Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ZoMhjywNHeiWRzmNWINxUCEU9zo.roa
File:                     ZoMhjywNHeiWRzmNWINxUCEU9zo.roa (raw, json)
Hash identifier:          RzoIvVsoxaJGn2l0fnDyLEtzH4YDsYWJKKxWv+7e1Po=
Subject key identifier:   66:83:21:8F:2C:0D:1D:E8:96:47:39:8D:58:83:71:50:21:14:F7:3A
Certificate issuer:       /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial:       0126C30C
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ZoMhjywNHeiWRzmNWINxUCEU9zo.roa
Signing time:             Mon 16 May 2022 06:23:36 +0000
ROA not before:           Mon 16 May 2022 06:23:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207633
IP address blocks:        2.59.181.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19317516 (0x126c30c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
        Validity
            Not Before: May 16 06:23:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6683218f2c0d1de89647398d588371502114f73a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:70:d6:b9:29:dd:29:df:0d:e9:e9:09:9e:8e:
                    3f:e5:60:b0:74:b2:75:fc:1b:0a:5f:db:f1:d5:7e:
                    f4:cd:84:94:50:03:14:61:65:b2:47:96:5f:c9:16:
                    d2:06:ee:da:e4:95:cc:b6:de:d5:94:e7:0c:5f:dc:
                    56:4d:d7:45:2c:2d:13:7e:1a:68:8e:f2:54:eb:4f:
                    85:bc:c6:82:4f:15:66:61:34:4e:73:dc:94:28:47:
                    0d:90:8d:2b:a7:79:5e:c2:72:e4:53:51:f4:45:0a:
                    43:bc:be:a8:2c:37:ab:d5:1b:c1:02:a3:19:1c:b7:
                    46:03:c6:e7:c4:d4:41:7d:51:72:8e:25:b7:70:c8:
                    1b:5a:03:b3:5b:51:f5:94:aa:58:02:91:82:b0:c4:
                    2d:b3:60:80:62:82:4e:ef:2e:10:ec:4b:46:74:f9:
                    ea:fd:db:47:4a:4a:5b:78:40:77:c8:fc:07:02:ac:
                    31:a9:ae:96:c7:d1:b6:0f:3e:1c:6c:c3:86:c2:8d:
                    46:27:8b:ae:73:95:f3:f6:b4:47:ac:fc:1d:78:42:
                    e9:b7:8a:26:e5:f1:de:09:c7:1e:91:1d:b1:01:44:
                    e0:76:a3:8a:6d:99:20:44:c9:10:91:ad:2b:87:64:
                    80:52:be:f7:80:68:3b:fb:8e:8d:69:7f:c6:7d:0d:
                    83:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:83:21:8F:2C:0D:1D:E8:96:47:39:8D:58:83:71:50:21:14:F7:3A
            X509v3 Authority Key Identifier:
                keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/ZoMhjywNHeiWRzmNWINxUCEU9zo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:c2:aa:64:d6:17:86:4a:7f:ea:77:81:1f:7a:3a:78:9e:d9:
         ec:0b:55:91:5a:87:38:4b:b6:08:5b:9e:32:d8:42:e6:8d:a6:
         e6:ad:2b:e9:5b:7c:1d:7c:23:99:b7:0a:b3:1f:d3:9c:b0:5e:
         f8:ba:c3:5c:3e:b6:25:84:62:fc:38:9f:cd:d7:10:e4:30:03:
         84:3e:cc:ea:2d:94:43:2f:e9:c0:ac:80:e8:81:91:08:ce:dc:
         6a:ff:d1:93:bb:97:40:53:21:7c:9c:a5:18:cb:84:1a:82:ac:
         ed:1c:b4:1b:3a:d6:48:6d:fc:15:e0:5f:6d:d5:ab:82:0b:37:
         8b:d9:c8:12:93:da:b1:88:bd:75:83:8d:59:30:87:43:d0:58:
         b8:4b:de:00:32:6d:20:29:82:57:65:ab:97:f9:21:a2:09:0d:
         c8:98:ea:cc:22:c7:35:57:8a:c3:d2:4a:f3:c7:9d:87:d2:da:
         2d:72:26:32:43:34:39:76:25:45:6e:a8:61:3b:10:be:cd:cd:
         f9:70:ae:94:c8:01:82:7a:06:85:97:b1:2e:b7:56:1f:97:8a:
         31:c3:b9:68:fc:35:47:86:e7:33:47:33:c9:95:99:36:fe:4c:
         d9:4c:fd:85:fa:f2:16:8a:71:bf:7e:a5:12:7f:e4:79:b2:d9:
         d8:22:2b:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASbDDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMB4XDTIyMDUx
NjA2MjMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4MzIxOGYyYzBk
MWRlODk2NDczOThkNTg4MzcxNTAyMTE0ZjczYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpw1rkp3SnfDenpCZ6OP+VgsHSydfwbCl/b8dV+9M2ElFAD
FGFlskeWX8kW0gbu2uSVzLbe1ZTnDF/cVk3XRSwtE34aaI7yVOtPhbzGgk8VZmE0
TnPclChHDZCNK6d5XsJy5FNR9EUKQ7y+qCw3q9UbwQKjGRy3RgPG58TUQX1Rco4l
t3DIG1oDs1tR9ZSqWAKRgrDELbNggGKCTu8uEOxLRnT56v3bR0pKW3hAd8j8BwKs
MamulsfRtg8+HGzDhsKNRieLrnOV8/a0R6z8HXhC6beKJuXx3gnHHpEdsQFE4Haj
im2ZIETJEJGtK4dkgFK+94BoO/uOjWl/xn0Ng48CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmgyGPLA0d6JZHOY1Yg3FQIRT3OjAfBgNVHSMEGDAWgBQafwNuJZI5H7Ra
PdM8rwsHlWlzzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0duOERiaVdTT1ItMFdqM1RQSzhMQjVWcGM4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8x
L1pvTWhqeXdOSGVpV1J6bU5XSU54VUNFVTl6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1It
MFdqM1RQSzhMQjVWcGM4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI7tTANBgkqhkiG9w0BAQsFAAOC
AQEAoMKqZNYXhkp/6neBH3o6eJ7Z7AtVkVqHOEu2CFueMthC5o2m5q0r6Vt8HXwj
mbcKsx/TnLBe+LrDXD62JYRi/DifzdcQ5DADhD7M6i2UQy/pwKyA6IGRCM7cav/R
k7uXQFMhfJylGMuEGoKs7Ry0GzrWSG38FeBfbdWrggs3i9nIEpPasYi9dYONWTCH
Q9BYuEveADJtICmCV2Wrl/khogkNyJjqzCLHNVeKw9JK88edh9LaLXImMkM0OXYl
RW6oYTsQvs3N+XCulMgBgnoGhZexLrdWH5eKMcO5aPw1R4bnM0czyZWZNv5M2Uz9
hfryFopxv36lEn/kebLZ2CIrMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org