Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9PYRL5jCo-j2MOC9V7tmooP2aL0.roa
File:                     9PYRL5jCo-j2MOC9V7tmooP2aL0.roa (raw, json)
Hash identifier:          l6o9vh51gtwqGpNCgOZYS/zFyhavnT5rOae4FSJNkYc=
Subject key identifier:   F4:F6:11:2F:98:C2:A3:E8:F6:30:E0:BD:57:BB:66:A2:83:F6:68:BD
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0183C5DFBC4375BB792EBBE7FF1E379B8D55
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9PYRL5jCo-j2MOC9V7tmooP2aL0.roa
Signing time:             Tue 11 Oct 2022 07:08:37 +0000
ROA not before:           Tue 11 Oct 2022 07:08:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        79.110.50.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c5:df:bc:43:75:bb:79:2e:bb:e7:ff:1e:37:9b:8d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct 11 07:08:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4f6112f98c2a3e8f630e0bd57bb66a283f668bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0c:64:c9:69:7b:23:e4:18:63:0d:90:32:86:
                    d6:27:5e:f7:23:58:f7:ca:51:f9:f3:4e:1f:3d:c4:
                    cb:a1:24:0c:2b:df:08:a3:46:93:3b:79:8f:e7:50:
                    7d:bc:8e:20:ed:fd:1f:d2:be:e6:3b:77:9e:11:60:
                    eb:fa:90:72:01:16:d5:a4:65:8a:9b:17:9b:68:b3:
                    22:60:24:09:5f:f2:b8:50:26:49:7b:3e:45:2c:62:
                    5b:2c:64:c4:be:7b:80:af:d6:9c:73:31:b5:48:1c:
                    45:c7:cc:b2:ae:7e:b6:ce:b0:2a:b5:1b:54:9d:15:
                    1b:45:36:f8:4c:ba:fb:4c:d1:76:63:29:5e:cb:d1:
                    a6:76:b5:3d:2a:e6:f1:c1:fd:de:da:09:da:73:bd:
                    71:70:68:0f:39:a7:45:c7:67:d0:ab:20:e0:1a:d9:
                    0c:f5:11:e1:da:61:52:fb:1a:6f:ba:f3:59:4d:58:
                    cf:ec:dd:ab:3c:9c:ca:73:f6:65:30:03:aa:45:5e:
                    c4:c7:ec:06:5b:56:16:fa:1e:0c:01:b7:78:17:85:
                    09:59:8d:07:0a:b6:a4:46:e0:bf:06:f7:51:4e:87:
                    fe:4d:29:02:ea:cb:3c:90:30:b3:86:73:bc:bb:9f:
                    f6:96:69:f9:78:ef:d8:8b:e8:a4:9a:e2:cd:da:4f:
                    99:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:F6:11:2F:98:C2:A3:E8:F6:30:E0:BD:57:BB:66:A2:83:F6:68:BD
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9PYRL5jCo-j2MOC9V7tmooP2aL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.110.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:43:b8:8b:a4:4a:2b:87:18:1f:25:09:05:6d:f0:84:89:02:
         c6:81:76:0d:01:b8:a9:dd:c0:32:97:08:6b:0c:81:55:2b:bd:
         e1:d9:c3:a8:31:b7:f6:3d:7d:34:32:fd:79:d3:6a:64:19:dd:
         67:cf:47:b8:db:c3:2d:54:12:73:38:2d:e6:6b:42:8d:ca:b8:
         11:dd:71:76:a5:7f:11:72:17:17:52:0f:36:9d:b5:7c:0c:05:
         51:04:12:f3:e7:89:fd:a2:d8:58:4d:20:06:65:9e:e6:cc:25:
         9e:e3:30:8b:0f:04:c4:58:ce:0f:56:df:b5:4b:4d:60:6b:d4:
         46:44:73:b6:1b:89:52:8c:bd:9d:a5:32:c5:b6:e7:5b:09:a6:
         fb:6d:03:fd:9d:36:f8:49:1c:21:ac:60:e4:65:74:7d:57:99:
         4e:02:ec:9b:e0:74:46:2a:1e:aa:38:7f:8b:40:5a:1f:9f:17:
         b7:65:bd:aa:76:83:7f:3e:f3:09:99:b2:35:8b:2b:d6:90:6f:
         8b:3f:67:89:66:cd:a9:34:00:40:5a:54:ed:dd:f4:0a:49:5d:
         69:d3:17:d8:18:70:6e:18:1e:5f:7a:74:ce:32:eb:64:03:37:
         65:cf:ba:68:2d:f6:98:a3:56:62:1e:34:a8:de:3d:52:7e:27:
         be:32:40:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPF37xDdbt5Lrvn/x43m41VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDExMDcwODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY2MTEyZjk4YzJhM2U4ZjYzMGUwYmQ1N2JiNjZhMjgzZjY2OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwxkyWl7I+QYYw2QMobWJ173I1j3
ylH5804fPcTLoSQMK98Io0aTO3mP51B9vI4g7f0f0r7mO3eeEWDr+pByARbVpGWK
mxebaLMiYCQJX/K4UCZJez5FLGJbLGTEvnuAr9acczG1SBxFx8yyrn62zrAqtRtU
nRUbRTb4TLr7TNF2Yyley9GmdrU9Kubxwf3e2gnac71xcGgPOadFx2fQqyDgGtkM
9RHh2mFS+xpvuvNZTVjP7N2rPJzKc/ZlMAOqRV7Ex+wGW1YW+h4MAbd4F4UJWY0H
CrakRuC/BvdRTof+TSkC6ss8kDCzhnO8u5/2lmn5eO/Yi+ikmuLN2k+ZywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPT2ES+YwqPo9jDgvVe7ZqKD9mi9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOVBZUkw1akNvLWoyTU9DOVY3dG1vb1AyYUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT24yMA0G
CSqGSIb3DQEBCwUAA4IBAQChQ7iLpEorhxgfJQkFbfCEiQLGgXYNAbip3cAylwhr
DIFVK73h2cOoMbf2PX00Mv1502pkGd1nz0e428MtVBJzOC3ma0KNyrgR3XF2pX8R
chcXUg82nbV8DAVRBBLz54n9othYTSAGZZ7mzCWe4zCLDwTEWM4PVt+1S01ga9RG
RHO2G4lSjL2dpTLFtudbCab7bQP9nTb4SRwhrGDkZXR9V5lOAuyb4HRGKh6qOH+L
QFofnxe3Zb2qdoN/PvMJmbI1iyvWkG+LP2eJZs2pNABAWlTt3fQKSV1p0xfYGHBu
GB5fenTOMutkAzdlz7poLfaYo1ZiHjSo3j1Sfie+MkDu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org