Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/5yIQYjhRv5D9fX4sOLklPjk-y5Q.roa
File:                     5yIQYjhRv5D9fX4sOLklPjk-y5Q.roa (raw, json)
Hash identifier:          Fjv+k4SB0Ww04w2vluPMMuVaG7mxAOuzCegkKSMjGVU=
Subject key identifier:   E7:22:10:62:38:51:BF:90:FD:7D:7E:2C:38:B9:25:3E:39:3E:CB:94
Certificate issuer:       /CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
Certificate serial:       17E90C23
Authority key identifier: 78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/5yIQYjhRv5D9fX4sOLklPjk-y5Q.roa
Signing time:             Sat 01 Jan 2022 09:56:13 +0000
ROA not before:           Sat 01 Jan 2022 09:56:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50242
IP address blocks:        109.236.112.0/20 maxlen: 24
                          2a02:6ca3::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401148963 (0x17e90c23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
        Validity
            Not Before: Jan  1 09:56:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e72210623851bf90fd7d7e2c38b9253e393ecb94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:73:5c:97:b8:c8:fd:e4:25:b8:37:5b:5d:17:
                    de:0e:a2:13:cf:a3:28:5b:e8:52:28:86:18:38:c4:
                    ea:2f:f3:95:ed:50:87:96:2f:15:38:21:0c:8c:eb:
                    98:c7:30:d9:32:35:30:2f:81:8d:e0:76:7b:df:67:
                    d0:57:21:bf:e9:3b:47:ff:69:c2:cf:11:83:15:a8:
                    17:0a:e7:4a:21:5c:82:97:e4:af:17:4c:36:4c:45:
                    5e:c6:32:bf:96:58:19:df:3c:57:07:8b:ae:be:3d:
                    23:13:8c:f3:fa:a6:df:29:d2:d5:12:2f:80:85:db:
                    1a:05:9f:5b:48:ba:94:b1:f3:b3:14:4c:22:00:6e:
                    79:d2:11:95:9c:3e:3e:34:79:8b:45:ed:56:7c:09:
                    ef:29:1e:57:24:3b:e4:55:ce:d9:14:97:6e:cc:92:
                    d9:77:74:32:f4:82:0e:ff:cd:87:4c:d9:eb:09:70:
                    2e:df:f4:1d:10:ff:6f:b8:c6:26:c0:b7:5f:04:38:
                    b3:da:ea:2b:7e:5a:ce:8a:34:0b:7f:c3:47:9a:8a:
                    af:39:3c:1f:d3:22:32:37:a3:72:05:1f:ca:1e:46:
                    2b:09:bd:ca:97:c4:d4:93:b1:8d:85:21:6c:f9:d2:
                    80:75:40:dd:90:04:36:f4:73:fb:ef:bf:ba:e6:43:
                    e0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:22:10:62:38:51:BF:90:FD:7D:7E:2C:38:B9:25:3E:39:3E:CB:94
            X509v3 Authority Key Identifier:
                keyid:78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/5yIQYjhRv5D9fX4sOLklPjk-y5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/eLBPuvqja3H8027KULX-DojdNVE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.236.112.0/20
                IPv6:
                  2a02:6ca3::/32

    Signature Algorithm: sha256WithRSAEncryption
         71:d4:e0:17:e9:27:1c:02:65:54:33:dd:65:19:97:47:3b:a6:
         fa:35:b8:cd:e4:ed:9e:21:44:23:ab:7d:d7:a2:d0:cd:04:99:
         e8:aa:4f:97:51:d0:cb:31:e5:fc:43:35:4f:c6:71:30:00:26:
         f4:22:66:71:cf:5b:a7:46:35:8e:ec:82:69:7a:79:1d:b3:f3:
         17:8e:75:6e:2e:16:48:73:1d:07:76:d1:b9:94:20:5f:3f:3e:
         99:ae:48:bc:e7:15:9a:b6:d7:8e:fe:c2:22:cc:17:da:2c:32:
         2c:e8:e4:70:c7:f4:8a:5d:7c:65:f4:97:95:6e:04:41:78:32:
         66:03:c0:70:82:9a:62:b0:58:89:2c:5e:2f:49:7f:d0:ed:ae:
         32:3f:fa:0c:56:63:f8:82:4d:d9:45:bb:55:a1:94:f0:fa:d2:
         f3:92:70:a4:8f:80:89:12:c6:76:dc:a8:9f:5c:45:8b:33:4c:
         8c:25:6c:1c:9a:ec:f3:b0:29:5e:f6:9a:8d:fb:f3:e6:d9:92:
         22:32:c0:64:08:b7:60:77:fb:02:fa:d5:1a:77:94:04:49:55:
         63:2a:47:87:58:b8:c1:dd:de:9a:7f:7d:12:f2:f2:19:1a:a7:
         cb:eb:c7:1b:00:a1:e9:18:be:f9:32:a8:96:27:64:6e:d0:be:
         31:bc:74:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEF+kMIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGIwNGZiYWZhYTM2YjcxZmNkMzZlY2E1MGI1ZmUwZTg4ZGQzNTUxMB4XDTIyMDEw
MTA5NTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTcyMjEwNjIzODUx
YmY5MGZkN2Q3ZTJjMzhiOTI1M2UzOTNlY2I5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNzXJe4yP3kJbg3W10X3g6iE8+jKFvoUiiGGDjE6i/zle1Q
h5YvFTghDIzrmMcw2TI1MC+BjeB2e99n0Fchv+k7R/9pws8RgxWoFwrnSiFcgpfk
rxdMNkxFXsYyv5ZYGd88VweLrr49IxOM8/qm3ynS1RIvgIXbGgWfW0i6lLHzsxRM
IgBuedIRlZw+PjR5i0XtVnwJ7ykeVyQ75FXO2RSXbsyS2Xd0MvSCDv/Nh0zZ6wlw
Lt/0HRD/b7jGJsC3XwQ4s9rqK35azoo0C3/DR5qKrzk8H9MiMjejcgUfyh5GKwm9
ypfE1JOxjYUhbPnSgHVA3ZAENvRz+++/uuZD4DcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTnIhBiOFG/kP19fiw4uSU+OT7LlDAfBgNVHSMEGDAWgBR4sE+6+qNrcfzT
bspQtf4OiN01UTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VMQlB1dnFqYTNIODAyN0tVTFgtRG9qZE5WRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYzQxYzc0LTBiODItNDBlNy1hMGJmLTBhYWUxY2NkODc0Yi8x
LzV5SVFZamhSdjVEOWZYNHNPTGtsUGprLXk1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YzQxYzc0LTBiODItNDBlNy1hMGJmLTBhYWUxY2NkODc0Yi8xL2VMQlB1dnFqYTNI
ODAyN0tVTFgtRG9qZE5WRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBG3scDANBAIAAjAHAwUAKgJsozAN
BgkqhkiG9w0BAQsFAAOCAQEAcdTgF+knHAJlVDPdZRmXRzum+jW4zeTtniFEI6t9
16LQzQSZ6KpPl1HQyzHl/EM1T8ZxMAAm9CJmcc9bp0Y1juyCaXp5HbPzF451bi4W
SHMdB3bRuZQgXz8+ma5IvOcVmrbXjv7CIswX2iwyLOjkcMf0il18ZfSXlW4EQXgy
ZgPAcIKaYrBYiSxeL0l/0O2uMj/6DFZj+IJN2UW7VaGU8PrS85JwpI+AiRLGdtyo
n1xFizNMjCVsHJrs87ApXvaajfvz5tmSIjLAZAi3YHf7AvrVGneUBElVYypHh1i4
wd3emn99EvLyGRqny+vHGwCh6Ri++TKolidkbtC+Mbx0fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org