Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/m59uTHE9DKxqv7LcB8NWkD9UHXw.roa
File:                     m59uTHE9DKxqv7LcB8NWkD9UHXw.roa (raw, json)
Hash identifier:          XtLjl12z7vlGbHXMnP8ZifwORZFv78zqhCWl4lUzsT0=
Subject key identifier:   9B:9F:6E:4C:71:3D:0C:AC:6A:BF:B2:DC:07:C3:56:90:3F:54:1D:7C
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01840B1E6C9EA93F3A226ABFBA44B205219A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/m59uTHE9DKxqv7LcB8NWkD9UHXw.roa
Signing time:             Mon 24 Oct 2022 17:50:53 +0000
ROA not before:           Mon 24 Oct 2022 17:50:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58202
IP address blocks:        62.60.156.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0b:1e:6c:9e:a9:3f:3a:22:6a:bf:ba:44:b2:05:21:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Oct 24 17:50:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b9f6e4c713d0cac6abfb2dc07c356903f541d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2a:6f:20:78:c6:87:9d:61:3e:38:d3:67:1e:
                    70:36:26:c2:7c:f3:34:41:55:c2:3f:0b:44:1e:00:
                    d5:13:b4:6b:89:65:33:b0:e8:63:42:5a:b5:72:04:
                    1f:e6:3f:22:50:2d:41:04:c0:fc:26:25:36:74:f3:
                    42:9c:7b:5a:ab:da:4d:30:a6:dd:a8:ab:d5:07:74:
                    34:d8:cb:0b:66:a0:ad:66:f6:88:02:ac:e5:e4:a7:
                    0e:0c:f7:3b:df:d0:7c:28:e4:cf:65:11:bf:3c:17:
                    84:ac:ba:ee:22:e4:fa:9b:f4:80:69:59:c9:71:14:
                    d1:35:73:9c:15:dc:f1:25:35:25:6d:de:61:fa:5e:
                    7f:3f:aa:92:b5:29:46:b5:46:fe:d7:fd:cc:96:aa:
                    c4:92:fd:35:68:8b:2f:92:0b:90:31:b9:25:3b:1b:
                    0b:60:cd:e0:35:ae:ce:6f:ed:d3:2b:2c:88:74:45:
                    f8:14:e6:39:38:e0:bb:9a:4c:7c:ba:aa:ea:f0:85:
                    c6:ee:20:52:aa:1c:d1:b5:0e:9e:ac:e7:d1:96:74:
                    37:05:16:e1:9a:0e:14:56:6f:db:61:e8:92:e6:67:
                    93:4c:f3:6f:2b:17:a9:da:58:70:fc:e8:19:ef:4f:
                    95:57:85:e5:a3:54:8e:04:f2:46:1c:3d:e4:78:d1:
                    5e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9F:6E:4C:71:3D:0C:AC:6A:BF:B2:DC:07:C3:56:90:3F:54:1D:7C
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/m59uTHE9DKxqv7LcB8NWkD9UHXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:50:e9:9c:3a:ef:e5:82:ab:aa:c4:27:fa:5b:97:62:18:5d:
         a1:d8:18:3c:41:51:42:33:be:86:05:ed:80:93:8a:f7:49:76:
         48:2c:66:53:1d:2f:aa:c6:65:fa:95:9c:40:94:cb:4b:16:7d:
         22:66:f1:b7:66:71:a0:28:84:38:27:0c:40:32:2e:64:29:5f:
         5b:80:68:66:21:11:2e:ca:0b:0a:b9:4b:b3:1c:25:c5:82:f6:
         f3:4b:df:43:d0:af:cd:ec:46:b6:87:80:a3:76:06:c7:f3:72:
         9b:53:f2:b0:34:22:19:b0:f3:3b:7c:ff:2c:e4:50:ba:70:27:
         b2:36:37:17:af:24:10:f9:d1:96:25:a3:4e:38:ae:a1:00:51:
         99:1f:51:82:16:31:ff:67:44:7d:f7:dd:86:50:41:f6:aa:62:
         b5:91:25:eb:ee:1b:05:f4:01:48:d6:d2:2c:80:6d:ca:05:4a:
         43:76:39:e4:cd:79:f4:26:e6:3d:38:b5:61:35:30:2f:86:ef:
         7f:8e:bc:5d:72:a6:fc:d7:62:48:81:77:11:1c:8b:90:10:29:
         70:6b:bb:bf:df:77:73:19:a3:74:0b:f6:38:51:46:b8:57:ea:
         1d:e8:5a:b0:72:20:05:8d:20:3c:65:0c:4c:aa:5f:0b:d1:37:
         01:d3:88:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQLHmyeqT86Imq/ukSyBSGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMDI0MTc1MDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjlmNmU0YzcxM2QwY2FjNmFiZmIyZGMwN2MzNTY5MDNmNTQxZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSpvIHjGh51hPjjTZx5wNibCfPM0
QVXCPwtEHgDVE7RriWUzsOhjQlq1cgQf5j8iUC1BBMD8JiU2dPNCnHtaq9pNMKbd
qKvVB3Q02MsLZqCtZvaIAqzl5KcODPc739B8KOTPZRG/PBeErLruIuT6m/SAaVnJ
cRTRNXOcFdzxJTUlbd5h+l5/P6qStSlGtUb+1/3MlqrEkv01aIsvkguQMbklOxsL
YM3gNa7Ob+3TKyyIdEX4FOY5OOC7mkx8uqrq8IXG7iBSqhzRtQ6erOfRlnQ3BRbh
mg4UVm/bYeiS5meTTPNvKxep2lhw/OgZ70+VV4Xlo1SOBPJGHD3keNFelQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJufbkxxPQysar+y3AfDVpA/VB18MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvbTU5dVRIRTlES3hxdjdMY0I4TldrRDlVSFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPjycMA0G
CSqGSIb3DQEBCwUAA4IBAQB0UOmcOu/lgquqxCf6W5diGF2h2Bg8QVFCM76GBe2A
k4r3SXZILGZTHS+qxmX6lZxAlMtLFn0iZvG3ZnGgKIQ4JwxAMi5kKV9bgGhmIREu
ygsKuUuzHCXFgvbzS99D0K/N7Ea2h4CjdgbH83KbU/KwNCIZsPM7fP8s5FC6cCey
NjcXryQQ+dGWJaNOOK6hAFGZH1GCFjH/Z0R9992GUEH2qmK1kSXr7hsF9AFI1tIs
gG3KBUpDdjnkzXn0JuY9OLVhNTAvhu9/jrxdcqb812JIgXcRHIuQEClwa7u/33dz
GaN0C/Y4UUa4V+od6FqwciAFjSA8ZQxMql8L0TcB04gY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org