Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bW1bVDzoVz6DEHvFu1perT_sYfo.roa
File:                     bW1bVDzoVz6DEHvFu1perT_sYfo.roa (raw, json)
Hash identifier:          N06umwrmy8wjk3tp75UBlB0rVIh/CSRq3GvhS4JDUcY=
Subject key identifier:   6D:6D:5B:54:3C:E8:57:3E:83:10:7B:C5:BB:5A:5E:AD:3F:EC:61:FA
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2AF4E873
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bW1bVDzoVz6DEHvFu1perT_sYfo.roa
Signing time:             Sat 01 Jan 2022 13:57:55 +0000
ROA not before:           Sat 01 Jan 2022 13:57:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56872
IP address blocks:        178.16.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 720693363 (0x2af4e873)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:57:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d6d5b543ce8573e83107bc5bb5a5ead3fec61fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e4:bd:24:b9:b1:df:80:57:b2:cb:00:78:ac:
                    7c:38:c9:f0:c9:cd:14:d9:4f:e6:07:c0:7a:09:0c:
                    eb:20:28:2e:2b:60:6d:81:bb:bc:d3:85:e5:8c:d5:
                    38:c0:a0:b7:20:34:a3:64:df:21:14:ad:6f:72:89:
                    4a:46:03:28:37:4e:6e:4a:ec:d5:18:d7:f0:c9:f5:
                    61:47:3d:cc:ce:2c:ff:51:3c:33:d6:ac:fe:50:bf:
                    0d:b2:41:21:17:1a:e3:53:08:b1:5e:1a:fd:09:10:
                    25:20:89:09:17:5f:2b:af:3f:30:e7:96:0d:3f:b3:
                    23:90:c6:f2:3b:f2:95:57:4c:37:ae:6f:9f:53:05:
                    b5:64:bb:a4:07:94:f0:3f:41:be:42:72:d6:ab:e2:
                    2f:8a:00:1c:9e:ef:49:3a:1c:93:8c:63:47:fe:b4:
                    f1:14:c4:18:50:f8:c7:e0:e2:44:93:0a:71:48:f2:
                    42:9d:77:3b:e2:79:a3:28:e4:89:22:43:36:40:b2:
                    e2:4c:5f:fc:5d:d0:c9:93:7e:5d:d5:d6:7d:66:4d:
                    ea:7c:c6:4e:74:a1:fc:77:70:c4:cf:b4:79:9b:55:
                    4a:93:5f:11:3d:fb:c3:ab:48:64:b6:c6:9a:0c:43:
                    15:00:87:1c:54:fe:90:33:b3:30:3a:7f:e3:30:66:
                    30:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:6D:5B:54:3C:E8:57:3E:83:10:7B:C5:BB:5A:5E:AD:3F:EC:61:FA
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bW1bVDzoVz6DEHvFu1perT_sYfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.16.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:24:aa:f7:e4:b9:44:49:d7:b5:e6:58:43:02:37:91:73:1a:
         ad:8b:80:c5:9b:62:a2:0e:ad:af:de:2e:53:f3:6f:da:90:ee:
         16:ab:2e:8c:eb:cf:00:cb:34:e9:59:a0:74:2b:00:23:68:73:
         9d:c4:86:08:e8:ce:9e:bb:58:54:83:68:f0:9f:f5:be:cc:43:
         8d:a3:6e:d5:d2:c3:37:05:da:64:d7:41:17:11:dd:33:5f:7e:
         81:3f:81:49:57:dc:ec:e6:3c:ff:46:ec:20:00:f9:9e:0f:a0:
         af:93:2b:27:41:f8:82:e9:5c:87:8d:4c:0b:d2:e6:4f:2a:8e:
         77:3c:9f:87:c6:ad:32:09:c9:ba:fc:1f:f0:24:ff:6c:6f:04:
         97:ba:35:99:53:8d:8a:a4:fd:90:65:ce:e0:bd:61:0d:25:77:
         21:6f:ff:d6:1f:62:ac:9f:6d:b0:20:2b:c1:01:3b:f5:b7:fa:
         9a:ba:83:7d:bd:3b:dc:8b:87:aa:5a:a4:d9:07:d0:1c:43:46:
         32:7e:df:3e:4c:62:24:84:a2:eb:23:9b:14:c0:34:fa:05:dd:
         b8:db:02:21:2a:0f:04:9d:2c:9e:b6:55:ea:80:62:f3:4e:be:
         a7:38:a3:2e:18:c2:98:6c:40:30:69:75:d3:7c:b4:23:cf:01:
         47:e1:a8:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKvToczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ2ZDViNTQzY2U4
NTczZTgzMTA3YmM1YmI1YTVlYWQzZmVjNjFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnkvSS5sd+AV7LLAHisfDjJ8MnNFNlP5gfAegkM6yAoLitg
bYG7vNOF5YzVOMCgtyA0o2TfIRStb3KJSkYDKDdObkrs1RjX8Mn1YUc9zM4s/1E8
M9as/lC/DbJBIRca41MIsV4a/QkQJSCJCRdfK68/MOeWDT+zI5DG8jvylVdMN65v
n1MFtWS7pAeU8D9BvkJy1qviL4oAHJ7vSTock4xjR/608RTEGFD4x+DiRJMKcUjy
Qp13O+J5oyjkiSJDNkCy4kxf/F3QyZN+XdXWfWZN6nzGTnSh/HdwxM+0eZtVSpNf
ET37w6tIZLbGmgxDFQCHHFT+kDOzMDp/4zBmMCECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtbVtUPOhXPoMQe8W7Wl6tP+xh+jAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L2JXMWJWRHpvVno2REVIdkZ1MXBlclRfc1lmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIQfTANBgkqhkiG9w0BAQsFAAOC
AQEAGiSq9+S5REnXteZYQwI3kXMarYuAxZtiog6tr94uU/Nv2pDuFqsujOvPAMs0
6VmgdCsAI2hzncSGCOjOnrtYVINo8J/1vsxDjaNu1dLDNwXaZNdBFxHdM19+gT+B
SVfc7OY8/0bsIAD5ng+gr5MrJ0H4gulch41MC9LmTyqOdzyfh8atMgnJuvwf8CT/
bG8El7o1mVONiqT9kGXO4L1hDSV3IW//1h9irJ9tsCArwQE79bf6mrqDfb073IuH
qlqk2QfQHENGMn7fPkxiJISi6yObFMA0+gXduNsCISoPBJ0snrZV6oBi806+pzij
LhjCmGxAMGl103y0I88BR+GoMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org