Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/vqvVx-wndJIoPL79IX7FEoA7Szg.roa
File:                     vqvVx-wndJIoPL79IX7FEoA7Szg.roa (raw, json)
Hash identifier:          XP/X8Yk1dj/ixhvs8xYqvCxjJIDkN+6Tp2B6VzqC2Ow=
Subject key identifier:   BE:AB:D5:C7:EC:27:74:92:28:3C:BE:FD:21:7E:C5:12:80:3B:4B:38
Certificate issuer:       /CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
Certificate serial:       09D5F665
Authority key identifier: 68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/vqvVx-wndJIoPL79IX7FEoA7Szg.roa
Signing time:             Sat 01 Jan 2022 05:00:15 +0000
ROA not before:           Sat 01 Jan 2022 05:00:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57288
IP address blocks:        176.97.8.0/21 maxlen: 21
                          2001:67c:1138::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165017189 (0x9d5f665)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
        Validity
            Not Before: Jan  1 05:00:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=beabd5c7ec277492283cbefd217ec512803b4b38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0b:7f:2c:b1:68:7f:1e:87:05:11:68:d9:5f:
                    54:a3:c4:3c:8b:41:f1:40:15:cd:c5:ac:98:0e:06:
                    c9:e5:bb:0b:53:9e:34:f2:e3:db:9c:d5:d9:e0:24:
                    80:f7:97:59:23:61:a0:7a:14:28:0a:2e:a2:8c:28:
                    88:da:1e:65:23:42:c5:bd:fc:3e:a6:03:67:53:50:
                    ea:86:6c:a9:f3:f3:15:58:d2:66:b5:99:da:8e:4a:
                    74:36:9a:b2:ad:d6:fd:45:c4:1b:de:a5:57:66:ad:
                    7b:44:a3:6b:a7:fa:cf:44:7a:10:b1:ea:44:9a:43:
                    d1:01:96:4b:b5:92:c3:15:d3:99:07:7b:27:ca:bd:
                    bb:e5:3b:19:b4:ac:ef:09:ed:63:2f:2a:b3:55:b1:
                    01:d5:02:12:d9:c0:75:38:c9:9a:66:67:a5:12:bd:
                    8b:62:48:a9:e6:0c:11:42:79:55:10:db:85:de:63:
                    7d:17:18:bf:79:4b:a9:a4:a0:95:44:4a:a8:7c:35:
                    7c:f1:cd:d0:64:96:1f:56:e7:ba:09:d1:6d:53:76:
                    88:e8:79:37:b8:87:e1:02:92:0e:e3:e5:d2:f4:28:
                    12:c0:79:4d:e1:61:46:bf:5a:01:a4:f4:ce:b1:8b:
                    76:26:cf:d4:df:0b:12:38:2d:20:5e:80:41:85:d9:
                    a7:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:AB:D5:C7:EC:27:74:92:28:3C:BE:FD:21:7E:C5:12:80:3B:4B:38
            X509v3 Authority Key Identifier:
                keyid:68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/vqvVx-wndJIoPL79IX7FEoA7Szg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.8.0/21
                IPv6:
                  2001:67c:1138::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:fa:ae:e2:c9:67:5d:81:6b:45:d4:f1:79:e7:08:28:c7:7d:
         63:d5:1f:83:30:05:d2:19:65:07:21:44:e9:af:96:2d:45:ff:
         23:98:39:c8:79:d7:47:69:16:a9:65:96:c0:48:ce:93:82:e9:
         33:7e:d3:af:21:8d:a9:47:45:48:95:a7:53:c8:e1:3a:ca:4f:
         bf:e1:0a:61:b7:28:4f:a5:bf:2f:59:89:4b:70:ad:8b:36:fc:
         51:55:14:5d:25:85:49:7a:2b:81:43:c6:ab:e3:35:1a:3b:fc:
         bf:c6:ca:f2:fc:03:10:94:f0:04:a9:7e:04:fb:56:f3:8b:03:
         fe:45:cf:90:9a:f3:09:d2:7b:09:9f:78:38:e1:8a:d4:e0:5c:
         2e:58:a2:c0:39:f8:d6:e6:5c:d5:28:e7:69:82:d8:ff:04:e6:
         da:ad:68:1f:53:88:f9:c2:1d:07:fe:a2:93:48:56:3e:66:b1:
         5f:f8:bb:16:ff:b5:05:d6:2a:dc:97:cd:4f:d1:91:99:bd:15:
         96:42:31:23:88:36:57:d3:e1:fa:43:d0:ea:f9:c1:4c:8f:10:
         56:b1:99:42:0c:18:f7:66:62:07:b5:a8:ff:66:c5:23:2d:af:
         f7:71:ee:26:bf:3e:c9:24:9a:50:e8:05:fc:02:74:a9:b2:3c:
         0c:0d:be:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECdX2ZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGJmMWM1YTIxYzM4MjViOGI4NjUxNmExYTU5NzEyMWI1NGIzY2MzMB4XDTIyMDEw
MTA1MDAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVhYmQ1YzdlYzI3
NzQ5MjI4M2NiZWZkMjE3ZWM1MTI4MDNiNGIzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcLfyyxaH8ehwURaNlfVKPEPItB8UAVzcWsmA4GyeW7C1Oe
NPLj25zV2eAkgPeXWSNhoHoUKAouoowoiNoeZSNCxb38PqYDZ1NQ6oZsqfPzFVjS
ZrWZ2o5KdDaasq3W/UXEG96lV2ate0Sja6f6z0R6ELHqRJpD0QGWS7WSwxXTmQd7
J8q9u+U7GbSs7wntYy8qs1WxAdUCEtnAdTjJmmZnpRK9i2JIqeYMEUJ5VRDbhd5j
fRcYv3lLqaSglURKqHw1fPHN0GSWH1bnugnRbVN2iOh5N7iH4QKSDuPl0vQoEsB5
TeFhRr9aAaT0zrGLdibP1N8LEjgtIF6AQYXZpwMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS+q9XH7Cd0kig8vv0hfsUSgDtLODAfBgNVHSMEGDAWgBRovxxaIcOCW4uG
UWoaWXEhtUs8wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMOGNXaUhEZ2x1TGhsRnFHbGx4SWJWTFBNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvMmZjZTVlLWM5MTUtNGYwMi1hZDNhLTU1ZWI1YmI5OWU0NS8x
L3ZxdlZ4LXduZEpJb1BMNzlJWDdGRW9BN1N6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
MmZjZTVlLWM5MTUtNGYwMi1hZDNhLTU1ZWI1YmI5OWU0NS8xL2FMOGNXaUhEZ2x1
TGhsRnFHbGx4SWJWTFBNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA7BhCDAPBAIAAjAJAwcAIAEGfBE4
MA0GCSqGSIb3DQEBCwUAA4IBAQCF+q7iyWddgWtF1PF55wgox31j1R+DMAXSGWUH
IUTpr5YtRf8jmDnIeddHaRapZZbASM6TgukzftOvIY2pR0VIladTyOE6yk+/4Qph
tyhPpb8vWYlLcK2LNvxRVRRdJYVJeiuBQ8ar4zUaO/y/xsry/AMQlPAEqX4E+1bz
iwP+Rc+QmvMJ0nsJn3g44YrU4FwuWKLAOfjW5lzVKOdpgtj/BObarWgfU4j5wh0H
/qKTSFY+ZrFf+LsW/7UF1ircl81P0ZGZvRWWQjEjiDZX0+H6Q9Dq+cFMjxBWsZlC
DBj3ZmIHtaj/ZsUjLa/3ce4mvz7JJJpQ6AX8AnSpsjwMDb7q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org