Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/7Nh0J8UICh-5lazMLeXKCvCw-Ls.roa
File:                     7Nh0J8UICh-5lazMLeXKCvCw-Ls.roa (raw, json)
Hash identifier:          0ibR3OHSIQbb714Ny/DWQF0ojlISwAAHk4pZOYiwEb8=
Subject key identifier:   EC:D8:74:27:C5:08:0A:1F:B9:95:AC:CC:2D:E5:CA:0A:F0:B0:F8:BB
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01853FAA46A999DE8340F81BA72A28EE31C2
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/7Nh0J8UICh-5lazMLeXKCvCw-Ls.roa
Signing time:             Fri 23 Dec 2022 15:46:41 +0000
ROA not before:           Fri 23 Dec 2022 15:46:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49040
IP address blocks:        109.160.56.0/24 maxlen: 24
                          109.160.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3f:aa:46:a9:99:de:83:40:f8:1b:a7:2a:28:ee:31:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Dec 23 15:46:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecd87427c5080a1fb995accc2de5ca0af0b0f8bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3c:41:5e:b7:1c:58:1e:6d:57:e1:46:7e:d8:
                    61:4e:b1:fd:26:0f:2f:63:70:e8:78:23:46:bd:97:
                    ff:39:e6:7f:29:db:cd:c9:f7:76:0e:42:90:42:51:
                    b6:43:d5:e2:f5:1e:24:73:ce:13:c8:70:5b:a0:94:
                    3d:5a:dc:79:1a:3e:bc:b9:8c:bc:ee:28:0b:95:02:
                    ea:34:83:90:a6:7c:71:27:78:eb:18:8e:ac:ad:cb:
                    99:f9:e1:d2:33:2a:2a:f7:24:68:8e:f3:da:43:7a:
                    e4:08:d6:bd:a7:ce:d3:1d:79:51:a9:2d:0a:76:34:
                    ec:9c:a2:2f:70:72:73:cc:e2:f0:e6:d1:70:1f:ba:
                    30:bc:ce:94:1c:a5:61:b7:ec:f6:f6:cf:76:7f:14:
                    05:54:77:98:78:d9:2b:e7:d8:15:cd:8a:db:11:c0:
                    69:fc:06:13:29:5e:0c:4a:dd:43:9b:9c:71:2b:f5:
                    ca:5a:22:36:42:65:79:f6:a5:8d:92:1c:ff:fa:95:
                    ba:ba:42:76:78:b1:b5:fc:74:5d:84:28:d7:84:ac:
                    58:7b:90:41:d0:ec:90:73:92:c4:a4:2d:d2:55:ac:
                    3a:c7:dd:64:54:35:a6:3a:fa:2e:aa:e5:93:ea:cc:
                    c2:72:61:2e:00:83:0c:01:72:e7:1d:73:9b:0a:32:
                    ca:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D8:74:27:C5:08:0A:1F:B9:95:AC:CC:2D:E5:CA:0A:F0:B0:F8:BB
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/7Nh0J8UICh-5lazMLeXKCvCw-Ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.56.0/24
                  109.160.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:f4:d2:1f:58:c0:58:6f:85:be:54:d4:e7:73:9b:8e:9a:a9:
         62:a7:86:6d:03:3a:a9:e4:68:78:33:64:53:c2:fc:b9:a5:0f:
         1a:8a:ff:04:c4:af:b5:bb:82:8a:4f:0e:ef:fb:85:7d:9b:18:
         f2:0f:4c:9a:96:ae:c8:4c:33:73:65:ff:a4:93:e3:4f:f8:f2:
         fb:d3:d6:b0:a9:17:d6:9f:99:69:5a:14:e0:5d:bd:1c:d9:59:
         16:17:44:99:c3:fa:7a:46:98:2c:c6:3e:8d:19:4d:18:e1:8d:
         04:96:2f:11:5b:c4:a9:57:36:fb:21:d1:35:f8:27:f2:4d:4a:
         22:37:43:4c:c3:5c:40:98:54:fe:5e:65:90:f7:79:22:12:35:
         55:64:24:7f:34:6f:23:09:48:09:c8:0c:3b:66:a0:5d:8a:7f:
         e7:07:dd:83:58:9e:da:c7:77:4e:80:ac:81:70:cd:0a:2e:9b:
         a7:41:86:7b:2c:cc:a5:81:d1:57:9b:f4:48:e3:b1:58:04:f8:
         4a:55:c8:d5:07:39:66:47:ea:68:9d:5d:70:1b:59:a1:eb:77:
         6f:7f:a9:76:9d:24:a4:84:5c:09:0e:ea:a9:dc:71:64:fe:92:
         c1:b4:66:0f:5e:a8:ac:11:ed:eb:47:88:b4:86:3b:b2:88:29:
         dd:38:a1:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU/qkapmd6DQPgbpyoo7jHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIxMjIzMTU0NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Q4NzQyN2M1MDgwYTFmYjk5NWFjY2MyZGU1Y2EwYWYwYjBmOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjxBXrccWB5tV+FGfthhTrH9Jg8v
Y3DoeCNGvZf/OeZ/KdvNyfd2DkKQQlG2Q9Xi9R4kc84TyHBboJQ9Wtx5Gj68uYy8
7igLlQLqNIOQpnxxJ3jrGI6srcuZ+eHSMyoq9yRojvPaQ3rkCNa9p87THXlRqS0K
djTsnKIvcHJzzOLw5tFwH7owvM6UHKVht+z29s92fxQFVHeYeNkr59gVzYrbEcBp
/AYTKV4MSt1Dm5xxK/XKWiI2QmV59qWNkhz/+pW6ukJ2eLG1/HRdhCjXhKxYe5BB
0OyQc5LEpC3SVaw6x91kVDWmOvouquWT6szCcmEuAIMMAXLnHXObCjLKLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOzYdCfFCAofuZWszC3lygrwsPi7MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvN05oMEo4VUlDaC01bGF6TUxlWEtDdkN3LUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbaA4AwQA
baA7MA0GCSqGSIb3DQEBCwUAA4IBAQBO9NIfWMBYb4W+VNTnc5uOmqlip4ZtAzqp
5Gh4M2RTwvy5pQ8aiv8ExK+1u4KKTw7v+4V9mxjyD0yalq7ITDNzZf+kk+NP+PL7
09awqRfWn5lpWhTgXb0c2VkWF0SZw/p6Rpgsxj6NGU0Y4Y0Eli8RW8SpVzb7IdE1
+CfyTUoiN0NMw1xAmFT+XmWQ93kiEjVVZCR/NG8jCUgJyAw7ZqBdin/nB92DWJ7a
x3dOgKyBcM0KLpunQYZ7LMylgdFXm/RI47FYBPhKVcjVBzlmR+ponV1wG1mh63dv
f6l2nSSkhFwJDuqp3HFk/pLBtGYPXqisEe3rR4i0hjuyiCndOKFn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:27 2024 by rpki-client on console-ams.rpki-client.org