Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/IZMcgX_ev1QXacmJZ7vtf0gk3Fo.roa
File:                     IZMcgX_ev1QXacmJZ7vtf0gk3Fo.roa (raw, json)
Hash identifier:          qmh3xUu8DbnIdsOGO3iSJsU8HVHZif2is77A26L1oss=
Subject key identifier:   21:93:1C:81:7F:DE:BF:54:17:69:C9:89:67:BB:ED:7F:48:24:DC:5A
Certificate issuer:       /CN=71602627679a4980b70d8ade578f14192fafeb95
Certificate serial:       061278F9
Authority key identifier: 71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/IZMcgX_ev1QXacmJZ7vtf0gk3Fo.roa
Signing time:             Sat 01 Jan 2022 04:53:13 +0000
ROA not before:           Sat 01 Jan 2022 04:53:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42352
IP address blocks:        2a07:76c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101873913 (0x61278f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71602627679a4980b70d8ade578f14192fafeb95
        Validity
            Not Before: Jan  1 04:53:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=21931c817fdebf541769c98967bbed7f4824dc5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ad:a1:2c:26:91:28:11:a4:41:56:db:16:d6:
                    72:fa:3e:f0:b6:1b:a7:b2:e1:27:a9:93:35:ba:08:
                    9d:82:88:84:10:99:5c:94:05:92:42:b4:82:71:92:
                    fe:43:83:56:ca:d2:27:8c:33:4f:f5:13:da:63:f5:
                    0a:0e:98:e8:30:b4:47:70:83:ef:c4:55:18:40:4b:
                    18:d0:07:c8:6a:98:14:64:f9:7e:e3:78:d5:86:e2:
                    b1:8c:d8:5d:ba:37:7c:3c:b0:13:2a:fc:e5:de:e6:
                    ab:52:74:f7:7e:f4:47:48:19:7a:65:cb:de:82:3a:
                    ee:62:34:63:07:33:44:1f:b6:6a:37:fd:f5:ad:f6:
                    e0:bd:cf:51:a7:5f:90:06:d1:3a:0f:bf:db:33:d9:
                    57:42:01:e3:7f:39:e9:83:44:b5:d6:29:55:b9:20:
                    be:36:18:fc:78:56:80:7e:8f:ca:34:b4:f0:79:cf:
                    5e:b1:10:f3:b5:6b:3b:01:81:e9:65:fd:c8:4b:f0:
                    1b:25:60:be:6e:54:f0:61:88:49:68:cc:ae:e6:00:
                    a3:bb:b6:1a:62:f2:fd:f4:e5:32:7d:b8:70:e5:d2:
                    84:12:90:92:b1:fd:e6:40:fb:4d:ba:fb:80:ad:50:
                    6d:e7:3f:ba:3c:be:40:a4:c2:b3:c6:9a:c5:97:01:
                    92:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:93:1C:81:7F:DE:BF:54:17:69:C9:89:67:BB:ED:7F:48:24:DC:5A
            X509v3 Authority Key Identifier:
                keyid:71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/IZMcgX_ev1QXacmJZ7vtf0gk3Fo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:76c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:93:99:d1:4b:e9:8d:db:65:c7:96:99:20:ef:ad:f1:7a:ac:
         46:78:ed:fd:6d:2d:2b:01:84:e7:7d:12:5f:de:98:20:86:eb:
         39:03:d7:7c:ef:52:fa:fc:65:f5:1b:d8:a7:10:44:e6:e0:f0:
         3e:de:06:49:d8:ac:06:5d:05:35:b8:28:a1:05:bc:d1:01:3d:
         2e:46:30:a3:06:18:92:f9:c8:b0:d1:73:be:5d:5f:cf:6d:7b:
         ce:e0:3f:a7:62:f2:98:2e:56:ee:a2:00:00:43:2f:91:f0:f1:
         50:c0:f7:ac:8e:bd:d7:f5:82:3b:81:46:f8:8c:52:f0:1b:a2:
         5b:7b:32:80:41:42:c0:0f:d1:f2:a5:da:ae:1b:eb:91:b2:a9:
         5a:7d:8e:e8:6a:38:15:3c:6b:43:cb:0c:0b:3f:68:ae:9c:4d:
         7b:66:75:f4:79:80:2f:e9:fb:70:58:0f:f9:79:cd:b3:cb:de:
         ca:d8:e4:34:e1:8c:10:7a:18:a0:79:e3:23:4a:07:40:3c:0c:
         3c:fe:6b:bf:45:44:b0:48:7a:ed:f9:e6:70:a3:e7:9d:c1:ea:
         55:b6:5e:a4:88:a6:44:60:7e:cf:74:43:f5:34:e4:85:d9:ed:
         b4:ec:72:e4:2c:06:14:ac:71:bf:d3:62:53:28:ff:f8:85:9f:
         40:d8:33:a0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBhJ4+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTYwMjYyNzY3OWE0OTgwYjcwZDhhZGU1NzhmMTQxOTJmYWZlYjk1MB4XDTIyMDEw
MTA0NTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE5MzFjODE3ZmRl
YmY1NDE3NjljOTg5NjdiYmVkN2Y0ODI0ZGM1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOtoSwmkSgRpEFW2xbWcvo+8LYbp7LhJ6mTNboInYKIhBCZ
XJQFkkK0gnGS/kODVsrSJ4wzT/UT2mP1Cg6Y6DC0R3CD78RVGEBLGNAHyGqYFGT5
fuN41YbisYzYXbo3fDywEyr85d7mq1J09370R0gZemXL3oI67mI0YwczRB+2ajf9
9a324L3PUadfkAbROg+/2zPZV0IB43856YNEtdYpVbkgvjYY/HhWgH6PyjS08HnP
XrEQ87VrOwGB6WX9yEvwGyVgvm5U8GGISWjMruYAo7u2GmLy/fTlMn24cOXShBKQ
krH95kD7Tbr7gK1Qbec/ujy+QKTCs8aaxZcBkqcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQhkxyBf96/VBdpyYlnu+1/SCTcWjAfBgNVHSMEGDAWgBRxYCYnZ5pJgLcN
it5XjxQZL6/rlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NXQW1KMmVhU1lDM0RZcmVWNDhVR1MtdjY1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMjZiNGUyLWNhYTAtNDhhMy04MTE3LTdkNTkzMDMzZDAwNS8x
L0laTWNnWF9ldjFRWGFjbUpaN3Z0ZjBnazNGby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MjZiNGUyLWNhYTAtNDhhMy04MTE3LTdkNTkzMDMzZDAwNS8xL2NXQW1KMmVhU1lD
M0RZcmVWNDhVR1MtdjY1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoHdsAAATANBgkqhkiG9w0BAQsF
AAOCAQEAkZOZ0Uvpjdtlx5aZIO+t8XqsRnjt/W0tKwGE530SX96YIIbrOQPXfO9S
+vxl9RvYpxBE5uDwPt4GSdisBl0FNbgooQW80QE9LkYwowYYkvnIsNFzvl1fz217
zuA/p2LymC5W7qIAAEMvkfDxUMD3rI691/WCO4FG+IxS8BuiW3sygEFCwA/R8qXa
rhvrkbKpWn2O6Go4FTxrQ8sMCz9orpxNe2Z19HmAL+n7cFgP+XnNs8veytjkNOGM
EHoYoHnjI0oHQDwMPP5rv0VEsEh67fnmcKPnncHqVbZepIimRGB+z3RD9TTkhdnt
tOxy5CwGFKxxv9NiUyj/+IWfQNgzoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:55 2024 by rpki-client on console-fra.rpki-client.org