Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/9k6m8HqawBxjRCHpiL3je5TLtM0.roa
File:                     9k6m8HqawBxjRCHpiL3je5TLtM0.roa (raw, json)
Hash identifier:          wfpOyNSN/Zm5ELJKtjNZMiSVVr80N+5IQu6roAUUB5Q=
Subject key identifier:   F6:4E:A6:F0:7A:9A:C0:1C:63:44:21:E9:88:BD:E3:7B:94:CB:B4:CD
Certificate issuer:       /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial:       03FCB43B
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/9k6m8HqawBxjRCHpiL3je5TLtM0.roa
Signing time:             Sat 01 Jan 2022 06:00:53 +0000
ROA not before:           Sat 01 Jan 2022 06:00:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        5.183.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66892859 (0x3fcb43b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
        Validity
            Not Before: Jan  1 06:00:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f64ea6f07a9ac01c634421e988bde37b94cbb4cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4a:7a:63:0b:a8:7c:6e:ac:3d:d4:fa:f2:6d:
                    c8:0f:dd:f3:c9:b9:bb:99:46:e3:56:dd:64:66:61:
                    90:6c:3d:0d:d6:b2:ca:9a:e6:7c:fd:54:dc:7b:38:
                    fd:2c:b0:ce:0e:ef:d8:cc:89:9e:4f:90:30:95:2b:
                    23:43:4c:d2:ca:30:38:b6:1f:f5:1c:f8:40:ee:61:
                    a5:62:9f:19:c0:48:98:38:1c:8a:63:95:a5:6c:f7:
                    35:a8:c5:64:2e:cc:3e:2f:9b:80:b9:83:db:7a:64:
                    ae:89:c4:6f:1c:e3:d3:1e:8a:ad:9f:b0:1c:76:d7:
                    36:7a:ff:32:c8:86:91:76:6f:d8:b2:77:4d:ef:5c:
                    89:f9:f6:85:6c:8e:aa:a4:68:0c:c0:4a:06:97:f0:
                    97:1f:aa:1a:90:5c:3a:38:9e:b6:56:86:79:a7:11:
                    0c:50:4a:5b:79:38:52:8a:15:e1:3f:e4:69:a7:a7:
                    19:34:ae:21:ce:dc:e9:12:56:aa:70:c7:c6:9a:cf:
                    33:73:00:03:40:1b:88:92:c3:4e:75:3b:8e:09:b3:
                    48:53:a5:31:a7:37:07:c7:29:a0:70:27:2b:af:d3:
                    c4:ab:f2:5f:5c:43:18:28:74:99:81:1b:c3:60:eb:
                    54:4f:45:89:84:be:e0:48:b5:51:1c:32:40:b1:e5:
                    32:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4E:A6:F0:7A:9A:C0:1C:63:44:21:E9:88:BD:E3:7B:94:CB:B4:CD
            X509v3 Authority Key Identifier:
                keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/9k6m8HqawBxjRCHpiL3je5TLtM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:a6:93:d8:fb:be:67:b2:c6:c6:36:e1:e7:86:6a:fb:39:57:
         f7:88:8f:6d:e0:fe:69:14:e5:f4:61:21:f3:a4:ed:20:56:40:
         85:12:ec:71:bd:73:25:76:b1:fa:e1:a9:e8:e1:81:30:33:3d:
         1f:5d:5b:c5:fa:9a:00:f7:14:9e:5e:55:5d:23:41:88:a9:65:
         88:88:d2:ce:aa:b1:63:c1:a4:4f:ea:26:c6:f7:88:61:cb:e3:
         fd:4e:a7:a5:62:c4:b0:90:c5:ca:39:04:86:9e:14:83:7f:5a:
         43:ac:9f:26:73:ab:7e:5f:88:ed:77:d4:6a:4a:ce:b9:80:51:
         ca:71:95:02:7c:79:8b:62:33:c7:9e:26:61:66:9e:28:e5:24:
         a9:16:b3:ba:d9:24:59:59:33:24:0b:16:7a:93:65:c4:a3:61:
         be:b3:41:d2:2d:4e:72:7b:54:f0:55:9a:20:bd:41:6b:13:86:
         0d:ba:5b:70:03:45:f8:7d:0e:52:10:9a:0c:5b:36:e4:af:bb:
         84:b8:34:4e:fb:4e:56:a3:95:2e:af:d6:a3:0f:cb:d5:9c:a6:
         84:5c:5c:e2:87:70:be:00:8d:1b:c3:7c:63:81:40:ec:f1:76:
         52:d0:ef:6d:38:10:b1:b1:24:31:99:81:d4:9f:03:03:27:0a:
         a9:6a:e7:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/y0OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmFiNmMxMWQ0MTE2MmRiMDMwNjg1OGY4M2U1ZTY1MTIxMTMyYTZiMB4XDTIyMDEw
MTA2MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY0ZWE2ZjA3YTlh
YzAxYzYzNDQyMWU5ODhiZGUzN2I5NGNiYjRjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlKemMLqHxurD3U+vJtyA/d88m5u5lG41bdZGZhkGw9Dday
yprmfP1U3Hs4/Sywzg7v2MyJnk+QMJUrI0NM0sowOLYf9Rz4QO5hpWKfGcBImDgc
imOVpWz3NajFZC7MPi+bgLmD23pkronEbxzj0x6KrZ+wHHbXNnr/MsiGkXZv2LJ3
Te9cifn2hWyOqqRoDMBKBpfwlx+qGpBcOjietlaGeacRDFBKW3k4UooV4T/kaaen
GTSuIc7c6RJWqnDHxprPM3MAA0AbiJLDTnU7jgmzSFOlMac3B8cpoHAnK6/TxKvy
X1xDGCh0mYEbw2DrVE9FiYS+4Ei1URwyQLHlMo0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT2TqbweprAHGNEIemIveN7lMu0zTAfBgNVHSMEGDAWgBR7q2wR1BFi2wMG
hY+D5eZRIRMqazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2dHNFZFFSWXRzREJvV1BnLVhtVVNFVEttcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8x
LzlrNm04SHFhd0J4alJDSHBpTDNqZTVUTHRNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
ZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8xL2U2dHNFZFFSWXRz
REJvV1BnLVhtVVNFVEttcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW3TzANBgkqhkiG9w0BAQsFAAOC
AQEABKaT2Pu+Z7LGxjbh54Zq+zlX94iPbeD+aRTl9GEh86TtIFZAhRLscb1zJXax
+uGp6OGBMDM9H11bxfqaAPcUnl5VXSNBiKlliIjSzqqxY8GkT+omxveIYcvj/U6n
pWLEsJDFyjkEhp4Ug39aQ6yfJnOrfl+I7XfUakrOuYBRynGVAnx5i2Izx54mYWae
KOUkqRazutkkWVkzJAsWepNlxKNhvrNB0i1OcntU8FWaIL1BaxOGDbpbcANF+H0O
UhCaDFs25K+7hLg0TvtOVqOVLq/Wow/L1ZymhFxc4odwvgCNG8N8Y4FA7PF2UtDv
bTgQsbEkMZmB1J8DAycKqWrnjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:48 2024 by rpki-client on console-fra.rpki-client.org