Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/kvCZlv2AhTQIBLfT08CIQwqqcE8.roa
File:                     kvCZlv2AhTQIBLfT08CIQwqqcE8.roa (raw, json)
Hash identifier:          QT8bYGfJZc837bfj6u/9YaBegJ+WDsmSjx07RkM2z/Y=
Subject key identifier:   92:F0:99:96:FD:80:85:34:08:04:B7:D3:D3:C0:88:43:0A:AA:70:4F
Certificate issuer:       /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial:       01849A4F9038EC7E1CCDA3A84E2353EE0EF0
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/kvCZlv2AhTQIBLfT08CIQwqqcE8.roa
Signing time:             Mon 21 Nov 2022 13:10:16 +0000
ROA not before:           Mon 21 Nov 2022 13:10:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41164
IP address blocks:        62.73.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9a:4f:90:38:ec:7e:1c:cd:a3:a8:4e:23:53:ee:0e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
        Validity
            Not Before: Nov 21 13:10:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92f09996fd8085340804b7d3d3c088430aaa704f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:23:ab:bd:dd:28:c9:8e:e9:5a:53:d9:6b:87:
                    ee:94:e9:1f:75:ad:0f:5b:b1:c4:c8:c0:30:f0:b8:
                    92:2f:d4:25:2d:35:80:5e:5e:fb:d7:d6:8d:48:49:
                    a8:2d:47:3d:b4:09:ec:ea:8d:96:4d:42:09:e4:b1:
                    89:1e:f6:ff:a1:74:16:c8:36:fb:8b:14:53:d6:c2:
                    28:0c:c8:36:7e:77:51:71:cd:d2:46:72:91:e8:ba:
                    92:26:97:85:c0:3b:9a:cc:61:69:1b:a9:52:a4:92:
                    4f:20:68:fa:98:bc:23:32:87:e6:22:cd:94:76:dc:
                    2c:b4:0f:9a:29:6f:06:28:09:cd:4a:64:e6:80:33:
                    7e:5a:78:79:90:f3:62:83:8f:3a:64:43:02:bc:58:
                    33:81:42:af:36:60:f7:c5:28:e7:ff:be:c7:d7:76:
                    64:d8:3f:89:ed:71:9f:6c:f4:c8:05:b6:ea:75:39:
                    9e:c7:91:53:ff:86:d6:79:38:29:86:3b:7c:b7:49:
                    ad:c3:af:12:e4:c0:83:1a:a0:23:49:95:2f:69:d7:
                    0a:72:54:9d:b4:64:27:e7:9a:fe:d1:32:30:56:40:
                    63:48:14:84:10:e0:c5:b3:c1:d0:66:03:73:0d:06:
                    33:66:ea:26:99:02:6b:ba:8e:03:8d:87:ea:8b:ef:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:F0:99:96:FD:80:85:34:08:04:B7:D3:D3:C0:88:43:0A:AA:70:4F
            X509v3 Authority Key Identifier:
                keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/kvCZlv2AhTQIBLfT08CIQwqqcE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.73.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:5f:26:d0:e4:cf:31:df:ee:ca:6d:d5:9f:8c:eb:19:6d:a7:
         a1:3a:13:36:c1:f3:dc:c0:92:39:ae:17:f2:f8:24:a5:e1:2b:
         2a:e3:15:2b:7a:63:1d:15:20:94:95:05:66:1d:8a:7e:f8:00:
         2d:51:5c:cb:37:b9:ba:9d:f4:fc:0c:27:16:e1:bd:ab:27:57:
         32:fc:b7:3e:47:17:f5:7b:e8:c3:9a:37:12:31:e8:8f:c9:73:
         99:25:35:80:3e:a2:e5:3d:9c:cd:dd:ee:ec:e9:6b:10:f9:38:
         3d:68:1a:08:98:84:b1:1c:fb:4a:f3:0c:63:64:0c:b1:60:61:
         46:f9:d5:72:3a:e5:6b:26:d0:d9:b4:72:28:cd:9c:09:8a:da:
         d0:42:00:cc:eb:11:43:5e:82:2c:c4:76:0d:2f:1d:13:53:0d:
         c8:50:f8:87:7d:fc:1b:34:50:14:48:ec:d1:81:0c:7e:c2:f5:
         3f:8e:20:ed:ef:1b:79:47:67:95:06:81:f3:3b:28:bb:a4:23:
         ae:a1:85:7e:37:0a:b7:3e:0d:30:37:c0:6c:89:10:90:9a:2e:
         48:f0:96:23:ae:90:f1:bb:21:a0:3d:0a:2f:b3:c3:dd:b5:bc:
         db:08:5a:3b:4f:fa:d6:60:09:14:ee:e0:f7:9a:4e:0d:c8:5f:
         cf:15:3b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSaT5A47H4czaOoTiNT7g7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjIxMTIxMTMxMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmYwOTk5NmZkODA4NTM0MDgwNGI3ZDNkM2MwODg0MzBhYWE3MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCOrvd0oyY7pWlPZa4fulOkfda0P
W7HEyMAw8LiSL9QlLTWAXl7719aNSEmoLUc9tAns6o2WTUIJ5LGJHvb/oXQWyDb7
ixRT1sIoDMg2fndRcc3SRnKR6LqSJpeFwDuazGFpG6lSpJJPIGj6mLwjMofmIs2U
dtwstA+aKW8GKAnNSmTmgDN+Wnh5kPNig486ZEMCvFgzgUKvNmD3xSjn/77H13Zk
2D+J7XGfbPTIBbbqdTmex5FT/4bWeTgphjt8t0mtw68S5MCDGqAjSZUvadcKclSd
tGQn55r+0TIwVkBjSBSEEODFs8HQZgNzDQYzZuommQJruo4DjYfqi+8fAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLwmZb9gIU0CAS309PAiEMKqnBPMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEva3ZDWmx2MkFoVFFJQkxmVDA4Q0lRd3FxY0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkn8MA0G
CSqGSIb3DQEBCwUAA4IBAQBYXybQ5M8x3+7KbdWfjOsZbaehOhM2wfPcwJI5rhfy
+CSl4Ssq4xUremMdFSCUlQVmHYp++AAtUVzLN7m6nfT8DCcW4b2rJ1cy/Lc+Rxf1
e+jDmjcSMeiPyXOZJTWAPqLlPZzN3e7s6WsQ+Tg9aBoImISxHPtK8wxjZAyxYGFG
+dVyOuVrJtDZtHIozZwJitrQQgDM6xFDXoIsxHYNLx0TUw3IUPiHffwbNFAUSOzR
gQx+wvU/jiDt7xt5R2eVBoHzOyi7pCOuoYV+Nwq3Pg0wN8BsiRCQmi5I8JYjrpDx
uyGgPQovs8PdtbzbCFo7T/rWYAkU7uD3mk4NyF/PFTtw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:36 2024 by rpki-client on console-ams.rpki-client.org