Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IMyHQAnw12SqeH0mjAOx-ljB-dc.roa
File:                     IMyHQAnw12SqeH0mjAOx-ljB-dc.roa (raw, json)
Hash identifier:          b7YBbxy0dFVlIW8qStlSwdogy/f1ZsZIlhHfjKvrYa4=
Subject key identifier:   20:CC:87:40:09:F0:D7:64:AA:78:7D:26:8C:03:B1:FA:58:C1:F9:D7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       1050384A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IMyHQAnw12SqeH0mjAOx-ljB-dc.roa
Signing time:             Thu 09 Jun 2022 12:24:03 +0000
ROA not before:           Thu 09 Jun 2022 12:24:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48678
IP address blocks:        62.76.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 273692746 (0x1050384a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jun  9 12:24:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20cc874009f0d764aa787d268c03b1fa58c1f9d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:95:fa:c4:3d:46:e1:00:4a:50:96:94:95:07:
                    72:d3:0f:6b:a8:2c:30:4c:23:98:30:b2:55:31:93:
                    4f:31:f5:69:25:cd:ad:48:06:57:60:07:c2:c9:93:
                    9d:05:a5:e9:8b:0f:8f:e9:cc:c7:89:07:8f:40:b4:
                    09:0b:3f:05:76:de:98:f3:d0:86:6a:42:d7:03:3e:
                    99:02:5c:9f:82:61:06:22:f0:b0:f6:f1:1d:a7:b9:
                    a8:95:85:6c:55:45:76:bf:3e:ee:7d:47:a3:f3:44:
                    33:2b:ee:59:df:34:44:10:9a:06:10:0f:1f:4b:9a:
                    79:30:2b:65:6d:f8:22:3f:4f:da:06:7f:11:61:10:
                    cf:87:3b:f1:ac:28:80:d0:f6:1e:ca:93:50:bf:f8:
                    fe:62:3d:04:05:ff:70:56:b4:c0:94:14:5f:1e:e0:
                    54:1d:f1:54:e6:ed:66:7f:38:de:d0:dd:eb:15:d9:
                    90:63:39:a6:ba:b3:fc:cd:8f:68:9e:55:28:96:54:
                    bd:28:07:17:3a:3f:95:6d:38:ff:76:87:a7:7c:26:
                    68:fd:e2:bc:f1:83:17:04:db:3b:65:ec:f8:b0:f1:
                    90:17:87:70:a9:f3:61:93:0c:81:3b:3e:8b:6e:f0:
                    8b:6f:87:2c:c3:5d:4a:1b:8e:f0:fe:15:71:8f:25:
                    f1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:CC:87:40:09:F0:D7:64:AA:78:7D:26:8C:03:B1:FA:58:C1:F9:D7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IMyHQAnw12SqeH0mjAOx-ljB-dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:79:22:09:5b:06:0d:c1:18:88:08:fc:b1:4d:16:11:ca:72:
         5b:47:fc:b6:62:90:d4:6a:a4:e3:3d:5e:15:51:4b:28:28:22:
         69:1d:ad:39:67:3b:65:de:f4:d3:9c:be:d5:e6:43:58:22:ea:
         64:b5:50:ad:84:c3:67:0a:d2:49:34:31:97:16:2c:26:c7:d0:
         6c:7f:78:61:d4:4c:6c:66:d5:a5:7d:8a:d8:a7:66:04:a0:86:
         ff:04:9d:89:c9:4f:10:c6:32:35:41:53:3c:8d:d8:1f:e8:b8:
         7b:f6:0e:7e:54:23:5d:e7:e0:4d:c4:5b:36:74:ec:6f:7f:32:
         bb:02:42:26:51:93:d9:09:20:16:86:30:e7:de:3f:20:b2:1c:
         2d:e8:10:5a:be:d0:82:6d:d4:23:11:a3:eb:6d:5d:64:6a:9d:
         2e:4c:88:46:9a:96:a8:31:ad:f0:ae:cd:d0:84:17:85:2b:c8:
         8a:3a:41:be:45:73:5d:f7:7e:19:dd:92:0a:81:d6:10:14:f6:
         63:f7:3c:3f:79:40:29:45:ce:b3:c3:5a:d1:25:48:66:ef:26:
         c3:2d:88:46:4a:a9:84:ab:04:18:30:68:57:3a:8d:d1:7d:c5:
         7d:6d:c2:f1:37:81:de:91:c7:cb:de:e0:2a:c9:98:d6:a3:a8:
         17:05:bf:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEFA4SjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDYw
OTEyMjQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBjYzg3NDAwOWYw
ZDc2NGFhNzg3ZDI2OGMwM2IxZmE1OGMxZjlkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOV+sQ9RuEASlCWlJUHctMPa6gsMEwjmDCyVTGTTzH1aSXN
rUgGV2AHwsmTnQWl6YsPj+nMx4kHj0C0CQs/BXbemPPQhmpC1wM+mQJcn4JhBiLw
sPbxHae5qJWFbFVFdr8+7n1Ho/NEMyvuWd80RBCaBhAPH0uaeTArZW34Ij9P2gZ/
EWEQz4c78awogND2HsqTUL/4/mI9BAX/cFa0wJQUXx7gVB3xVObtZn843tDd6xXZ
kGM5prqz/M2PaJ5VKJZUvSgHFzo/lW04/3aHp3wmaP3ivPGDFwTbO2Xs+LDxkBeH
cKnzYZMMgTs+i27wi2+HLMNdShuO8P4VcY8l8R0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQgzIdACfDXZKp4fSaMA7H6WMH51zAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0lNeUhRQW53MTJTcWVIMG1qQU94LWxqQi1kYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD5M6zANBgkqhkiG9w0BAQsFAAOC
AQEAfnkiCVsGDcEYiAj8sU0WEcpyW0f8tmKQ1Gqk4z1eFVFLKCgiaR2tOWc7Zd70
05y+1eZDWCLqZLVQrYTDZwrSSTQxlxYsJsfQbH94YdRMbGbVpX2K2KdmBKCG/wSd
iclPEMYyNUFTPI3YH+i4e/YOflQjXefgTcRbNnTsb38yuwJCJlGT2QkgFoYw594/
ILIcLegQWr7Qgm3UIxGj621dZGqdLkyIRpqWqDGt8K7N0IQXhSvIijpBvkVzXfd+
Gd2SCoHWEBT2Y/c8P3lAKUXOs8Na0SVIZu8mwy2IRkqphKsEGDBoVzqN0X3FfW3C
8TeB3pHHy97gKsmY1qOoFwW/8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org