Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/2e432b-ba9c-40e0-ba91-15de12543bb4/1/yINU6qEjk1rrG1ijhg-cczG5GXg.roa
File:                     yINU6qEjk1rrG1ijhg-cczG5GXg.roa (raw, json)
Hash identifier:          G3IOlv9A005I3I9qktp7MauGvEtqkAEXd/poJyDRDBM=
Subject key identifier:   C8:83:54:EA:A1:23:93:5A:EB:1B:58:A3:86:0F:9C:73:31:B9:19:78
Certificate issuer:       /CN=e783c010ee0b0739fbf91ac8d31c0dd30c4a1ea0
Certificate serial:       018316C5C4C2C4686D316599F081C2D52C1A
Authority key identifier: E7:83:C0:10:EE:0B:07:39:FB:F9:1A:C8:D3:1C:0D:D3:0C:4A:1E:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/54PAEO4LBzn7-RrI0xwN0wxKHqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/2e432b-ba9c-40e0-ba91-15de12543bb4/1/yINU6qEjk1rrG1ijhg-cczG5GXg.roa
Signing time:             Wed 07 Sep 2022 07:06:43 +0000
ROA not before:           Wed 07 Sep 2022 07:06:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        81.16.24.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:16:c5:c4:c2:c4:68:6d:31:65:99:f0:81:c2:d5:2c:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e783c010ee0b0739fbf91ac8d31c0dd30c4a1ea0
        Validity
            Not Before: Sep  7 07:06:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c88354eaa123935aeb1b58a3860f9c7331b91978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f7:a9:21:f4:79:f5:4b:08:89:41:91:9b:fe:
                    5a:3e:ae:b5:9d:31:ec:2b:28:c9:2f:d8:05:e1:40:
                    6c:95:49:3e:75:eb:4b:3a:50:fc:d0:69:db:5d:a0:
                    db:17:b0:9e:97:50:af:ef:44:aa:3e:f8:07:b5:de:
                    aa:42:7d:7f:25:30:58:a8:c1:84:cd:ab:23:5e:34:
                    d2:52:e5:26:2a:94:87:a3:07:12:ae:ea:d9:cc:f9:
                    3b:80:87:e9:86:58:6a:0f:78:e4:04:76:f4:9c:77:
                    bd:f1:f5:ac:a8:b5:fa:26:63:a9:8f:53:d6:58:01:
                    b7:c0:bd:d1:7a:08:0a:1c:33:73:5e:5f:62:51:17:
                    35:c9:d0:c6:68:43:9b:99:81:c5:e6:82:65:6e:99:
                    8d:c0:83:55:ea:30:94:78:2e:3f:cc:af:ab:16:da:
                    f6:a1:5a:f3:54:14:df:03:8c:ba:15:0a:1b:38:ba:
                    4e:c8:f5:41:d6:17:c5:bf:99:55:65:89:6b:20:a0:
                    e1:5d:e7:5d:01:2e:ef:b0:63:8c:bf:64:a6:41:47:
                    34:ae:76:d2:8e:f5:b7:04:72:b1:ef:e2:5b:27:52:
                    28:c1:73:ea:4f:51:2c:8a:27:e9:f6:01:e9:ba:18:
                    73:b5:86:c1:b0:a7:38:35:06:b7:71:42:d0:06:c3:
                    e9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:83:54:EA:A1:23:93:5A:EB:1B:58:A3:86:0F:9C:73:31:B9:19:78
            X509v3 Authority Key Identifier:
                keyid:E7:83:C0:10:EE:0B:07:39:FB:F9:1A:C8:D3:1C:0D:D3:0C:4A:1E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/54PAEO4LBzn7-RrI0xwN0wxKHqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/2e432b-ba9c-40e0-ba91-15de12543bb4/1/yINU6qEjk1rrG1ijhg-cczG5GXg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/2e432b-ba9c-40e0-ba91-15de12543bb4/1/54PAEO4LBzn7-RrI0xwN0wxKHqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.16.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:5d:be:6e:db:8a:c5:17:01:e7:89:f0:2b:a7:ea:1c:69:bb:
         3d:84:f8:29:f6:34:b3:76:77:30:24:f2:9e:26:66:5f:9e:c1:
         72:66:a2:32:9f:08:ed:3d:b1:85:b7:eb:5b:9e:df:96:9b:3f:
         40:db:e0:52:85:a5:3a:de:91:56:79:15:e8:a4:db:db:a5:e2:
         f0:f7:1d:4c:ef:b1:39:74:10:28:b1:0a:7d:73:b9:b1:af:56:
         c8:3a:85:3e:a6:b0:1f:f1:0a:14:fe:b4:95:c5:a1:14:a3:32:
         0e:f5:9e:0e:43:89:8e:93:4f:52:c2:61:e2:98:cb:be:72:8e:
         09:a3:21:43:d8:11:1c:bb:ef:9d:12:a3:95:d7:a9:7c:18:ed:
         be:1e:e7:cd:76:de:15:63:10:c3:d5:bb:4b:31:08:1f:9a:d7:
         f0:6a:84:d1:4d:ee:67:b1:bf:e7:c4:b5:9c:24:d2:1e:54:c5:
         32:58:1e:db:41:77:9d:4e:e4:f8:15:20:c4:99:58:75:13:7a:
         1a:cc:d4:96:21:09:17:03:ee:06:5c:2c:b7:b4:4b:bb:cf:08:
         ea:70:ca:1a:14:64:b7:6a:e2:6d:98:93:02:90:b3:b8:00:78:
         c2:08:9b:71:cc:5f:a3:7a:8d:9e:06:cd:49:ff:bb:5d:69:61:
         44:7c:10:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMWxcTCxGhtMWWZ8IHC1SwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ODNjMDEwZWUwYjA3MzlmYmY5MWFjOGQzMWMwZGQzMGM0
YTFlYTAwHhcNMjIwOTA3MDcwNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODgzNTRlYWExMjM5MzVhZWIxYjU4YTM4NjBmOWM3MzMxYjkxOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfepIfR59UsIiUGRm/5aPq61nTHs
KyjJL9gF4UBslUk+detLOlD80GnbXaDbF7Cel1Cv70SqPvgHtd6qQn1/JTBYqMGE
zasjXjTSUuUmKpSHowcSrurZzPk7gIfphlhqD3jkBHb0nHe98fWsqLX6JmOpj1PW
WAG3wL3ReggKHDNzXl9iURc1ydDGaEObmYHF5oJlbpmNwINV6jCUeC4/zK+rFtr2
oVrzVBTfA4y6FQobOLpOyPVB1hfFv5lVZYlrIKDhXeddAS7vsGOMv2SmQUc0rnbS
jvW3BHKx7+JbJ1IowXPqT1Esiifp9gHpuhhztYbBsKc4NQa3cULQBsPpPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiDVOqhI5Na6xtYo4YPnHMxuRl4MB8GA1UdIwQY
MBaAFOeDwBDuCwc5+/kayNMcDdMMSh6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTRQQUVPNExCem43LVJySTB4d04wd3hLSHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8yZTQzMmItYmE5Yy00MGUwLWJhOTEt
MTVkZTEyNTQzYmI0LzEveUlOVTZxRWprMXJyRzFpamhnLWNjekc1R1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8yZTQzMmItYmE5Yy00MGUwLWJhOTEtMTVkZTEyNTQzYmI0
LzEvNTRQQUVPNExCem43LVJySTB4d04wd3hLSHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURAYMA0G
CSqGSIb3DQEBCwUAA4IBAQCYXb5u24rFFwHnifArp+ocabs9hPgp9jSzdncwJPKe
JmZfnsFyZqIynwjtPbGFt+tbnt+Wmz9A2+BShaU63pFWeRXopNvbpeLw9x1M77E5
dBAosQp9c7mxr1bIOoU+prAf8QoU/rSVxaEUozIO9Z4OQ4mOk09SwmHimMu+co4J
oyFD2BEcu++dEqOV16l8GO2+HufNdt4VYxDD1btLMQgfmtfwaoTRTe5nsb/nxLWc
JNIeVMUyWB7bQXedTuT4FSDEmVh1E3oazNSWIQkXA+4GXCy3tEu7zwjqcMoaFGS3
auJtmJMCkLO4AHjCCJtxzF+jeo2eBs1J/7tdaWFEfBCu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:19 2023 by rpki-client on console-fra.rpki-client.org