Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/nap4fuKXjbvHlWaiF6ofnTz-Zks.roa
File:                     nap4fuKXjbvHlWaiF6ofnTz-Zks.roa (raw, json)
Hash identifier:          zsONrFoxh9Zk/D6m7BQfgHNc9/l6mzOP6ktTr5VSpa8=
Subject key identifier:   9D:AA:78:7E:E2:97:8D:BB:C7:95:66:A2:17:AA:1F:9D:3C:FE:66:4B
Certificate issuer:       /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial:       018358EF22C8D25B4E3DA034CB76E46CD06F
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/nap4fuKXjbvHlWaiF6ofnTz-Zks.roa
Signing time:             Tue 20 Sep 2022 03:26:50 +0000
ROA not before:           Tue 20 Sep 2022 03:26:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5483
IP address blocks:        79.120.198.0/24 maxlen: 24
                          79.120.200.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:58:ef:22:c8:d2:5b:4e:3d:a0:34:cb:76:e4:6c:d0:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
        Validity
            Not Before: Sep 20 03:26:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9daa787ee2978dbbc79566a217aa1f9d3cfe664b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a1:74:16:92:f4:22:16:d8:04:64:49:6e:8a:
                    02:65:d9:38:86:6a:16:49:45:bf:1b:88:da:83:7a:
                    f2:6d:18:cf:a8:ee:8e:52:82:9b:70:6d:1d:43:83:
                    87:db:5a:25:6f:dc:c7:b6:c4:30:19:92:ef:69:35:
                    2a:a5:3b:01:8f:cd:10:ed:e3:b6:8b:e2:a2:5f:55:
                    80:e9:32:f3:3a:2e:06:f3:d0:ba:45:0d:2d:2a:11:
                    9c:9b:40:04:0f:6b:97:9c:41:6f:a9:eb:be:56:dd:
                    39:39:7d:a9:30:dd:af:0c:dd:bf:61:4f:0b:3d:fe:
                    ab:4d:81:25:1a:e8:10:cb:ab:c9:51:49:0e:82:42:
                    8d:50:0f:54:32:a7:0b:26:96:d6:0e:5b:46:5b:94:
                    36:14:98:a5:90:f5:72:19:7f:04:09:5f:b4:7c:45:
                    22:e9:bd:26:44:9b:71:e2:fa:b1:d4:ee:47:a0:bf:
                    67:9d:b9:5f:c5:0c:bc:f2:b7:fd:06:fc:2e:86:ee:
                    a9:10:12:ad:4f:a8:45:61:4c:df:ce:66:d5:7a:8b:
                    00:c3:0d:27:99:dd:f4:79:64:2a:3f:64:85:de:63:
                    84:82:16:a9:e5:71:8d:a1:88:da:7b:83:25:f4:b3:
                    3c:be:06:52:48:97:91:bf:e1:5d:18:0e:30:82:08:
                    64:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AA:78:7E:E2:97:8D:BB:C7:95:66:A2:17:AA:1F:9D:3C:FE:66:4B
            X509v3 Authority Key Identifier:
                keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/nap4fuKXjbvHlWaiF6ofnTz-Zks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.120.198.0/24
                  79.120.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:82:55:c7:f2:aa:77:57:e0:c3:03:36:e3:61:59:fc:68:ee:
         fc:74:05:6f:45:6e:4c:9f:5b:11:b9:b2:40:ee:87:12:5e:fc:
         7b:ab:22:d6:e6:41:12:63:b7:14:e0:56:21:41:f0:c2:d4:87:
         6f:3c:11:7c:01:7e:a3:1a:57:ad:b2:9f:6e:e9:ad:fa:f9:52:
         15:0d:59:5f:53:5d:96:54:c1:aa:d8:b0:17:fe:fb:d2:1c:6f:
         bb:8f:e1:d7:9a:1c:63:0d:31:32:e9:01:a2:a5:45:6f:14:9b:
         3d:ef:00:bf:1f:fa:e6:c8:ba:67:04:5a:e2:36:c5:7d:96:35:
         a3:5f:5f:68:ab:84:f2:83:b5:59:6c:98:47:46:56:d4:c3:3c:
         89:b5:c1:a1:19:51:7e:95:2c:39:ee:0c:28:d5:17:07:b3:50:
         11:0b:7a:03:c6:c3:33:61:86:3f:44:66:0f:a4:51:61:cc:16:
         34:64:b8:82:7a:74:62:11:e2:63:37:4c:64:b4:c8:ae:70:9c:
         03:ee:37:ff:aa:4a:e5:94:01:22:45:22:2e:47:49:50:16:85:
         e7:a7:ba:37:31:28:3f:4e:81:32:5b:d6:ea:f1:cc:1b:ed:5c:
         4a:e9:7e:96:50:00:f6:f6:a0:24:f1:95:6e:16:e4:95:31:29:
         ad:35:65:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNY7yLI0ltOPaA0y3bkbNBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjIwOTIwMDMyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFhNzg3ZWUyOTc4ZGJiYzc5NTY2YTIxN2FhMWY5ZDNjZmU2NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6F0FpL0IhbYBGRJbooCZdk4hmoW
SUW/G4jag3rybRjPqO6OUoKbcG0dQ4OH21olb9zHtsQwGZLvaTUqpTsBj80Q7eO2
i+KiX1WA6TLzOi4G89C6RQ0tKhGcm0AED2uXnEFvqeu+Vt05OX2pMN2vDN2/YU8L
Pf6rTYElGugQy6vJUUkOgkKNUA9UMqcLJpbWDltGW5Q2FJilkPVyGX8ECV+0fEUi
6b0mRJtx4vqx1O5HoL9nnblfxQy88rf9Bvwuhu6pEBKtT6hFYUzfzmbVeosAww0n
md30eWQqP2SF3mOEghap5XGNoYjae4Ml9LM8vgZSSJeRv+FdGA4wgghkQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2qeH7il427x5VmoheqH508/mZLMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvbmFwNGZ1S1hqYnZIbFdhaUY2b2ZuVHotWmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT3jGAwQA
T3jIMA0GCSqGSIb3DQEBCwUAA4IBAQBMglXH8qp3V+DDAzbjYVn8aO78dAVvRW5M
n1sRubJA7ocSXvx7qyLW5kESY7cU4FYhQfDC1IdvPBF8AX6jGletsp9u6a36+VIV
DVlfU12WVMGq2LAX/vvSHG+7j+HXmhxjDTEy6QGipUVvFJs97wC/H/rmyLpnBFri
NsV9ljWjX19oq4Tyg7VZbJhHRlbUwzyJtcGhGVF+lSw57gwo1RcHs1ARC3oDxsMz
YYY/RGYPpFFhzBY0ZLiCenRiEeJjN0xktMiucJwD7jf/qkrllAEiRSIuR0lQFoXn
p7o3MSg/ToEyW9bq8cwb7VxK6X6WUAD29qAk8ZVuFuSVMSmtNWUk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:02 2024 by rpki-client on console-fra.rpki-client.org