Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/7B1gVlyDenIaIxazDheoFn9weIA.roa
File:                     7B1gVlyDenIaIxazDheoFn9weIA.roa (raw, json)
Hash identifier:          BczadZiy3z1uY7iX/9Dclgp4h5fBRaluJgguFtelSbc=
Subject key identifier:   EC:1D:60:56:5C:83:7A:72:1A:23:16:B3:0E:17:A8:16:7F:70:78:80
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       49188043
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/7B1gVlyDenIaIxazDheoFn9weIA.roa
Signing time:             Thu 03 Mar 2022 08:34:07 +0000
ROA not before:           Thu 03 Mar 2022 08:34:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44812
IP address blocks:        5.8.64.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1226342467 (0x49188043)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Mar  3 08:34:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec1d60565c837a721a2316b30e17a8167f707880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:44:d7:51:3d:ad:b0:be:b2:72:4f:fc:9c:c9:
                    c2:a8:fa:e3:fd:97:2c:8a:fd:22:7e:28:50:fc:2c:
                    b9:65:a1:2e:e2:ae:15:c2:3f:27:73:10:7a:ec:47:
                    a4:ce:37:61:0c:03:76:2c:6f:70:b8:cc:6e:c2:d6:
                    8a:0d:b6:71:6d:c5:08:32:a4:8c:4a:e2:e2:be:d2:
                    24:48:ec:c1:f3:3e:81:1a:54:3d:1f:f7:f9:db:05:
                    cd:d1:8d:55:37:bb:ea:e7:66:31:50:a4:dd:5c:a4:
                    92:71:b8:b5:d3:cb:12:21:35:33:ce:de:5a:6e:35:
                    a1:f1:8b:0d:12:78:da:a9:ed:ed:0f:11:6f:d1:ce:
                    c3:ac:0a:26:5d:f2:e5:56:5e:1c:01:d8:9a:25:87:
                    39:0d:9a:ee:86:c2:ce:1c:4b:78:69:c8:b1:4e:86:
                    5c:3d:5f:7f:ac:a3:b1:29:e6:c3:63:45:eb:9e:9a:
                    15:7d:79:f0:65:b5:e8:e2:9e:84:64:27:7c:f2:18:
                    31:1f:58:09:f8:13:d0:40:42:ed:bd:08:10:d5:c0:
                    44:12:c4:ed:f1:12:6b:0b:2a:37:8d:a4:41:3e:18:
                    0f:6c:be:18:53:9e:4a:1a:8e:34:de:d8:b8:1e:92:
                    d3:ef:4c:73:d9:6f:bd:6e:35:8f:c4:d6:62:29:cf:
                    fe:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:1D:60:56:5C:83:7A:72:1A:23:16:B3:0E:17:A8:16:7F:70:78:80
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/7B1gVlyDenIaIxazDheoFn9weIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:eb:c3:9e:77:18:4d:9b:8f:f8:94:3b:79:57:26:ac:9c:be:
         08:2c:11:83:28:0c:ea:3b:37:71:4d:d9:25:fd:82:ee:b0:af:
         1e:b3:13:7d:e9:9d:8e:0a:0f:f9:27:50:3a:46:f1:e9:30:01:
         c1:f1:15:c1:af:0b:ea:71:f0:44:a9:9c:ed:24:e4:0f:2b:45:
         f5:13:5f:b8:93:56:81:f5:f8:a9:ab:c6:fb:2e:40:3e:f5:ad:
         ea:46:64:96:d5:42:c9:80:cb:6e:29:6f:78:c6:00:7c:a3:d1:
         4d:df:c2:7c:ad:94:80:86:14:69:e1:90:c1:ad:13:32:70:2e:
         c7:58:61:03:92:3d:e8:24:91:04:1f:b8:76:34:a4:20:17:25:
         6f:aa:7d:ef:a9:1d:a7:e5:0c:cb:f2:56:18:3d:15:6a:4b:b9:
         47:75:bb:b4:d5:71:7d:1b:a4:f2:ba:8a:06:a1:8d:44:f2:d5:
         53:30:46:25:57:a7:c0:da:b5:00:cb:ae:33:59:83:40:7d:51:
         35:32:b0:8a:95:35:2c:f0:77:0f:f4:52:3f:4c:34:1c:07:8f:
         7e:a3:86:52:8c:39:a8:02:a3:65:46:03:01:12:e5:6a:04:03:
         c6:82:12:9a:22:f3:c3:d6:04:65:47:19:95:a4:4e:0f:e6:0f:
         3a:06:5b:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESRiAQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDMw
MzA4MzQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMxZDYwNTY1Yzgz
N2E3MjFhMjMxNmIzMGUxN2E4MTY3ZjcwNzg4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZE11E9rbC+snJP/JzJwqj64/2XLIr9In4oUPwsuWWhLuKu
FcI/J3MQeuxHpM43YQwDdixvcLjMbsLWig22cW3FCDKkjEri4r7SJEjswfM+gRpU
PR/3+dsFzdGNVTe76udmMVCk3VykknG4tdPLEiE1M87eWm41ofGLDRJ42qnt7Q8R
b9HOw6wKJl3y5VZeHAHYmiWHOQ2a7obCzhxLeGnIsU6GXD1ff6yjsSnmw2NF656a
FX158GW16OKehGQnfPIYMR9YCfgT0EBC7b0IENXARBLE7fESawsqN42kQT4YD2y+
GFOeShqONN7YuB6S0+9Mc9lvvW41j8TWYinP/nECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsHWBWXIN6chojFrMOF6gWf3B4gDAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
LzdCMWdWbHlEZW5JYUl4YXpEaGVvRm45d2VJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUIQDANBgkqhkiG9w0BAQsFAAOC
AQEAxuvDnncYTZuP+JQ7eVcmrJy+CCwRgygM6js3cU3ZJf2C7rCvHrMTfemdjgoP
+SdQOkbx6TABwfEVwa8L6nHwRKmc7STkDytF9RNfuJNWgfX4qavG+y5APvWt6kZk
ltVCyYDLbilveMYAfKPRTd/CfK2UgIYUaeGQwa0TMnAux1hhA5I96CSRBB+4djSk
IBclb6p976kdp+UMy/JWGD0Vaku5R3W7tNVxfRuk8rqKBqGNRPLVUzBGJVenwNq1
AMuuM1mDQH1RNTKwipU1LPB3D/RSP0w0HAePfqOGUow5qAKjZUYDARLlagQDxoIS
miLzw9YEZUcZlaROD+YPOgZb2g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org