Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/j5Y1lRljeqc_F95f-3BiwX95Xes.roa
File:                     j5Y1lRljeqc_F95f-3BiwX95Xes.roa (raw, json)
Hash identifier:          h6/w2ZzJt3ZAcHNX+ZCNrh2Q+5Ej0Oc6gozy+efMito=
Subject key identifier:   8F:96:35:95:19:63:7A:A7:3F:17:DE:5F:FB:70:62:C1:7F:79:5D:EB
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       16837377
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/j5Y1lRljeqc_F95f-3BiwX95Xes.roa
Signing time:             Sat 01 Jan 2022 06:01:53 +0000
ROA not before:           Sat 01 Jan 2022 06:01:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        62.56.208.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377713527 (0x16837377)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Jan  1 06:01:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f96359519637aa73f17de5ffb7062c17f795deb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:cb:a0:dc:02:0d:c7:9a:25:54:22:25:f0:45:
                    48:6e:4a:71:4f:8a:a4:7a:2d:5e:5d:ce:ec:e1:06:
                    17:b0:71:ce:4c:bf:c0:b6:c6:30:59:3b:28:df:d8:
                    18:35:45:06:3f:93:00:19:93:ae:49:d6:04:16:99:
                    fc:cf:ba:a1:6d:fc:5c:4f:33:3c:d0:fd:58:36:80:
                    08:21:99:59:a7:e4:eb:37:9d:c9:05:d0:ca:e7:7c:
                    d2:be:d1:20:95:00:dd:ef:d0:4f:05:51:c8:19:a0:
                    c8:ea:ea:09:70:a6:43:df:42:78:7f:ec:bf:8a:12:
                    67:13:65:cf:e8:ed:69:69:81:32:73:70:26:1a:6b:
                    ca:a3:0c:9d:88:03:28:12:6b:78:74:0f:92:6d:ce:
                    4b:27:fd:c3:63:37:50:d7:55:0d:46:cd:be:c3:a0:
                    ad:51:8f:76:57:bf:27:46:f5:53:af:e7:e7:5b:c2:
                    a5:de:fb:f2:cf:a0:bb:57:20:26:49:39:3c:4c:de:
                    23:55:c8:55:e0:ce:aa:6f:85:d5:1f:9f:38:d7:29:
                    cc:84:7c:af:03:76:f0:c0:a8:22:21:0d:11:11:10:
                    99:a7:f2:05:7d:9f:03:f9:bb:c6:38:61:41:79:5f:
                    7d:92:5a:28:95:ed:6c:f8:5e:24:bf:30:3d:5e:3c:
                    39:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:96:35:95:19:63:7A:A7:3F:17:DE:5F:FB:70:62:C1:7F:79:5D:EB
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/j5Y1lRljeqc_F95f-3BiwX95Xes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.56.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0d:06:38:4e:fc:2e:47:f8:62:9f:ae:92:8b:8e:62:ee:80:57:
         38:7e:a5:2f:4f:c7:bd:2f:43:c3:8f:55:f6:21:60:c1:5a:3e:
         df:f0:dd:ba:bb:dc:62:2a:7e:b4:81:70:73:6e:37:47:a8:34:
         2b:fc:9b:d9:2d:f7:72:40:1a:1b:9e:be:6d:98:e4:7e:fe:38:
         c7:d0:87:ea:d9:99:2d:9c:63:80:0f:83:7b:a9:65:59:89:9f:
         98:e9:c1:b1:74:ea:3d:9f:3b:09:57:d7:70:66:ea:6b:0e:74:
         2d:34:3c:4f:15:6a:d1:3c:c8:3e:7c:80:59:ed:93:14:d7:6d:
         41:a1:9c:c0:22:43:a7:fb:e2:40:67:b4:2c:00:3f:82:fd:1f:
         25:c6:df:67:90:7e:6c:4e:65:7c:45:7b:eb:75:c1:d3:c6:b3:
         94:bb:f5:2d:3a:69:33:ff:52:b7:4c:bc:f6:20:6c:14:f3:6a:
         08:61:d7:a7:62:3f:10:d9:51:87:06:26:95:15:d3:12:18:41:
         f5:bb:5b:81:38:1b:78:d0:1d:7a:b9:cf:ce:4e:00:ce:1e:a0:
         24:1f:40:ac:79:10:2d:a9:33:e0:2b:b7:81:38:65:f8:c5:f8:
         e9:39:a5:8a:69:74:67:08:7d:9d:48:20:b0:74:d8:ae:5e:9a:
         2f:e4:2f:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFoNzdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MB4XDTIyMDEw
MTA2MDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY5NjM1OTUxOTYz
N2FhNzNmMTdkZTVmZmI3MDYyYzE3Zjc5NWRlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/LoNwCDceaJVQiJfBFSG5KcU+KpHotXl3O7OEGF7Bxzky/
wLbGMFk7KN/YGDVFBj+TABmTrknWBBaZ/M+6oW38XE8zPND9WDaACCGZWafk6zed
yQXQyud80r7RIJUA3e/QTwVRyBmgyOrqCXCmQ99CeH/sv4oSZxNlz+jtaWmBMnNw
JhpryqMMnYgDKBJreHQPkm3OSyf9w2M3UNdVDUbNvsOgrVGPdle/J0b1U6/n51vC
pd778s+gu1cgJkk5PEzeI1XIVeDOqm+F1R+fONcpzIR8rwN28MCoIiENEREQmafy
BX2fA/m7xjhhQXlffZJaKJXtbPheJL8wPV48OTECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPljWVGWN6pz8X3l/7cGLBf3ld6zAfBgNVHSMEGDAWgBQFUWBbZ17OTg/O
cXWuMak/qCcrpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8x
L2o1WTFsUmxqZXFjX0Y5NWYtM0Jpd1g5NVhlcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0
UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAz440DANBgkqhkiG9w0BAQsFAAOC
AQEADQY4TvwuR/hin66Si45i7oBXOH6lL0/HvS9Dw49V9iFgwVo+3/DdurvcYip+
tIFwc243R6g0K/yb2S33ckAaG56+bZjkfv44x9CH6tmZLZxjgA+De6llWYmfmOnB
sXTqPZ87CVfXcGbqaw50LTQ8TxVq0TzIPnyAWe2TFNdtQaGcwCJDp/viQGe0LAA/
gv0fJcbfZ5B+bE5lfEV763XB08azlLv1LTppM/9St0y89iBsFPNqCGHXp2I/ENlR
hwYmlRXTEhhB9btbgTgbeNAdernPzk4Azh6gJB9ArHkQLakz4Cu3gThl+MX46Tml
iml0Zwh9nUggsHTYrl6aL+QvAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org