25:79:6b:fc:4a:a1:c0:6d:f3:69:2d:dc:6d:75:db:7e:
         0b:d4:f7:30:68:01:07:ff:f6:2e:e3:ac:69:cc:c4:8d:4e:b9:
         6f:0e:f2:b0:a2:15:3f:9f:3b:e3:c9:45:b0:db:c6:fa:e4:41:
         48:99:df:b1:5a:3f:fb:59:ae:0a:ac:99:b8:3a:03:75:b3:9b:
         2a:06:43:79:87:09:7e:77:04:c7:5e:1b:ab:c5:50:5f:8e:06:
         99:9b:5a:56:22:00:fa:5a:d3:f6:22:01:7d:c7:d2:31:23:61:
         cd:37:4d:b4:f4:c4:69:0b:d4:3b:4c:c8:9e:f3:66:a5:bb:da:
         c8:ee:aa:cb:72:f2:47:af:00:51:61:73:81:9f:a9:b6:de:28:
         db:06:d6:b9:9c:c6:68:46:4d:24:72:aa:c7:53:90:67:e5:c3:
         6e:45:8b:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNG+tTdKqonMChif16ZED5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjIwOTE2MTU0NjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QzODRmMDNiYjhiMmZiNzU3NzFhMWI2NDMxYzc5MTEwMDViMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicvKrwR+smu9Q3/4AM6i1Ar37KYG
x50sHXQF+Gh4Z/X0kJ0I05QbC0zBbJU02H6dxmYWGFuWIK3RwGUAOAAwRK07/lnQ
Ua6aMXd1nbTdP6AC/6B9df4yaPlL4erxX8iHAFy5fNEw8feMPwAnxrBChHrO3AF8
ULuAVBzgbdsi83ekQwUrA1cbsZSvFti+oRG9E8vIu+HDV5w+unU1XLEai/Hgk134
vsZRLUxMtMUY6tukoh+6fnKoUWy2RQCp/FO4hRDRYzm14Pm76IwxjYjuOqAhwscC
p/9J5qWcPNQ5Ls5m483NAKPg0g7AavV2xWYViE13LmA0/7TLKWjLFeikOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPThPA7uLL7dXcaG2Qxx5EQBbNbMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvYzlPRThEdTRzdnQxZHhvYlpESEhrUkFGczFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1GgwMA0G
CSqGSIb3DQEBCwUAA4IBAQCwNISuu5Zt+2CSIVxsEVR9R+Fjr93inOhPDL7HGewQ
6runTdyVw5yFg6cTijluSC63EXAlrH7HcSQjHwPIh8Weme/E3JcV5Lg1tPrGJARJ
o5fNdHZ4b22PtOo+DyV5a/xKocBt82kt3G11234L1PcwaAEH//Yu46xpzMSNTrlv
DvKwohU/nzvjyUWw28b65EFImd+xWj/7Wa4KrJm4OgN1s5sqBkN5hwl+dwTHXhur
xVBfjgaZm1pWIgD6WtP2IgF9x9IxI2HNN0209MRpC9Q7TMie82alu9rI7qrLcvJH
rwBRYXOBn6m23ijbBta5nMZoRk0kcqrHU5Bn5cNuRYtp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:13 2024 by rpki-client on console-ams.rpki-client.org