Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/zxLFaGkEbzR5g7uxtFm98aFwl70.roa
File:                     zxLFaGkEbzR5g7uxtFm98aFwl70.roa (raw, json)
Hash identifier:          Bth1Cqvw6xb7CAOPYlv5E1C2ko+UHjF1b7InnkP48y4=
Subject key identifier:   CF:12:C5:68:69:04:6F:34:79:83:BB:B1:B4:59:BD:F1:A1:70:97:BD
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2B16BF2D
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/zxLFaGkEbzR5g7uxtFm98aFwl70.roa
Signing time:             Sat 01 Jan 2022 13:58:11 +0000
ROA not before:           Sat 01 Jan 2022 13:58:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205748
IP address blocks:        178.16.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 722911021 (0x2b16bf2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:58:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf12c56869046f347983bbb1b459bdf1a17097bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:61:20:24:b3:2b:32:56:d8:da:56:73:e6:66:
                    02:12:8d:50:1f:b1:c3:96:49:c8:9f:ba:ac:00:0d:
                    cf:72:83:5b:3b:06:d9:f4:22:ae:f5:72:97:2f:1e:
                    fd:ac:05:73:9d:0a:12:bd:13:fb:0c:ab:2b:61:fe:
                    c5:d9:0e:47:6c:0e:cc:b7:40:7f:31:59:9d:7b:7b:
                    f7:1f:ac:55:e8:a7:91:8a:50:5c:64:46:ae:31:05:
                    88:50:2f:85:c7:9b:a6:d9:85:0a:69:cd:13:06:9b:
                    43:4f:d5:2f:ec:fd:10:cf:3f:2e:50:a0:ca:2b:66:
                    3c:d3:52:b5:f2:d4:47:09:30:de:8a:f9:3f:59:34:
                    50:08:24:20:3c:98:25:99:4e:e9:e0:09:00:07:a1:
                    45:cc:95:98:7e:8b:d2:d2:29:be:ea:fb:f1:a9:81:
                    ec:d3:5f:1e:df:36:09:95:92:b1:97:23:e0:40:8e:
                    ee:b6:f5:9b:77:f6:51:64:ca:32:fc:32:27:ce:6a:
                    88:cd:2d:95:9e:5c:8f:2d:f4:6b:8a:c0:12:48:f4:
                    1d:90:a3:c2:d9:c1:18:0a:cb:23:47:e1:09:e0:c1:
                    18:26:cd:df:a4:14:41:79:07:9d:7d:9c:57:2b:be:
                    bc:00:0d:3e:b7:f6:5e:9f:2e:ee:c3:e5:4d:e8:0c:
                    e3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:12:C5:68:69:04:6F:34:79:83:BB:B1:B4:59:BD:F1:A1:70:97:BD
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/zxLFaGkEbzR5g7uxtFm98aFwl70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.16.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:1c:db:e6:e8:d5:f0:9c:1c:27:91:43:6a:bd:8f:2c:fe:17:
         d5:a5:ac:3f:56:0b:97:4e:de:1e:5f:03:6f:8a:37:44:31:24:
         0e:5d:23:a0:00:4d:7a:c3:be:2d:24:47:46:c9:26:d4:5d:8c:
         4d:b2:c0:8d:99:a7:96:fe:f4:93:3a:c1:28:2d:c8:28:82:6f:
         9e:b0:82:e4:fd:d1:f8:69:7a:b3:a1:ac:84:f5:43:08:25:db:
         d0:54:2e:1a:25:d4:58:8a:ba:f0:1a:e1:f9:48:32:77:0e:d6:
         34:26:12:5b:e4:53:5d:71:7c:01:d2:dc:08:3e:8e:b7:a9:ed:
         6a:12:ff:18:06:f1:38:bb:81:18:8a:0f:87:c8:00:f3:ec:fa:
         44:1b:4d:dd:20:1a:93:d1:59:61:73:91:52:ed:45:02:e5:e0:
         bc:ad:78:b8:2a:36:38:b3:96:1b:73:17:64:85:94:26:d3:a8:
         4b:e2:8e:47:4e:49:17:d4:a9:3e:7f:09:d7:17:22:8a:7f:ac:
         25:fb:77:63:ef:01:79:e7:01:ab:e4:d4:cc:65:27:37:f1:0e:
         1d:64:cd:29:71:b0:06:c5:00:45:06:f9:0c:4c:7d:63:31:14:
         3b:c1:bd:bc:4c:e2:86:ef:53:7e:0e:76:cf:26:80:07:39:ee:
         e5:92:d7:65
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKxa/LTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YxMmM1Njg2OTA0
NmYzNDc5ODNiYmIxYjQ1OWJkZjFhMTcwOTdiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1hICSzKzJW2NpWc+ZmAhKNUB+xw5ZJyJ+6rAANz3KDWzsG
2fQirvVyly8e/awFc50KEr0T+wyrK2H+xdkOR2wOzLdAfzFZnXt79x+sVeinkYpQ
XGRGrjEFiFAvhcebptmFCmnNEwabQ0/VL+z9EM8/LlCgyitmPNNStfLURwkw3or5
P1k0UAgkIDyYJZlO6eAJAAehRcyVmH6L0tIpvur78amB7NNfHt82CZWSsZcj4ECO
7rb1m3f2UWTKMvwyJ85qiM0tlZ5cjy30a4rAEkj0HZCjwtnBGArLI0fhCeDBGCbN
36QUQXkHnX2cVyu+vAANPrf2Xp8u7sPlTegM40kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPEsVoaQRvNHmDu7G0Wb3xoXCXvTAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L3p4TEZhR2tFYnpSNWc3dXh0Rm05OGFGd2w3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIQfjANBgkqhkiG9w0BAQsFAAOC
AQEAVRzb5ujV8JwcJ5FDar2PLP4X1aWsP1YLl07eHl8Db4o3RDEkDl0joABNesO+
LSRHRskm1F2MTbLAjZmnlv70kzrBKC3IKIJvnrCC5P3R+Gl6s6GshPVDCCXb0FQu
GiXUWIq68Brh+Ugydw7WNCYSW+RTXXF8AdLcCD6Ot6ntahL/GAbxOLuBGIoPh8gA
8+z6RBtN3SAak9FZYXORUu1FAuXgvK14uCo2OLOWG3MXZIWUJtOoS+KOR05JF9Sp
Pn8J1xciin+sJft3Y+8BeecBq+TUzGUnN/EOHWTNKXGwBsUARQb5DEx9YzEUO8G9
vEzihu9Tfg52zyaABznu5ZLXZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org