Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/IeYTEh-N9zCk094uKtmU6vdWz4o.roa
File:                     IeYTEh-N9zCk094uKtmU6vdWz4o.roa (raw, json)
Hash identifier:          +Q6B+8re5PO/QkNoYqJBgNIhw8Bzt1P24mX/t9obv9c=
Subject key identifier:   21:E6:13:12:1F:8D:F7:30:A4:D3:DE:2E:2A:D9:94:EA:F7:56:CF:8A
Certificate issuer:       /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial:       08B9B426
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/IeYTEh-N9zCk094uKtmU6vdWz4o.roa
Signing time:             Sun 03 Apr 2022 21:08:58 +0000
ROA not before:           Sun 03 Apr 2022 21:08:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        82.115.219.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146388006 (0x8b9b426)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
        Validity
            Not Before: Apr  3 21:08:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=21e613121f8df730a4d3de2e2ad994eaf756cf8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:71:45:ab:8c:7a:1f:f0:c7:76:ab:c9:d7:0b:
                    5f:a7:b8:7d:1c:20:27:d1:09:cb:15:f0:91:ef:0e:
                    4b:20:31:ce:79:1f:4c:af:49:70:c9:5e:7f:b9:f1:
                    02:65:ca:f6:df:ec:60:2b:eb:87:36:28:ae:3a:5c:
                    ee:27:51:ba:88:33:a3:7a:b6:7c:e7:06:1c:5f:ca:
                    59:76:88:e8:88:95:99:10:94:f3:40:e4:88:88:3e:
                    09:90:36:1e:8c:98:59:1a:39:48:0f:ed:2a:49:86:
                    49:d3:95:1d:64:1f:ea:53:1f:d1:de:83:46:11:75:
                    2e:52:78:f0:45:bf:f8:9e:6d:a3:dc:c0:a9:ea:73:
                    f3:b6:db:38:a6:74:2d:b5:77:d9:ee:cb:94:5c:28:
                    5d:6a:04:a2:13:df:f2:6e:23:d2:63:61:ac:11:7e:
                    e1:7d:f1:25:45:1e:9d:62:59:94:33:90:b9:85:7f:
                    8a:8f:6c:54:5f:b4:ba:9e:90:86:6a:a4:30:2a:57:
                    8a:54:4b:15:70:53:d1:c3:4c:4b:f3:2c:b1:10:ec:
                    a7:43:d2:86:12:f1:5f:d7:1d:20:5b:4d:1d:54:09:
                    97:fd:be:f6:ce:20:4f:b8:29:8b:a3:df:80:7f:d3:
                    58:80:fc:5d:b2:3d:d3:0a:e0:3f:07:60:28:63:0b:
                    aa:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:E6:13:12:1F:8D:F7:30:A4:D3:DE:2E:2A:D9:94:EA:F7:56:CF:8A
            X509v3 Authority Key Identifier:
                keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/IeYTEh-N9zCk094uKtmU6vdWz4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:32:c2:c5:9c:06:c7:8b:16:ea:1a:60:11:1f:0a:5e:fb:e6:
         77:7c:fa:03:1e:bc:7a:b4:7c:2e:d5:0a:b6:96:6e:b9:03:22:
         90:7f:f7:d1:bc:8d:2d:32:2c:ea:ef:95:b2:a8:85:b9:a7:c5:
         3a:e4:50:ec:b5:f3:e0:fc:79:0c:52:69:aa:79:b7:d5:71:fb:
         17:05:fd:7d:71:de:95:a2:04:94:29:44:f2:04:3f:4a:e5:79:
         ba:c8:91:86:e2:de:1f:f4:1a:a6:33:e7:d6:d6:db:43:1a:a9:
         d6:a5:77:50:ca:32:9e:ad:7b:b7:58:68:7f:c4:29:64:8f:e8:
         b6:4f:c6:cc:da:86:2b:61:c9:b3:19:7d:8c:ec:54:67:23:8b:
         93:87:e9:16:b2:5c:d2:79:b8:da:5e:2f:f8:ae:e0:55:0e:df:
         f8:8c:ca:d7:72:35:10:6f:a4:05:12:8c:73:f4:71:b1:17:46:
         ad:af:9f:3c:08:36:09:36:9f:51:6c:5a:7f:dc:72:be:de:68:
         ff:11:e1:3b:39:d5:24:5e:78:51:2b:4d:fc:e9:7c:62:41:f2:
         f3:f5:e3:9b:95:23:05:53:fa:81:6f:68:5c:3a:73:dd:73:aa:
         dc:92:ed:97:f5:b1:1c:3a:9d:e5:90:49:81:c5:44:f1:c2:55:
         7e:5e:41:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECLm0JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjhjNjVlNjk5YjU3NmFiMTEzYTc5YmU4ODI4OTQ4ZjFlNmNjMjYwMB4XDTIyMDQw
MzIxMDg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFlNjEzMTIxZjhk
ZjczMGE0ZDNkZTJlMmFkOTk0ZWFmNzU2Y2Y4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhxRauMeh/wx3arydcLX6e4fRwgJ9EJyxXwke8OSyAxznkf
TK9JcMlef7nxAmXK9t/sYCvrhzYorjpc7idRuogzo3q2fOcGHF/KWXaI6IiVmRCU
80DkiIg+CZA2HoyYWRo5SA/tKkmGSdOVHWQf6lMf0d6DRhF1LlJ48EW/+J5to9zA
qepz87bbOKZ0LbV32e7LlFwoXWoEohPf8m4j0mNhrBF+4X3xJUUenWJZlDOQuYV/
io9sVF+0up6QhmqkMCpXilRLFXBT0cNMS/MssRDsp0PShhLxX9cdIFtNHVQJl/2+
9s4gT7gpi6PfgH/TWID8XbI90wrgPwdgKGMLqiMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQh5hMSH433MKTT3i4q2ZTq91bPijAfBgNVHSMEGDAWgBTGjGXmmbV2qxE6
eb6IKJSPHmzCYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hveGw1cG0xZHFzUk9ubS1pQ2lVang1c3dtQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvMzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8x
L0llWVRFaC1OOXpDazA5NHVLdG1VNnZkV3o0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
MzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8xL3hveGw1cG0xZHFz
Uk9ubS1pQ2lVang1c3dtQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJz2zANBgkqhkiG9w0BAQsFAAOC
AQEANjLCxZwGx4sW6hpgER8KXvvmd3z6Ax68erR8LtUKtpZuuQMikH/30byNLTIs
6u+VsqiFuafFOuRQ7LXz4Px5DFJpqnm31XH7FwX9fXHelaIElClE8gQ/SuV5usiR
huLeH/QapjPn1tbbQxqp1qV3UMoynq17t1hof8QpZI/otk/GzNqGK2HJsxl9jOxU
ZyOLk4fpFrJc0nm42l4v+K7gVQ7f+IzK13I1EG+kBRKMc/RxsRdGra+fPAg2CTaf
UWxaf9xyvt5o/xHhOznVJF54UStN/Ol8YkHy8/Xjm5UjBVP6gW9oXDpz3XOq3JLt
l/WxHDqd5ZBJgcVE8cJVfl5BDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:56 2024 by rpki-client on console-ams.rpki-client.org