Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/7dClEkFkYOJ3ZXO6kqIAQAIBh48.roa
File:                     7dClEkFkYOJ3ZXO6kqIAQAIBh48.roa (raw, json)
Hash identifier:          G/7SXcaZNdYOCuzarAlPuqk106WGHGal/dlXkLfTVFc=
Subject key identifier:   ED:D0:A5:12:41:64:60:E2:77:65:73:BA:92:A2:00:40:02:01:87:8F
Certificate issuer:       /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial:       0573748A
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/7dClEkFkYOJ3ZXO6kqIAQAIBh48.roa
Signing time:             Mon 09 May 2022 17:18:33 +0000
ROA not before:           Mon 09 May 2022 17:18:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14288
IP address blocks:        157.23.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91452554 (0x573748a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
        Validity
            Not Before: May  9 17:18:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=edd0a512416460e2776573ba92a200400201878f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:c9:08:e6:0c:3d:cf:3a:71:ec:e7:e0:db:c2:
                    8a:a6:39:04:12:61:19:ee:24:f8:35:36:db:84:45:
                    77:0e:3b:ae:6d:6c:86:fd:7c:0f:93:3c:7f:32:1f:
                    66:10:c9:26:48:48:62:75:a8:06:88:39:65:77:24:
                    73:f6:23:91:72:3a:8e:fc:4d:b6:93:df:b3:58:70:
                    c3:c7:94:ac:c9:c3:05:55:a4:21:eb:95:65:88:71:
                    48:d3:64:19:4e:70:da:c9:e7:5c:8e:83:8e:3b:b2:
                    71:bc:20:4a:50:08:34:74:2f:49:f6:4e:e5:ee:5d:
                    f1:a8:a7:41:94:f4:79:8c:47:e9:cf:b4:17:4c:e5:
                    81:05:f1:16:80:4f:62:63:06:df:a4:4a:3c:1f:e4:
                    98:bd:01:38:b7:18:6c:14:49:b8:f5:ec:7a:a3:72:
                    41:03:75:96:05:d4:3f:30:70:33:d1:9b:51:7d:41:
                    df:65:6f:2f:5b:ac:9a:91:f3:c4:6a:ae:6c:f5:1d:
                    99:fe:8b:f4:62:53:08:53:3b:40:03:cb:ee:0f:ef:
                    6a:75:01:dc:69:11:b8:e3:e7:48:fc:92:d3:c6:ab:
                    31:d9:fa:c1:f0:6e:b3:2d:18:b8:36:14:fa:2a:18:
                    b9:4b:54:94:97:9f:27:63:6c:06:34:4f:b7:26:96:
                    a2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D0:A5:12:41:64:60:E2:77:65:73:BA:92:A2:00:40:02:01:87:8F
            X509v3 Authority Key Identifier:
                keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/7dClEkFkYOJ3ZXO6kqIAQAIBh48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.23.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:c6:57:2c:0b:d9:ff:d4:29:c3:76:51:75:cb:a1:61:31:cf:
         62:94:db:43:32:58:7c:94:56:a3:a8:96:53:fb:ff:28:87:46:
         7c:c3:e4:03:d7:8b:35:cd:f8:f7:e2:28:41:ce:39:64:f3:c6:
         22:d7:ab:2f:6b:69:9c:90:2c:f0:1b:2f:57:9d:36:bc:34:67:
         04:8d:00:78:53:9c:b8:c9:03:d3:22:12:3d:60:59:f6:00:6a:
         72:93:7a:1f:05:63:6b:60:22:2f:3a:84:ed:27:6c:28:97:d3:
         c2:58:06:42:e5:1d:25:b9:85:a1:3f:31:0b:15:0f:e2:f2:69:
         20:96:c7:92:8b:2b:3d:cb:d4:e5:3f:b0:89:83:04:0d:63:b4:
         36:81:c3:bf:ec:13:9f:38:b8:f5:12:7b:90:d4:75:1d:4e:52:
         99:a2:01:ac:50:da:3b:f8:6e:71:e6:ea:0a:03:8d:e9:4d:d8:
         38:e4:38:33:54:69:51:47:8d:0c:a1:af:28:4c:e0:11:b2:d5:
         77:4b:1f:61:4a:3b:a3:d6:0f:ab:21:94:69:ce:ae:3a:bb:0c:
         22:75:54:99:85:e4:31:77:c8:6d:17:c2:a7:e9:2e:e6:a1:75:
         14:77:20:9c:fb:ea:5b:e4:16:77:c8:43:92:70:f8:d3:e6:4d:
         46:33:bf:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXN0ijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmEzNWNmOGFiNmYzZWFhMmFlYmFkZDllMjM3M2RlYzA4OTM2MjVlMB4XDTIyMDUw
OTE3MTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRkMGE1MTI0MTY0
NjBlMjc3NjU3M2JhOTJhMjAwNDAwMjAxODc4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjJCOYMPc86cezn4NvCiqY5BBJhGe4k+DU224RFdw47rm1s
hv18D5M8fzIfZhDJJkhIYnWoBog5ZXckc/YjkXI6jvxNtpPfs1hww8eUrMnDBVWk
IeuVZYhxSNNkGU5w2snnXI6DjjuycbwgSlAINHQvSfZO5e5d8ainQZT0eYxH6c+0
F0zlgQXxFoBPYmMG36RKPB/kmL0BOLcYbBRJuPXseqNyQQN1lgXUPzBwM9GbUX1B
32VvL1usmpHzxGqubPUdmf6L9GJTCFM7QAPL7g/vanUB3GkRuOPnSPyS08arMdn6
wfBusy0YuDYU+ioYuUtUlJefJ2NsBjRPtyaWohsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTt0KUSQWRg4ndlc7qSogBAAgGHjzAfBgNVHSMEGDAWgBS7o1z4q28+qirr
rdniNz3sCJNiXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U2TmMtS3R2UHFvcTY2M1o0amM5N0FpVFlsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYTBlMDFhLTliYmMtNDRlZS05OGEzLTU5N2I2ZTI0OTJhYi8x
LzdkQ2xFa0ZrWU9KM1pYTzZrcUlBUUFJQmg0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YTBlMDFhLTliYmMtNDRlZS05OGEzLTU5N2I2ZTI0OTJhYi8xL3U2TmMtS3R2UHFv
cTY2M1o0amM5N0FpVFlsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0X+TANBgkqhkiG9w0BAQsFAAOC
AQEAD8ZXLAvZ/9Qpw3ZRdcuhYTHPYpTbQzJYfJRWo6iWU/v/KIdGfMPkA9eLNc34
9+IoQc45ZPPGIterL2tpnJAs8BsvV502vDRnBI0AeFOcuMkD0yISPWBZ9gBqcpN6
HwVja2AiLzqE7SdsKJfTwlgGQuUdJbmFoT8xCxUP4vJpIJbHkosrPcvU5T+wiYME
DWO0NoHDv+wTnzi49RJ7kNR1HU5SmaIBrFDaO/hucebqCgON6U3YOOQ4M1RpUUeN
DKGvKEzgEbLVd0sfYUo7o9YPqyGUac6uOrsMInVUmYXkMXfIbRfCp+ku5qF1FHcg
nPvqW+QWd8hDknD40+ZNRjO/6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:51 2024 by rpki-client on console-ams.rpki-client.org